| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox stürtzt immer wieder ab.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.10.2015, 19:16
| #1 |
 |  Firefox stürtzt immer wieder ab. Hallo, seit heute stürtzt mein Firefox immer wieder ab. Ich habe keine neuen Programme installiert, welche schädlich sein könnten. Hauptsächlich, so kommt es mir zumindest vor, passiert das wenn ich Videos angucke. Hier die Meldung die mir nach dem Absturz angezeigt wird : Code:
ATTFilter AdapterDeviceID: 0x0f00
AdapterDriverVersion: 9.18.13.3165
AdapterSubsysID: 00000000
AdapterVendorID: 0x10de
Add-ons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.2,ich%40maltegoetz.de:2.1.0
AsyncPluginInit: 0
AvailablePageFile: 14714535936
AvailablePhysicalMemory: 6445965312
AvailableVirtualMemory: 3656282112
BIOS_Manufacturer: American Megatrends Inc.
BlockedDllList:
BreakpadReserveAddress: 43122688
BreakpadReserveSize: 67108864
BuildID: 20151014143721
CrashTime: 1445278248
EMCheckCompatibility: true
FramePoisonBase: 00000000f0de0000
FramePoisonSize: 65536
InstallTime: 1445023420
Notes: AdapterVendorID: 0x10de, AdapterDeviceID: 0x0f00, AdapterSubsysID: 00000000, AdapterDriverVersion: 9.18.13.3165
D2D- D2D1.1- D2D1.1+ D2D+ DWrite- DWrite+ D3D11 Layers- D3D11 Layers+
ProductID: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
ProductName: Firefox
ReleaseChannel: release
SafeMode: 0
SecondsSinceLastCrash: 13
StartupTime: 1445278240
SystemMemoryUsePercentage: 24
TelemetryEnvironment: {"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86","buildId":"20151014143721","version":"41.0.2","vendor":"Mozilla","platformVersion":"41.0.2","xpcomAbi":"x86-msvc","hotfixVersion":"20150902.02"},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8137,"isWow64":true,"cpu":{"count":4,"vendor":null,"family":null,"model":null,"stepping":null,"extensions":["hasMMX","hasSSE","hasSSE2","hasSSE3","hasSSSE3","hasSSE4_1","hasSSE4_2"]},"os":{"name":"Windows_NT","version":"6.1","servicePackMajor":1,"servicePackMinor":0,"installYear":2013,"locale":"de-DE"},"hdd":{"profile":{"model":"ST500DM0ST500DM002-1BD14","revision":"KC45"},"binary":{"model":"ST500DM0ST500DM002-1BD14","revision":"KC45"},"system":{"model":"ST500DM0ST500DM002-1BD14","revision":"KC45"}},"gfx":{"D2DEnabled":true,"DWriteEnabled":true,"adapters":[{"description":"NVIDIA GeForce GT 630","vendorID":"0x10de","deviceID":"0x0f00","subsysID":"00000000","RAM":4095,"driver":"nvd3dumx,nvwgf2umx,nvwgf2umx nvd3dum,nvwgf2um,nvwgf2um","driverVersion":"9.18.13.3165","driverDate":"10-23-2013","GPUActive":true}],"monitors":[{"screenWidth":1920,"screenHeight":1080,"refreshRate":60,"pseudoDisplay":false}]}},"settings":{"addonCompatibilityCheckEnabled":true,"blocklistEnabled":true,"isDefaultBrowser":true,"e10sEnabled":false,"telemetryEnabled":false,"isInOptoutSample":false,"locale":"de","update":{"channel":"release","enabled":true,"autoDownload":true},"userPrefs":{"browser.cache.disk.capacity":358400,"browser.newtab.url":"<user-set>","browser.newtabpage.enhanced":true,"browser.startup.homepage":"<user-set>"}},"profile":{"creationDate":16045,"resetDate":16464},"addons":{"activeAddons":{"ich@maltegoetz.de":{"blocklisted":false,"description":"Hilft beim Entsperren von gesperrten YouTube Videos.","name":"ProxTube - Gesperrte YouTube Videos entsperren","userDisabled":false,"appDisabled":false,"version":"2.1.0","scope":1,"type":"extension","foreignInstall":false,"hasBinaryComponents":false,"installDay":16484,"updateDay":16643,"signedState":2}},"theme":{"id":"{972ce4c6-7e08-4474-a285-3208198ce6fd}","blocklisted":false,"description":"Das Standard-Theme.","name":"Standard","userDisabled":false,"appDisabled":false,"version":"41.0.2","scope":4,"foreignInstall":false,"hasBinaryComponents":false,"installDay":16462,"updateDay":16727},"activePlugins":[{"name":"Adobe Acrobat","version":"11.0.13.17","description":"Adobe PDF Plug-In For Firefox and Netscape 11.0.13","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/pdf","application/vnd.adobe.pdfxml","application/vnd.adobe.x-mars","application/vnd.fdf","application/vnd.adobe.xfdf","application/vnd.adobe.xdp+xml","application/vnd.adobe.xfd+xml"],"updateDay":16704},{"name":"AdobeAAMDetect","version":"2.0.0.0","description":"A plugin to detect whether the Adobe Creative Cloud is installed on this machine.v_2_0_0_0","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-adobeaamdetect"],"updateDay":16014},{"name":"Adobe Acrobat","version":"11.0.13.17","description":"Adobe PDF Plug-In For Firefox and Netscape 11.0.13","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/pdf","application/vnd.adobe.pdfxml","application/vnd.adobe.x-mars","application/vnd.fdf","application/vnd.adobe.xfdf","application/vnd.adobe.xdp+xml","application/vnd.adobe.xfd+xml"],"updateDay":16704},{"name":"NVIDIA 3D Vision","version":"7.17.13.3165","description":"NVIDIA 3D Vision plugin for Mozilla browsers","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["image/jps","image/pns","image/mpo"],"updateDay":16001},{"name":"NVIDIA 3D VISION","version":"7.17.13.3165","description":"NVIDIA 3D Vision Streaming plugin for Mozilla browsers","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/mozilla-3dv-streaming-plugin"],"updateDay":16001},{"name":"Nokia Suite Enabler Plugin","version":"1.0.0.1","description":"Nokia Suite Enabler Plugin","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-enabler-nokiasuite"],"updateDay":15980},{"name":"Photo Gallery","version":"16.4.3508.205","description":"NPWLPG","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-wlpg3-detect","application/x-wlpg-detect"],"updateDay":15741},{"name":"Java(TM) Platform SE 8 U45","version":"11.45.2.15","description":"Next Generation Java Plug-in 11.45.2 for Mozilla browsers","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-java-applet","application/x-java-bean","application/x-java-vm","application/x-java-applet;version=1.1.1","application/x-java-bean;version=1.1.1","application/x-java-applet;version=1.1","application/x-java-bean;version=1.1","application/x-java-applet;version=1.2","application/x-java-bean;version=1.2","application/x-java-applet;version=1.1.3","application/x-java-bean;version=1.1.3","application/x-java-applet;version=1.1.2","application/x-java-bean;version=1.1.2","application/x-java-applet;version=1.3","application/x-java-bean;version=1.3","application/x-java-applet;version=1.2.2","application/x-java-bean;version=1.2.2","application/x-java-applet;version=1.2.1","application/x-java-bean;version=1.2.1","application/x-java-applet;version=1.3.1","application/x-java-bean;version=1.3.1","application/x-java-applet;version=1.4","application/x-java-bean;version=1.4","application/x-java-applet;version=1.4.1","application/x-java-bean;version=1.4.1","application/x-java-applet;version=1.4.2","application/x-java-bean;version=1.4.2","application/x-java-applet;version=1.5","application/x-java-bean;version=1.5","application/x-java-applet;version=1.6","application/x-java-bean;version=1.6","application/x-java-applet;version=1.7","application/x-java-bean;version=1.7","application/x-java-applet;jpi-version=1.8.0_45","application/x-java-bean;jpi-version=1.8.0_45","application/x-java-vm-npruntime","application/x-java-applet;deploy=11.45.2","application/x-java-applet;javafx=8.0.45"],"updateDay":16617},{"name":"Java Deployment Toolkit 8.0.450.15","version":"11.45.2.15","description":"NPRuntime Script Plug-in Library for Java(TM) Deploy","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/java-deployment-toolkit"],"updateDay":16617},{"name":"Intel® Identity Protection Technology","version":"4.0.5.0","description":"Intel web components for Intel® Identity Protection Technology","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-vnd-intel-webapi-ipt-4.0.5"],"updateDay":15965},{"name":"Intel® Identity Protection Technology","version":"4.0.5.0","description":"Intel web components updater - Installs and updates the Intel web components","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-vnd-intel-webapi-updater"],"updateDay":15965},{"name":"Battlelog Game Launcher","version":"2.3.2.0","description":"Battlelog Game Launcher (2.3.2)","blocklisted":false,"disabled":false,"clicktoplay":true,"mimeTypes":["application/x-battlelog-game-launcher-2.3.2"],"updateDay":16030},{"name":"Shockwave Flash","version":"19.0.0.226","description":"Shockwave Flash 19.0 r0","blocklisted":false,"disabled":false,"clicktoplay":false,"mimeTypes":["application/x-shockwave-flash","application/futuresplash"],"updateDay":16727}],"activeGMPlugins":{"gmp-gmpopenh264":{"version":"1.4","userDisabled":false,"applyBackgroundUpdates":1},"gmp-eme-adobe":{"version":"13","userDisabled":false,"applyBackgroundUpdates":1}},"activeExperiment":{},"persona":null}}
Theme: classic/1.0
Throttleable: 1
TotalPageFile: 17062498304
TotalPhysicalMemory: 8532189184
TotalVirtualMemory: 4294836224
User32BeforeBlocklist: 1
Vendor: Mozilla
Version: 41.0.2
Winsock_LSP: MSAFD-Tcpip [TCP/IPv6] : 2 : 1 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [UDP/IPv6] : 2 : 2 :
MSAFD-Tcpip [RAW/IPv6] : 2 : 3 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [TCP/IP] : 2 : 1 :
MSAFD-Tcpip [UDP/IP] : 2 : 2 : %SystemRoot%\system32\mswsock.dll
MSAFD-Tcpip [RAW/IP] : 2 : 3 :
RSVP-TCPv6-Dienstanbieter : 2 : 1 : %SystemRoot%\system32\mswsock.dll
RSVP-TCP-Dienstanbieter : 2 : 1 :
RSVP-UDPv6-Dienstanbieter : 2 : 2 : %SystemRoot%\system32\mswsock.dll
RSVP-UDP-Dienstanbieter : 2 : 2 :
useragent_locale: de
Diese Meldung enthält Informationen über den Status der Anwendung zum Zeitpunkt des Absturzes.
|
|
19.10.2015, 19:48
| #2 |
| /// the machine /// TB-Ausbilder    | Firefox stürtzt immer wieder ab. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.10.2015, 19:58
| #3 |
| | Firefox stürtzt immer wieder ab.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Marian Curdt (Administrator) auf MARIANCURDTPC (19-10-2015 20:56:38)
Gestartet von C:\Users\Marian Curdt\Downloads
Geladene Profile: Marian Curdt & UpdatusUser (Verfügbare Profile: Marian Curdt & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Spotify Ltd) C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-102 103 Series"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Spotify Web Helper] => "C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\MountPoints2: {21fde83c-5e8b-11e3-8c52-d3a745ceaade} - G:\pushinst.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-05] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\p6_19_erinnerung.lnk [2014-08-24]
ShortcutTarget: p6_19_erinnerung.lnk -> C:\Program Files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2014-12-26]
ShortcutTarget: GameRanger.lnk -> C:\Users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk [2014-04-29]
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{99FC47B1-73DE-4926-AF76-90364DA1192B}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {B638535A-6140-45BE-BB4F-C5F742EEB550} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
FireFox:
========
FF ProfilePath: C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-11-05] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-19] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll [Keine Datei]
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-11-05] (Adobe Systems)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209\Extensions\ich@maltegoetz.de.xpi [2015-02-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi => nicht gefunden
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-05] (Avast Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-05] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-05] (Avast Software)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-19 20:56 - 2015-10-19 20:56 - 02196992 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64.exe
2015-10-19 19:23 - 2015-10-19 19:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 19:23 - 2015-10-19 19:23 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-19 19:23 - 2015-10-19 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-19 19:23 - 2015-10-19 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 19:23 - 2015-10-19 19:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-19 19:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-19 19:23 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-19 19:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-19 19:04 - 2015-10-19 20:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-19 19:04 - 2015-10-19 19:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-19 19:04 - 2015-10-19 19:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 19:04 - 2015-10-19 19:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-19 18:00 - 2015-10-19 18:00 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-19 18:00 - 2015-10-19 18:00 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-19 18:00 - 2015-10-19 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-19 18:00 - 2015-10-19 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-19 17:13 - 2015-10-19 17:13 - 00291152 _____ C:\Windows\Minidump\101915-175407-01.dmp
2015-10-19 17:13 - 2015-10-19 17:11 - 673173729 ____N C:\Windows\MEMORY.DMP
2015-10-19 16:21 - 2015-10-19 16:18 - 01691648 _____ C:\Users\Marian Curdt\Desktop\adwcleaner_5.014.exe
2015-10-19 16:21 - 2015-10-19 16:16 - 01801288 _____ (Malwarebytes) C:\Users\Marian Curdt\Desktop\JRT_7.6.4.exe
2015-10-19 16:09 - 2015-10-19 16:09 - 00272248 _____ C:\Windows\Minidump\101915-46722-01.dmp
2015-10-19 15:49 - 2015-10-19 15:49 - 00290432 _____ C:\Windows\Minidump\101915-62244-01.dmp
2015-10-19 15:33 - 2015-10-19 15:33 - 00003154 _____ C:\Windows\System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745}
2015-10-19 15:13 - 2015-10-19 17:13 - 00000000 ____D C:\Windows\Minidump
2015-10-19 15:13 - 2015-10-19 15:13 - 00262144 _____ C:\Windows\Minidump\101915-224173-01.dmp
2015-10-16 12:50 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-16 12:50 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-16 12:50 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 12:50 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 12:50 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-16 12:50 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-16 12:50 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 12:50 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 12:50 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 12:50 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-16 12:50 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-16 12:50 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 12:50 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-16 12:50 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 12:50 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 12:50 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 12:50 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-16 12:50 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 12:50 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-16 12:50 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-16 12:50 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-16 12:50 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 12:50 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-16 12:50 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-16 12:50 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-16 12:50 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 12:50 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 12:50 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-16 12:50 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-16 12:50 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-16 12:50 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-16 12:50 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-16 12:50 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-16 12:50 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-16 12:50 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 12:50 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-16 12:50 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-16 12:50 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-16 12:50 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 12:50 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-16 12:50 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-16 12:50 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-16 12:50 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-16 12:50 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 12:50 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-16 12:50 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-16 12:50 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-16 12:50 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 12:50 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-16 12:50 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-16 12:50 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-16 12:50 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-16 12:50 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-16 12:50 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-16 12:50 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 12:50 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-16 12:50 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-16 12:50 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-16 12:50 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-16 12:50 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-16 12:50 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-16 12:50 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-16 12:50 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-16 12:50 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-16 12:50 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-16 12:50 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-16 12:50 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-16 12:50 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-16 12:49 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-16 12:49 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-16 12:49 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-16 12:49 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-16 12:49 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-16 12:49 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-16 12:49 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-16 12:49 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-16 12:49 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-16 12:49 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-16 12:49 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-16 12:49 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-16 12:49 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-16 12:49 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-16 12:49 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-16 12:49 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-16 12:49 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-16 12:49 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-16 12:49 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-16 12:49 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-16 12:49 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-16 12:49 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-16 12:49 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-16 12:49 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-16 12:49 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-16 12:49 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-16 12:49 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-16 12:49 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-16 12:49 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-16 12:49 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-16 12:49 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-16 12:49 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-16 12:48 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-16 12:48 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-16 12:48 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-16 12:48 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-16 12:48 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-16 12:48 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-16 12:48 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-16 12:48 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-16 12:48 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-16 12:48 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-16 12:48 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-16 12:48 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-16 12:48 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-16 12:48 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-16 12:48 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-16 12:48 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-16 12:48 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-16 12:48 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-16 12:48 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-16 12:48 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-16 12:48 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-16 12:48 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-16 12:48 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-16 12:48 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-16 12:48 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-16 12:48 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-16 12:48 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-16 12:48 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-16 12:48 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-16 12:48 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-16 12:48 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-16 12:48 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-16 12:48 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-16 12:48 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-16 12:48 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-16 12:48 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-16 12:48 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 12:48 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-16 12:48 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-16 12:48 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-16 12:48 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-16 12:48 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-16 12:48 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-16 12:48 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-16 12:48 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-16 12:48 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-16 12:48 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-16 12:48 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-16 12:48 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-16 12:48 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-16 12:48 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-16 12:48 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-16 12:47 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-11 22:22 - 2015-10-11 23:19 - 176463820 _____ C:\Users\Marian Curdt\Downloads\617656578698937492645909287456453.rar
2015-10-11 19:20 - 2015-10-11 20:18 - 176462876 _____ C:\Users\Marian Curdt\Downloads\604876588769671926877511875541876.rar
2015-10-08 20:59 - 2015-10-08 21:05 - 28684799 _____ C:\Users\Marian Curdt\Downloads\ht - 1983 ep.rar
2015-10-08 20:58 - 2015-10-08 21:32 - 105447572 _____ C:\Users\Marian Curdt\Downloads\Gz255.rar
2015-09-29 16:46 - 2015-09-29 17:02 - 155336441 _____ (Bitsonic LP ) C:\Users\Marian Curdt\Downloads\Bitsonic_Keyzone_1(3).exe
2015-09-22 20:46 - 2015-09-22 20:55 - 155336441 _____ (Bitsonic LP ) C:\Users\Marian Curdt\Downloads\Bitsonic_Keyzone_1(2).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-19 20:56 - 2013-12-15 23:04 - 00020675 _____ C:\Users\Marian Curdt\Downloads\FRST.txt
2015-10-19 20:56 - 2013-11-23 13:50 - 00000000 ____D C:\FRST
2015-10-19 20:52 - 2015-07-01 09:44 - 00034962 _____ C:\Windows\setupact.log
2015-10-19 20:01 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-19 20:01 - 2009-07-14 06:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-19 19:57 - 2010-11-21 08:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-10-19 19:57 - 2010-11-21 08:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-10-19 19:57 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-19 19:53 - 2015-01-22 13:49 - 00001368 _____ C:\Windows\Tasks\TXFAZSA.job
2015-10-19 19:53 - 2015-01-22 13:48 - 00001364 _____ C:\Windows\Tasks\WJCWK.job
2015-10-19 19:53 - 2014-08-24 16:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-19 19:53 - 2014-08-24 13:22 - 00000000 ____D C:\Users\Public\Documents\phase6_19_Daten
2015-10-19 19:53 - 2013-12-21 20:33 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\LogMeIn Hamachi
2015-10-19 19:52 - 2015-07-02 12:22 - 00031954 _____ C:\Windows\PFRO.log
2015-10-19 19:52 - 2013-12-06 19:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-19 19:52 - 2013-12-06 17:24 - 01399375 _____ C:\Windows\WindowsUpdate.log
2015-10-19 19:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-19 19:19 - 2014-02-05 17:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-19 19:04 - 2013-12-06 18:34 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Adobe
2015-10-19 18:34 - 2014-04-14 19:26 - 00000000 ____D C:\AdwCleaner
2015-10-19 17:08 - 2014-11-27 21:29 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\2K Games
2015-10-19 17:08 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-19 17:07 - 2013-12-06 19:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-19 16:22 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-19 15:48 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-19 15:27 - 2014-11-14 18:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieUserList
2015-10-19 15:27 - 2014-11-14 18:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieSiteList
2015-10-19 15:27 - 2014-11-14 18:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieBrowserModeList
2015-10-19 15:14 - 2014-06-18 20:04 - 02863616 ___SH C:\Users\Marian Curdt\Desktop\Thumbs.db
2015-10-18 22:20 - 2015-02-14 15:31 - 00000000 ____D C:\Users\Marian Curdt\Desktop\Projekte
2015-10-18 20:22 - 2014-01-05 13:00 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Spotify
2015-10-18 20:22 - 2014-01-05 12:55 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Spotify
2015-10-17 19:03 - 2014-12-14 18:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 19:03 - 2014-05-06 12:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 12:51 - 2013-12-11 17:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 12:50 - 2014-12-27 13:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-12 23:48 - 2013-12-07 14:04 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\TS3Client
2015-10-09 12:15 - 2015-04-05 16:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 01:32 - 2015-04-05 16:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 12:51 - 2013-12-25 14:08 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Audacity
2015-10-07 11:50 - 2014-09-20 15:15 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Maize Sampler Player
2015-10-03 15:45 - 2013-12-29 13:43 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\LolClient
2015-10-02 15:51 - 2013-12-06 19:56 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\.minecraft
2015-09-29 17:37 - 2015-01-19 21:34 - 00000000 ____D C:\Users\Marian Curdt\Desktop\VSTs
2015-09-28 18:49 - 2015-09-10 08:42 - 00000000 ___HD C:\$Windows.~BT
2015-09-28 18:24 - 2013-12-06 17:18 - 00000000 ____D C:\Windows\Panther
2015-09-22 22:18 - 2014-01-01 15:09 - 00013312 ___SH C:\Users\Marian Curdt\Thumbs.db
2015-09-19 21:18 - 2014-04-30 21:21 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Mp3tag
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-18 22:45 - 2015-07-01 10:37 - 0000132 _____ () C:\Users\Marian Curdt\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA
2014-11-19 15:50 - 2014-11-22 13:50 - 0000130 _____ () C:\Users\Marian Curdt\AppData\Roaming\WB.CFG
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Marian Curdt\AppData\Roaming\WJCWK
2014-01-09 15:20 - 2014-01-09 15:20 - 0001456 _____ () C:\Users\Marian Curdt\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-10 16:18 - 2013-12-23 17:28 - 0004608 _____ () C:\Users\Marian Curdt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 13:50 - 2014-11-22 13:50 - 0000001 _____ () C:\Users\Marian Curdt\AppData\Local\DSI.DAT
2014-04-29 19:09 - 2014-04-29 19:09 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Marian Curdt\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Marian Curdt\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marian Curdt\AppData\Local\Temp\Quarantine.exe
C:\Users\Marian Curdt\AppData\Local\Temp\sqlite3.dll
C:\Users\Marian Curdt\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-12 12:53
==================== Ende von FRST.txt ============================
|
|
20.10.2015, 20:28
| #4 |
| /// the machine /// TB-Ausbilder | Firefox stürtzt immer wieder ab. Fehlt noch die Addition.txt  Schalte mal die Hardwarebeschleunigung in FF ab.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.10.2015, 18:07
| #5 |
| | Firefox stürtzt immer wieder ab. Die Hardwarebeschleunigung ist jetzt abgeschaltet. Habe vergessen zu erwähnen, dass auch häufig Bluescreens auftreten. Im Anhang sind 2 davon. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-10-2015
durchgeführt von Marian Curdt (2015-10-21 18:33:47)
Gestartet von C:\Users\Marian Curdt\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 15:36:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1656074084-342888944-3947257893-500 - Administrator - Disabled)
Gast (S-1-5-21-1656074084-342888944-3947257893-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1656074084-342888944-3947257893-1002 - Limited - Enabled)
Marian Curdt (S-1-5-21-1656074084-342888944-3947257893-1000 - Administrator - Enabled) => C:\Users\Marian Curdt
UpdatusUser (S-1-5-21-1656074084-342888944-3947257893-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.60.616 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.60.616 - DVDVideoSoft Ltd.)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
GameRanger (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\GameRanger) (Version: - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Update Helper (x32 Version: 70.3.29.7018 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes )
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 1510 series - Grundlegende Software für das Gerät (HKLM\...\{FD79E5D2-5CFE-49C2-9461-D011D1355696}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Hilfe (HKLM-x32\...\{23972F22-BA23-4C61-9F91-B9470E1563EB}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Key Performer 1.1 (HKLM-x32\...\{75C44648-578E-471F-9897-F01757BEB420}_is1) (Version: - GSi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\CopyTrans Suite) (Version: 3.006 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steinberg Hypersonic VSTi DXi v2.0 (HKLM-x32\...\Steinberg Hypersonic VSTi DXi_is1) (Version: - )
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Styx: Master of Shadows (HKLM-x32\...\Steam App 242640) (Version: - Cyanide Studio)
SuperWave P8 (HKLM-x32\...\{B681D0E8-6676-4AB9-846F-38CA5E0B5412}) (Version: 2.4 - SuperWave)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - Black Pants Game Studio)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-10-2015 20:59:47 avast! antivirus system restore point
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-01-30 12:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DE5228A-0A07-443E-BC5B-C318537AA76B} - System32\Tasks\WJCWK => C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe <==== ACHTUNG
Task: {1390B8FF-5F7C-4848-A7F8-C179D7DC38BB} - System32\Tasks\{E4844B58-3801-475A-AFC0-5F103AE3873B} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\GameRangerSetup.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {2D0FF3E5-9610-4597-BD79-9A12682C8D49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {40555753-9863-4C56-AEFA-22315773ABE6} - System32\Tasks\AdobeAAMUpdater-1.0-MarianCurdtPC-Marian Curdt => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {50499318-9154-4228-9404-256202C93CF7} - System32\Tasks\{15DFB77F-763F-4561-B17C-29AFD4F0185A} => pcalua.exe -a "C:\Users\Marian Curdt\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=epom2
Task: {5944F998-FF45-411D-B7FE-0EC360DBE45A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CC1C031-416E-4CE3-A4FB-756AA204C45C} - System32\Tasks\{EB994BD4-70B6-4C34-95CD-F733C201CDD8} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2\setup.exe" -d "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2"
Task: {8EF55E48-0AF7-4066-B482-7D4AE1D3BF2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19] (Adobe Systems Incorporated)
Task: {9CF2D2B6-9DAF-4255-A1CC-7CE85276EEA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {A4974F52-8C19-4E6E-81FD-68861C62CFF0} - System32\Tasks\{51C95BFA-FBA3-4117-90E4-46154531F0C2} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {B5DD572F-E56E-4692-9A91-1EFCCE155092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-19] (Avast Software s.r.o.)
Task: {BEE13837-2AF0-4607-BA40-AEA31BA81337} - System32\Tasks\{4E41F9C3-D503-49D8-B689-7949F60414AE} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\setup.exe" -d "C:\Users\Marian Curdt\Desktop"
Task: {BF9A4B4B-CFE2-4FAC-B48A-A3D319419EAC} - System32\Tasks\{75C1B7B4-7594-40DD-B866-F5A13294F4BB} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\epson374730eu.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {C0837618-74D6-4F3F-94C7-215D2736AFC5} - System32\Tasks\avastBCLRestartS-1-5-21-1656074084-342888944-3947257893-1000 => Firefox.exe
Task: {DA96A7E8-1FA1-46B1-9830-3BD2A25D31F0} - System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {E63EBBF3-C239-4BA0-8944-7388B4422164} - System32\Tasks\TXFAZSA => C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe <==== ACHTUNG
Task: {EBC9CB1D-06BD-48EF-B2AD-18892B010013} - System32\Tasks\hpUrlLauncher.exe_{5AA93921-2E13-494F-B126-FD0E1BAF48A4} => C:\Program Files\HP\HP Deskjet 1510 series\Bin\utils\hpUrlLauncher.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {EFF0757C-CA3E-4104-B0A4-51459A3BED2C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {FD80FBF7-D84D-4D8E-801F-F1490CFA830C} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\TXFAZSA.job => C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe <==== ACHTUNG
Task: C:\Windows\Tasks\WJCWK.job => C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-06 19:08 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-15 14:47 - 2013-12-22 14:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-05 16:07 - 2015-07-05 16:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-05 16:07 - 2015-07-05 16:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-21 16:39 - 2015-10-21 16:39 - 02993520 _____ () C:\Program Files\AVAST Software\Avast\defs\15102100\algo.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2015-07-05 16:07 - 2015-07-05 16:07 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-22 13:44 - 2013-09-17 04:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1D816BEF-53EE-4D07-B0C4-3A83F8A3708C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{46F4E976-4BC8-4765-97FD-04C65F8D8C3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{928DCD71-3F2F-4993-BD1B-D83F8A9A50D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF1F9B3B-6B75-45F0-9CBA-7D4A874642D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95E9BE84-F5DA-426A-9223-C5E525DE745F}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{245BD2BF-54E4-4F84-8CEA-7C87815E660A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{2B0E8CA3-4587-4E89-A087-4C16DD9F813A}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{43EEDB72-897D-41B4-B7D0-3132A210AD00}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7FDAF181-64FA-499A-95F3-1A35DCF80D52}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7891C02A-54D9-473C-98B6-E5B9DD9E5864}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{212839AF-605E-480F-8E5A-713F32EF4B3B}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{C1327AB3-9942-4CD1-848F-0C024CBCF7D8}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{8270F73D-BC3C-4C24-8EF1-A9745B3B62F3}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{23176B84-9B17-408E-959D-30E513AF4F40}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{69CF1657-2C7E-494A-B5B5-92CB8902BE31}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{3A7E5D46-0E89-42DA-92F4-7CC7A0360124}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{31021679-5FAB-48F0-B79F-4CE57686099B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC83AE3-5FD5-4AE5-8933-BD56520753F3}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{94D24698-30B8-4A54-AFAA-C985552E0EB9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{58DB2E72-7085-48CB-8110-D840A6F051A0}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{0ACB4AB7-A740-40B9-8F6A-748F02F36551}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{20CD95A0-A5FB-4E80-AE65-2B18C7A5F51C}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{C0A13CE6-71C6-45B1-ACE4-645C8DDBB8F3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C894E379-5469-48B4-AF5E-2336B73AAF83}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{6D24D669-D41C-4AC0-B398-B2E3A0A7F25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54FA0D8A-64F8-43D2-8963-8445262498F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC8A140E-FE81-4C9D-AB40-D80B659E1D33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C481A424-8B8A-465C-9CAF-02885DCB4FDE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E577F5BC-721E-4B76-89A8-F147A996EE27}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8205D911-D81D-4AED-971D-683D2AEF9CA3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{033CCEDB-784A-473E-BAC9-B31AAB2ABA7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9A47DC0B-03C4-425F-94E7-820BFF486A0B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EE8AEC30-1A08-4B01-9098-3A23AED07000}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7C648A92-04DB-49FB-AD54-C76C32FDA2FD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{C8792660-62F0-4EE1-9F59-4842AD24D825}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A42336C6-225B-44F0-B6FA-7E5F9F1341D7}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [{F86FC463-FF3F-4978-83EC-352581F54282}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{78C8FA31-8325-45F4-A463-9875C13E430E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{1E5CC172-82A7-4E7C-BF4A-9C03015E1E9C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{E4D788FF-670E-4350-B451-4CD0B4DAFF13}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{ED48E8DE-9078-43B8-8A0F-0BA35E6CFF96}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{59967CE9-5992-4319-919A-70814F6F7132}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{748E0037-2E65-4C78-AD5C-DDA29FD8F785}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6A8A2446-F74D-4CF9-8088-F58B24A53B5E}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{937C99AB-D452-4F1B-A41B-4618E91457F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73675C35-2EDD-4980-AFE3-9CAAE3165627}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{494D6604-1C81-4342-B192-531A8F1DC0DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5F583CEB-5A39-411A-A997-1FE086CD2DB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{883CD010-27A9-4E16-A4C7-EC207A9EEEBD}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{D343060B-9E01-42A0-AE40-C1FBB6D608C2}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A4F8290A-C5EB-465E-866B-A20AFF261015}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{3AA72550-D0A1-4FED-B01F-7A85B4F0128A}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{63419D90-4A52-47BA-BF7B-58F806C7F441}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BCC5DE76-5A66-422A-9319-01DB06E62689}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4AC18C21-C09D-4E0F-AF79-08E9D3CC1A72}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{5F50F704-6CBF-4906-8374-B9474176E9AB}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D5BC7076-18F9-4B31-9475-D87A881D6A6D}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0D51E53E-940D-4059-817A-6A246563B442}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{DD1499E6-861A-40C7-A069-26D86F3CF413}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5919DB62-5D3E-49DB-84E3-7B2E239A50C9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{CDF43238-CA7F-45EF-8520-B6365EF6D816}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{BEFC6D7E-931C-494D-A519-EF057DB3A255}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F953CE3A-838E-49A9-A860-F6E93B3144A1}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{14A54C94-C100-4A19-A2D6-8F3AAD45A79A}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [TCP Query User{794FC4A4-BD53-417B-A2BC-1176C8273941}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D9AC5C51-74E5-4E2B-BCB1-1B1D4E491B8A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F2941B25-E40A-4AC6-B170-DB0EF42370C5}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{4660E7AE-1022-4891-BBF9-D3F47B4EB147}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E7AB135-DC0B-4EC7-9CFB-2FF3E946F661}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7594D002-2CA3-4BCC-A1A5-4DE93504F544}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26192515-ACCB-40B7-82A4-6C505C954575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90A545B6-467E-4126-8F5E-CE80EDFDF98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{99B30758-B93A-45DE-A296-F9B3387261A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1302965F-14F4-4C2E-A128-A022894783D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A090F5C1-CFD3-40CC-AA42-82DE2829209B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{C75E8CEE-E070-4CF3-ABFF-29AF114D33BA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26495C27-D97D-4D4F-8BD3-2A901341BE23}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{977C0677-2F98-448A-8E66-7CD153A6DB97}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3E2789F8-B791-483D-A3A0-BD6C7FE9B756}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{80D5CD76-F96D-44AB-BE4D-E339591C07C4}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D6E12DC4-F4D5-46D2-8A3D-F1D9384C71E0}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CCF7FEF6-8407-469B-9B3B-1459FBA1721A}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DD595FA3-0C69-4F83-8E9B-069389EBC1A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A850D484-6333-4055-B294-B24EE5075A8E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E3AEA024-BFAC-4DD3-8219-E8E575042E44}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1495DE4C-F6D9-48FF-B834-0100B433FCBC}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{8DE4741E-5858-4ADF-ADFD-AFE805AEEEF1}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7D7F9E09-CA92-432C-8514-A55955442784}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1A5A76FA-FF87-40F9-91A7-3EF89F7FCF2C}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{23278EA9-7273-4B10-9386-9A7485FE13B9}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0769FEF1-6C9F-402D-9ECF-BDA7A3218A28}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A1D7ECE2-810D-4834-8709-7E0C2AC41755}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FA9C4A1F-0C82-4C61-A1F0-0FB419CAAC05}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{68A29AB9-EB40-438F-BCDA-751A1D76EF04}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{0050676F-48D3-46F5-BC04-929E5406D4CE}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{287A760D-ED60-4BFB-A3BA-466F00330527}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{8A7E47A7-EE72-495E-85CD-07931BE5DF92}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{408BD32C-720B-4131-9DD6-3F1EB6F429DB}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{CDAE9442-08AE-46DE-A873-C5F481D078FC}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{C0C71E7C-E79E-4574-B1B0-6C0A20D26E89}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{A9F355EF-236B-4E18-8F14-D9745E9E8A25}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{5DA5A24A-D174-477F-B410-592E57E17221}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F81F6214-2DFF-4585-B75A-5859A46CF93A}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{7DF434E6-4264-448A-BCD3-64AE0987EEA4}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1E066DBB-E084-456F-ABFB-EE7FE65FE305}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{5FF18E49-D387-44F8-995C-BDB64E22ECC6}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{CCC9FE22-D25F-46D3-B628-B851EE9DC12A}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{A521BCCD-C22C-4485-BFBE-9B6A80602699}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{1A72CCC1-4905-41A6-9975-246BF81BC9D3}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{66EDC0DD-A01B-44DF-BAF8-82708517DF9F}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{82797596-4ED2-42EF-9569-528481D86479}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{E83B7029-9A2B-429F-9B18-9E3765D54FF3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C671675F-80BF-4978-A6F6-4990880209A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3EE19951-4BDC-439B-8FC7-B86F0324E11C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{84CCFAD3-4E29-4AC0-A184-08F659EBE384}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{EFFE4B47-266B-49C1-A4B8-D66E69E55DDA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{8BB39CDA-412F-4359-9C6B-7967233422B4}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{11E398CE-6F8F-4E77-B5F1-03D22068F200}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [TCP Query User{CF8DCE53-EE58-4829-BD19-3975E9CCD0C8}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{A1E24767-730C-40D6-88BA-E42F29F33CE4}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{2C4FDB17-16F0-46F2-9961-334E9AEDE5D1}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{E938C6BF-2B2A-4279-B599-3ADC15E80E6F}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{0159CC0E-C82C-42F8-934E-FD16D3372A6E}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92D641E1-EC1B-4ADF-BB27-6EFF2674CC21}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7162A15B-E861-4C50-B15A-97A271B4FCFF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B001828-518E-4455-933D-790ACEE861F9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D716299-DAEF-4DA6-A430-295A27C59DE2}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7133ED6F-F9B1-4C45-B203-C465426B8451}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{493363DD-6CF8-4519-A453-168A5CE500B7}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{847F4F8A-1490-483E-BDCA-EA43F1D9BB4B}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{1B463BE4-60B6-4C00-9A15-BB3424D868D2}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{96BC8B7C-4C7C-40CA-8680-6A43B7BED93C}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{2F13EBDB-69D7-4A07-BAD7-9FDBCC85C962}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{99F40ACA-B58F-49F4-B37C-75653A1B6BC1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{68245D90-5667-42FE-9884-CC48CDAE9EDF}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A1064ED4-127D-40CB-AFEA-9364F1D2CBE6}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{B5B4A5E6-F1D3-450F-B248-E932180B0C2D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC5DAEF-DAAB-48F9-977A-3BAC88851583}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E4A5B40E-A90C-4AD2-BFCD-549720892193}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1B340693-1AA8-4F1E-8780-28D589F247C1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F71D7219-C84B-45AB-88F1-0F49CB8A4659}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{CC2AC901-9484-4901-8006-248B2038CA0C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{80B14BA8-215B-4990-A0A7-B676FD6C5AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{9AC197BA-60F9-478D-9154-0DDD2BBE56CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D90691D7-4A49-47CC-A824-199F22B68F74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E43EE5ED-95B7-4E25-8E2F-BE4C1EEDF67C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DBE7C794-BCC1-4EED-8E1E-3239693F196A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{74DC7F08-3010-49A1-88CD-3BAF63E05686}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{A449D246-039B-4F45-95E7-6E940439199D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{F1F5FFA0-0BD4-4837-AA16-659975F6831B}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{FA397790-7EBE-473B-86BC-8C46C1232670}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7ED7C8B2-190E-41FC-A306-85410D0492D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7664701C-7A2C-4283-9F99-EB47517C8FDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{F22B2EF8-14FF-4749-8A33-C9CDD97C6698}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9478EB9A-3E64-4F7D-8340-730E2431FAA8}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{2FF2DDD6-02AC-4860-BEA7-74DD9FA13513}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9C5CEA99-D77C-45DF-A150-39F3E5D6EFF4}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{92C2E151-6075-425E-AE90-128887C0034A}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{D96FBFF1-F3A4-4F0D-8212-D3592319258C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{293CEF85-075C-4908-A1D9-0CAA61C6A3CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{6A982A09-FB48-48FF-AC64-331365C288E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2AF51C2B-9D52-40D3-B12F-D602A4140FA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D5532742-9D90-4C37-B129-726370D31C38}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{E5180642-3A12-4F41-AFCA-20C68CBFDFCD}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{16F611FC-04DA-4ADD-984D-563C706B7180}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{D0E41D43-043D-4A53-A3FB-46D49BB0B31D}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [TCP Query User{D5430A7B-8EC2-4A42-90FE-DF6AA837054E}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{D23A02D8-019F-495C-BDDB-55C0CB12A3B0}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{966F5998-3E09-4348-BDCD-2FFD905D459A}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{13627D36-35E8-4FC1-A94D-9766C210B7B1}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{7025D146-24F9-40BC-AFD7-0BC45CA44C87}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{9FA8A2B8-23F3-4D43-A384-7C5572CB7413}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{3048C89C-B59F-4C82-91E6-079E6015B9A7}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{1F208BA0-5750-4C8B-8A7F-9E6928430C21}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{90318156-F538-4C0D-A032-F8B0053EECB0}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{D66D6121-78FD-4D1E-9116-2699815624A8}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{B5EBE6FC-CC71-4410-934F-086487BE3E22}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{A2ED3162-0E4F-4400-930C-5BD45FCE5365}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{C76D2950-4916-4FE1-A859-47B49BDA30D7}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{D8DAFE51-51AF-4AEE-AF37-3B16E5D4A6D4}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{7D3AE328-15F4-4076-BB08-352024D85824}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E028728C-F0B4-4701-B55A-664C8D6000A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{F3CDE73A-68C8-40A9-B94A-589E94B050D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{19843A57-5F3E-4B4D-8343-3BB274CE11AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{EEEAAE5D-E17D-4E05-ABBE-A439318113F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E8591027-C4A1-4596-BC2D-D440C1F56BFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E4614A52-3255-4BCD-8AA5-DE0FA9F00214}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1BA8B22B-DD79-4C90-9527-3D12785B365C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C91EFB01-8793-49A8-B6E8-DD70C2C9D9FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B5485743-8356-4D53-B613-6C9ACE9603D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{42F40773-2FAA-4FB1-A7E1-5E144C50C788}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{7209CCFF-8C51-4D98-96DC-9EB565335878}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{F5910ED7-84C1-4C2E-A581-2B19770670ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{81EE6BC8-39A3-47AE-9F16-A6E37DFEECF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{B412ABE2-DDD4-40E8-B219-581B1E0FFF3A}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{3DDB2714-A318-43F7-82D6-1F5DD9B1DBB2}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{423F0C52-3FA0-4AA8-91E1-826E61623E8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5C1F078B-8B5B-4494-A6C9-AC25F8B03F9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [TCP Query User{2E2CB623-2C94-413F-9162-B67D8E225FBD}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{E43A8F57-507C-46CA-9DFD-5B54C259FF9E}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{A14BF10A-EFCC-449A-8421-D31094114B42}] => (Allow) E:\fsetup.exe
FirewallRules: [{263AD71D-C639-47D7-ADDF-6F6AAC222459}] => (Allow) E:\fsetup.exe
FirewallRules: [{555B14A7-2C7D-4F6C-97F1-8C602E3A9542}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{14488A41-386A-4BCC-A7E1-1C2E10D70BD0}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{9587B315-072F-4385-95BC-46B08A76C38F}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C7D58D6F-0C50-41EF-88AB-9F75547C090A}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E24D77F1-BF1B-46F7-B73B-51550E769FE5}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{76A1C009-2605-41C9-B806-45D7B4E8658A}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7F5525F8-087F-4E37-905E-B4D93536EADF}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{413AC9E1-5089-41BE-BDBE-31D924F3FB9E}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{E5E278A1-22DD-4D20-9228-53A109EA611E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5209DAE4-73C0-4A0A-AA95-7E9623E443D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F4945F50-A040-4C06-850D-5283A7C4A564}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{A05CD856-F164-41CF-882B-6E6D0B751134}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{3B55DCCA-ED1A-447F-8388-0F2D4DE7C03B}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{B2B6E593-4FB5-46AF-8535-AB0E2D290192}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{6A1A5EFF-C70F-4909-91F3-3117BB0A6A8F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{0F852D05-94CB-42FE-B9EE-54913ADB4D9F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{BB0541E6-22E7-4DCA-8CA9-C10121F53AE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1F719D34-CD2B-4364-804C-03D662A5615A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4B564C96-ADDC-445E-B577-77FE0A1FADDA}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{E112FDD6-EC30-4C7C-8BE6-3232905C3674}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{91DB0DCF-9DAA-4103-B9F4-F80FC8712AD5}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{4AC3DAC3-56F7-452E-83E4-07480BC79A2C}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{F2237C95-7A01-4F51-B1E9-E07C1D819BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{7C12D419-C4CF-4905-B224-52913766F1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [TCP Query User{25CBC0CA-03DF-4522-AE5F-84300E00253A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CEF8C318-35E1-41DA-94FA-B22FB85F087C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{52B01CED-C045-44B8-81F4-6AC18A72FD31}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{64E81363-C12A-4F58-9DD8-C2351C20C09E}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{EC4DC8EB-B522-4771-B145-6AEF84FFD918}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E28F168A-9B7B-4558-99D0-D9B9DA7F9978}] => (Allow) C:\Users\Marian Curdt\AppData\Local\CrossBrowser\Application\crossbrowser.exe
FirewallRules: [{92A2EF10-70F6-4092-9523-9B6BFA0E2AFC}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{23A0D90A-E9BC-4471-8F2C-C7F60BA49E05}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{E6066999-7EF8-4845-8556-98047E4631DB}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{9B3D24CA-4734-4283-8A8A-5BAD58D70F38}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [{179B0E28-DDFB-4F19-B9E4-5025FAA629AF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{32FE816F-F21A-4B32-8B93-10F192A8269F}] => (Allow) LPort=2869
FirewallRules: [{DD5DAA96-CD21-40E2-AE56-14CCD086C604}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{83B96B26-28A1-4B39-B985-81F2142931BE}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{CBB85E63-52C3-4FA5-B3A6-ECE637569141}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{9DD77849-C080-4DBC-B294-0F6B9480B9AB}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{796EAB72-1677-407C-A299-8A07DD5A707D}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AD40C022-34CF-4539-B9F2-D8D0FE9BC8C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{209D83C9-69A0-4828-A4C4-4A87DE430894}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{788FE7A7-1CF1-4D4B-A5B5-BC6E55E4B832}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{722C18F0-4951-4873-AF36-C40C42A51FBA}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{D37FB4A9-B4B8-44E8-906C-1FFF652D75CA}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8DF642DD-0500-47AD-B3EE-A10A8FB059FC}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/21/2015 06:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/21/2015 06:30:06 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/21/2015 06:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/21/2015 06:23:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/21/2015 04:58:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/21/2015 04:58:18 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/21/2015 04:48:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_wuauserv, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x434
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_wuauserv0
Pfad der fehlerhaften Anwendung: svchost.exe_wuauserv1
Pfad des fehlerhaften Moduls: svchost.exe_wuauserv2
Berichtskennung: svchost.exe_wuauserv3
Error: (10/21/2015 04:44:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/21/2015 04:44:10 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/21/2015 04:39:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (10/21/2015 06:30:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (10/21/2015 06:29:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/21/2015 06:29:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.10.2015 um 18:27:44 unerwartet heruntergefahren.
Error: (10/21/2015 06:23:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (10/21/2015 06:23:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/21/2015 06:22:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.10.2015 um 17:01:36 unerwartet heruntergefahren.
Error: (10/21/2015 04:58:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (10/21/2015 04:58:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/21/2015 04:57:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.10.2015 um 16:56:14 unerwartet heruntergefahren.
Error: (10/21/2015 04:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
CodeIntegrity:
===================================
Date: 2015-01-30 11:58:07.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:07.048
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.984
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.921
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.858
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.827
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8136.93 MB
Verfügbarer physikalischer RAM: 6282.01 MB
Summe virtueller Speicher: 16272.07 MB
Verfügbarer virtueller Speicher: 14348.22 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:244.04 GB) (Free:37.45 GB) NTFS
Drive d: () (Fixed) (Total:221.62 GB) (Free:31.76 GB) NTFS
Drive e: (South Park: The Stick of Truth) (CDROM) (Total:4.23 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F85853A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von adan407 (21.10.2015 um 18:19 Uhr) |
|
21.10.2015, 19:40
| #6 |
| /// the machine /// TB-Ausbilder | Firefox stürtzt immer wieder ab. hi, Scan mit Combofix
__________________ --> Firefox stürtzt immer wieder ab. |
|
22.10.2015, 21:15
| #7 |
| | Firefox stürtzt immer wieder ab. Habs im abgesicherten Modus durchgeführt, da der PC sonst immer nach kurzer Zeit abgestürtzt ist. Code:
ATTFilter ComboFix 15-10-21.01 - Marian Curdt 21.10.2015 21:28:57.3.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8137.7202 [GMT 2:00]
ausgeführt von:: c:\users\Marian Curdt\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-21 bis 2015-10-21 ))))))))))))))))))))))))))))))
.
.
2015-10-21 19:37 . 2015-10-21 19:37 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp
2015-10-21 19:37 . 2015-10-21 19:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-10-21 19:37 . 2015-10-21 19:37 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-21 19:37 . 2015-10-21 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-21 19:36 . 2015-10-21 19:36 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A62FC8F-9B85-4C97-BEAE-9E49C7D1598F}\offreg.940.dll
2015-10-19 19:07 . 2015-07-05 14:07 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-19 17:23 . 2015-10-19 17:24 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-19 17:23 . 2015-10-19 17:23 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-10-19 17:23 . 2015-10-19 17:23 -------- d-----w- c:\programdata\Malwarebytes
2015-10-19 17:23 . 2015-10-05 07:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-19 17:23 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-19 17:23 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-19 17:04 . 2015-10-19 17:04 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-19 17:04 . 2015-10-19 17:04 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-19 16:00 . 2015-10-19 16:00 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-10-16 10:52 . 2015-10-16 10:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A62FC8F-9B85-4C97-BEAE-9E49C7D1598F}\offreg.1872.dll
2015-10-16 10:49 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-16 10:48 . 2015-09-29 03:11 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-16 10:47 . 2015-07-18 13:08 984448 ----a-w- c:\windows\system32\ucrtbase.dll
2015-10-16 10:44 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A62FC8F-9B85-4C97-BEAE-9E49C7D1598F}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-29 02:58 . 2015-10-16 10:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-09 18:53 . 2015-04-27 14:34 73272 ----a-w- c:\users\wow_helper.exe
2015-09-09 18:53 . 2015-04-27 14:34 45067320 ----a-w- c:\users\libcef.dll
2015-09-09 18:53 . 2015-04-27 14:34 98360 ----a-w- c:\users\SpotifyLauncher.exe
2015-09-09 18:53 . 2015-04-27 14:34 967736 ----a-w- c:\users\ffmpegsumo.dll
2015-09-09 18:53 . 2015-04-27 14:34 839224 ----a-w- c:\users\SpotifyCrashService.exe
2015-09-09 18:53 . 2015-04-27 14:34 80952 ----a-w- c:\users\libEGL.dll
2015-09-09 18:53 . 2015-04-27 14:34 3457592 ----a-w- c:\users\d3dcompiler_47.dll
2015-09-09 18:53 . 2015-04-27 14:34 2106424 ----a-w- c:\users\d3dcompiler_43.dll
2015-09-09 18:53 . 2015-04-27 14:34 2018360 ----a-w- c:\users\SpotifyWebHelper.exe
2015-09-09 18:53 . 2015-04-27 14:34 1649208 ----a-w- c:\users\libGLESv2.dll
2015-09-09 18:53 . 2015-04-27 14:34 7535672 ----a-w- c:\users\Spotify.exe
2015-09-02 03:04 . 2015-09-09 14:13 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 14:13 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 14:13 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 14:13 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 14:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 14:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 14:13 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 14:13 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 14:13 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 14:13 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 14:14 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 14:14 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 14:14 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 14:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 14:14 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 14:14 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 14:14 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 14:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-05 17:56 . 2015-09-09 14:15 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 14:15 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 14:15 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 14:15 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-08-03 10:12 . 2014-01-27 14:52 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-07-30 18:06 . 2015-08-12 11:45 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 11:45 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-12 11:45 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 11:45 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-12 11:45 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-12 17:35 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-12 17:35 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"Spotify Web Helper"="c:\users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-10-18 2030912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-05 5515496]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-02-22 292088]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-09-16 839384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-08-03 5579624]
.
c:\users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [2009-7-1 1792168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
p6_19_erinnerung.lnk - c:\program files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe [2007-2-11 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 AppObserver;Application creation observer;c:\program files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys;c:\program files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PXHLPA64
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19 17:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-05 14:07 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
uDefault_Search_URL = www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mSearch Bar = https://www.google.com/?trackid=sp-006
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = www.google.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk - (no file)
AddRemove-PunkBusterSvc - g:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1656074084-342888944-3947257893-1000\Software\SecuROM\License information*]
"datasecu"=hex:62,bb,c1,7e,54,b8,05,08,7a,a5,0e,5d,6b,5d,e1,82,8a,80,91,c8,f5,
38,9b,26,f2,d7,ad,9a,86,45,af,96,f7,4e,94,44,d7,b2,c5,b4,2b,7c,54,f6,3e,d7,\
"rkeysecu"=hex:1d,0a,9a,d4,96,72,24,2d,e4,b5,15,73,0c,93,b7,15
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-10-21 21:39:52
ComboFix-quarantined-files.txt 2015-10-21 19:39
ComboFix2.txt 2015-01-30 11:00
ComboFix3.txt 2014-04-13 19:15
ComboFix4.txt 2013-11-24 10:08
.
Vor Suchlauf: 23 Verzeichnis(se), 39.537.647.616 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 39.985.790.976 Bytes frei
.
- - End Of File - - A52BD63B6EE0ECACF2910959530AB3F0
A36C5E4F47E84449FF07ED3517B43A31
Ich kann keine Veränderung erkennen. Habs jetzt auch im normalen Modus mal geschafft das Programm durchlaufen zu lassen. Code:
ATTFilter ComboFix 15-10-21.01 - Marian Curdt 22.10.2015 21:50:51.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8137.6502 [GMT 2:00]
ausgeführt von:: c:\users\Marian Curdt\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marian Curdt\AppData\Local\Temp\NOSEventMessages.dll
c:\users\MARIAN~1\AppData\Local\Temp\NOSEventMessages.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-22 bis 2015-10-22 ))))))))))))))))))))))))))))))
.
.
2015-10-22 20:01 . 2015-10-22 20:01 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp
2015-10-22 20:01 . 2015-10-22 20:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-10-22 20:01 . 2015-10-22 20:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-22 20:01 . 2015-10-22 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-19 19:07 . 2015-07-05 14:07 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-19 17:23 . 2015-10-22 13:55 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-19 17:23 . 2015-10-19 17:23 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-10-19 17:23 . 2015-10-19 17:23 -------- d-----w- c:\programdata\Malwarebytes
2015-10-19 17:23 . 2015-10-05 07:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-19 17:23 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-19 17:23 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-19 17:04 . 2015-10-19 17:04 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-19 17:04 . 2015-10-19 17:04 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-19 16:00 . 2015-10-19 16:00 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-10-16 10:52 . 2015-10-16 10:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A62FC8F-9B85-4C97-BEAE-9E49C7D1598F}\offreg.1872.dll
2015-10-16 10:49 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-16 10:48 . 2015-09-29 03:11 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-16 10:47 . 2015-07-18 13:08 984448 ----a-w- c:\windows\system32\ucrtbase.dll
2015-10-16 10:44 . 2015-08-31 22:45 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A62FC8F-9B85-4C97-BEAE-9E49C7D1598F}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-29 02:58 . 2015-10-16 10:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-09 18:53 . 2015-04-27 14:34 73272 ----a-w- c:\users\wow_helper.exe
2015-09-09 18:53 . 2015-04-27 14:34 45067320 ----a-w- c:\users\libcef.dll
2015-09-09 18:53 . 2015-04-27 14:34 98360 ----a-w- c:\users\SpotifyLauncher.exe
2015-09-09 18:53 . 2015-04-27 14:34 967736 ----a-w- c:\users\ffmpegsumo.dll
2015-09-09 18:53 . 2015-04-27 14:34 839224 ----a-w- c:\users\SpotifyCrashService.exe
2015-09-09 18:53 . 2015-04-27 14:34 80952 ----a-w- c:\users\libEGL.dll
2015-09-09 18:53 . 2015-04-27 14:34 3457592 ----a-w- c:\users\d3dcompiler_47.dll
2015-09-09 18:53 . 2015-04-27 14:34 2106424 ----a-w- c:\users\d3dcompiler_43.dll
2015-09-09 18:53 . 2015-04-27 14:34 2018360 ----a-w- c:\users\SpotifyWebHelper.exe
2015-09-09 18:53 . 2015-04-27 14:34 1649208 ----a-w- c:\users\libGLESv2.dll
2015-09-09 18:53 . 2015-04-27 14:34 7535672 ----a-w- c:\users\Spotify.exe
2015-09-02 03:04 . 2015-09-09 14:13 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 14:13 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 14:13 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 14:13 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 14:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 14:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 14:13 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 14:13 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 14:13 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 14:13 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 14:14 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 14:14 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 14:14 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 14:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 14:14 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 14:14 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 14:14 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 14:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-05 17:56 . 2015-09-09 14:15 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 14:15 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 14:15 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 14:15 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-08-03 10:12 . 2014-01-27 14:52 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-07-30 18:06 . 2015-08-12 11:45 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 11:45 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-12 11:45 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 11:45 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-12 11:45 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-12 17:35 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-12 17:35 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"Spotify Web Helper"="c:\users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-10-18 2030912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-05 5515496]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-02-22 292088]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-09-16 839384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-08-03 5579624]
.
c:\users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [2009-7-1 1792168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
p6_19_erinnerung.lnk - c:\program files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe [2007-2-11 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AppObserver;Application creation observer;c:\program files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys;c:\program files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - IPNAT
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19 17:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-05 14:07 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
uDefault_Search_URL = www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mSearch Bar = https://www.google.com/?trackid=sp-006
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = www.google.com
FF - ProfilePath - c:\users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - g:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1656074084-342888944-3947257893-1000\Software\SecuROM\License information*]
"datasecu"=hex:62,bb,c1,7e,54,b8,05,08,7a,a5,0e,5d,6b,5d,e1,82,8a,80,91,c8,f5,
38,9b,26,f2,d7,ad,9a,86,45,af,96,f7,4e,94,44,d7,b2,c5,b4,2b,7c,54,f6,3e,d7,\
"rkeysecu"=hex:1d,0a,9a,d4,96,72,24,2d,e4,b5,15,73,0c,93,b7,15
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-10-22 22:03:16
ComboFix-quarantined-files.txt 2015-10-22 20:03
ComboFix2.txt 2015-10-21 19:39
ComboFix3.txt 2015-01-30 11:00
ComboFix4.txt 2014-04-13 19:15
ComboFix5.txt 2015-10-21 19:58
.
Vor Suchlauf: 25 Verzeichnis(se), 38.751.309.824 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 38.701.944.832 Bytes frei
.
- - End Of File - - 576984FFB5AE328CA57CC208F4CC7215
A36C5E4F47E84449FF07ED3517B43A31
|
|
23.10.2015, 19:22
| #8 |
| /// the machine /// TB-Ausbilder | Firefox stürtzt immer wieder ab. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.10.2015, 21:30
| #9 |
| | Firefox stürtzt immer wieder ab. Habe das Problem jetzt gelöst hatte irgendwas mit nem Treiber zu tun. Sollte ich die Programe trotzdem durchlaufen lassen. |
|
25.10.2015, 20:07
| #10 |
| /// the machine /// TB-Ausbilder | Firefox stürtzt immer wieder ab. Auf jeden Fall, der REchner ist verseucht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.10.2015, 19:56
| #11 |
| | Firefox stürtzt immer wieder ab.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.10.2015 Suchlaufzeit: 18:32 Protokolldatei: 1.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.27.04 Rootkit-Datenbank: v2015.10.23.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Marian Curdt Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 450205 Abgelaufene Zeit: 30 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.AdPeak, C:\Users\Marian Curdt\AppData\Roaming\Booster Web\Booster Web-Installer.exe, In Quarantäne, [d51babb03853ad89c2d139518a779c64], PUP.Optional.Breitschopp, C:\$RECYCLE.BIN\S-1-5-21-1656074084-342888944-3947257893-1000\$RAWQ7YV.exe, In Quarantäne, [1fd168f3a5e6f145f43fe807a75c2bd5], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.015 - Bericht erstellt am 27/10/2015 um 19:19:18
# Aktualisiert am 26/10/2015 von Xplode
# Datenbank : 2015-10-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Marian Curdt - MARIANCURDTPC
# Gestartet von : C:\Users\Marian Curdt\Downloads\AdwCleaner_5.015.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt - [1155 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Marian Curdt on 27.10.2015 at 19:31:26,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marian Curdt\AppData\Roaming\mozilla\firefox\profiles\q375034u.default-1422551480209\minidumps [62 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.10.2015 at 19:34:25,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Marian Curdt (Administrator) auf MARIANCURDTPC (27-10-2015 19:53:01)
Gestartet von C:\Users\Marian Curdt\Desktop
Geladene Profile: Marian Curdt & UpdatusUser (Verfügbare Profile: Marian Curdt & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Spotify Ltd) C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Marian Curdt\Desktop\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-102 103 Series"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Spotify Web Helper] => "C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\MountPoints2: {21fde83c-5e8b-11e3-8c52-d3a745ceaade} - G:\pushinst.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-05] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\p6_19_erinnerung.lnk [2014-08-24]
ShortcutTarget: p6_19_erinnerung.lnk -> C:\Program Files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2014-12-26]
ShortcutTarget: GameRanger.lnk -> C:\Users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{99FC47B1-73DE-4926-AF76-90364DA1192B}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {B638535A-6140-45BE-BB4F-C5F742EEB550} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
FireFox:
========
FF ProfilePath: C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-11-05] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-19] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll [Keine Datei]
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-11-05] (Adobe Systems)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi => nicht gefunden
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-05] (Avast Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-05] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-05] (Avast Software)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-27 19:53 - 2015-10-27 19:53 - 00020355 _____ C:\Users\Marian Curdt\Desktop\FRST.txt
2015-10-27 19:52 - 2015-10-27 19:52 - 02197504 _____ (Farbar) C:\Users\Marian Curdt\Desktop\FRST64(1).exe
2015-10-27 19:34 - 2015-10-27 19:37 - 00000869 _____ C:\Users\Marian Curdt\Desktop\JRT.txt
2015-10-27 19:30 - 2015-10-27 19:30 - 01798976 _____ (Malwarebytes) C:\Users\Marian Curdt\Desktop\JRT.exe
2015-10-27 19:29 - 2015-10-27 19:29 - 00001239 _____ C:\Users\Marian Curdt\Desktop\AdwCleaner[C10].txt
2015-10-27 19:11 - 2015-10-27 19:11 - 01694208 _____ C:\Users\Marian Curdt\Downloads\AdwCleaner_5.015.exe
2015-10-27 19:10 - 2015-10-27 19:10 - 00001483 _____ C:\Users\Marian Curdt\Desktop\1.txt
2015-10-27 18:29 - 2015-10-27 18:31 - 22908888 _____ (Malwarebytes ) C:\Users\Marian Curdt\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-26 17:19 - 2015-10-26 17:43 - 21555794 _____ C:\Users\Marian Curdt\Desktop\untitled.wav
2015-10-24 10:06 - 2015-10-24 10:07 - 00000000 ____D C:\Windows\rescache
2015-10-23 15:15 - 2015-10-23 15:16 - 13566651 _____ C:\Users\Marian Curdt\Downloads\hihat_n_cymbals_collection.rar
2015-10-23 15:15 - 2015-10-23 15:15 - 01045576 _____ C:\Users\Marian Curdt\Downloads\classic_hip-hop_drums.rar
2015-10-23 13:27 - 2015-10-23 13:27 - 00015201 _____ C:\Users\Marian Curdt\Downloads\MemTest41.zip
2015-10-22 14:37 - 2015-10-22 14:37 - 00000000 ____D C:\Users\Marian Curdt\AppData\LocalLow\Oracle
2015-10-21 20:22 - 2015-10-21 20:03 - 05637184 ____R (Swearware) C:\Users\Marian Curdt\Desktop\ComboFix.exe
2015-10-19 20:08 - 2015-10-19 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-19 20:07 - 2015-07-05 15:07 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-10-19 19:56 - 2015-10-19 19:56 - 02196992 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64.exe
2015-10-19 18:23 - 2015-10-27 19:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 18:23 - 2015-10-27 18:32 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-19 18:23 - 2015-10-27 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-19 18:23 - 2015-10-27 18:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-19 18:23 - 2015-10-19 18:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 18:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-19 18:23 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-19 18:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-19 18:04 - 2015-10-27 19:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-19 18:04 - 2015-10-19 18:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-19 18:04 - 2015-10-19 18:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 18:04 - 2015-10-19 18:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-19 17:00 - 2015-10-19 17:00 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-19 17:00 - 2015-10-19 17:00 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-19 17:00 - 2015-10-19 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-19 17:00 - 2015-10-19 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-19 16:13 - 2015-10-19 16:13 - 00291152 _____ C:\Windows\Minidump\101915-175407-01.dmp
2015-10-19 16:13 - 2015-10-19 16:11 - 673173729 ____N C:\Windows\MEMORY.DMP
2015-10-19 15:09 - 2015-10-19 15:09 - 00272248 _____ C:\Windows\Minidump\101915-46722-01.dmp
2015-10-19 14:49 - 2015-10-19 14:49 - 00290432 _____ C:\Windows\Minidump\101915-62244-01.dmp
2015-10-19 14:33 - 2015-10-19 14:33 - 00003154 _____ C:\Windows\System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745}
2015-10-19 14:13 - 2015-10-19 16:13 - 00000000 ____D C:\Windows\Minidump
2015-10-19 14:13 - 2015-10-19 14:13 - 00262144 _____ C:\Windows\Minidump\101915-224173-01.dmp
2015-10-16 11:50 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-16 11:50 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-16 11:50 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 11:50 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 11:50 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-16 11:50 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 11:50 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-16 11:50 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 11:50 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-16 11:50 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 11:50 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 11:50 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-16 11:50 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-16 11:50 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-16 11:50 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 11:50 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-16 11:50 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-16 11:50 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-16 11:50 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 11:50 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 11:50 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-16 11:50 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-16 11:50 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-16 11:50 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-16 11:50 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-16 11:50 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-16 11:50 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-16 11:50 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 11:50 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-16 11:50 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-16 11:50 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-16 11:50 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 11:50 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-16 11:50 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-16 11:50 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-16 11:50 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-16 11:50 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 11:50 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-16 11:50 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-16 11:50 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-16 11:50 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 11:50 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-16 11:50 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-16 11:50 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-16 11:50 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-16 11:50 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-16 11:50 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-16 11:50 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 11:50 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-16 11:50 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-16 11:50 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-16 11:50 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-16 11:50 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-16 11:50 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-16 11:50 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-16 11:50 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-16 11:50 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-16 11:50 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-16 11:50 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-16 11:50 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-16 11:50 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-16 11:49 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-16 11:49 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-16 11:49 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-16 11:49 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-16 11:49 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-16 11:49 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-16 11:49 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-16 11:49 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-16 11:49 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-16 11:49 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-16 11:49 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-16 11:49 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-16 11:49 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-16 11:49 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-16 11:49 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-16 11:49 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-16 11:49 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-16 11:49 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-16 11:49 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-16 11:49 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-16 11:49 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-16 11:49 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-16 11:48 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-16 11:48 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-16 11:48 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-16 11:48 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-16 11:48 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-16 11:48 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-16 11:48 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-16 11:48 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-16 11:48 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-16 11:48 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-16 11:48 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-16 11:48 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-16 11:48 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-16 11:48 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-16 11:48 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-16 11:48 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-16 11:48 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-16 11:48 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-16 11:48 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-16 11:48 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-16 11:48 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-16 11:48 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-16 11:48 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-16 11:48 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-16 11:48 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-16 11:48 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-16 11:48 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-16 11:48 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-11 21:22 - 2015-10-11 22:19 - 176463820 _____ C:\Users\Marian Curdt\Downloads\617656578698937492645909287456453.rar
2015-10-11 18:20 - 2015-10-11 19:18 - 176462876 _____ C:\Users\Marian Curdt\Downloads\604876588769671926877511875541876.rar
2015-10-08 19:59 - 2015-10-08 20:05 - 28684799 _____ C:\Users\Marian Curdt\Downloads\ht - 1983 ep.rar
2015-10-08 19:58 - 2015-10-08 20:32 - 105447572 _____ C:\Users\Marian Curdt\Downloads\Gz255.rar
2015-09-29 15:46 - 2015-09-29 16:02 - 155336441 _____ (Bitsonic LP ) C:\Users\Marian Curdt\Downloads\Bitsonic_Keyzone_1(3).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-27 19:53 - 2013-11-23 12:50 - 00000000 ____D C:\FRST
2015-10-27 19:51 - 2013-12-06 16:24 - 02072546 _____ C:\Windows\WindowsUpdate.log
2015-10-27 19:51 - 2010-11-21 07:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-10-27 19:51 - 2010-11-21 07:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-10-27 19:51 - 2009-07-14 06:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-27 19:46 - 2013-12-21 19:33 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\LogMeIn Hamachi
2015-10-27 19:45 - 2015-07-01 08:44 - 00040282 _____ C:\Windows\setupact.log
2015-10-27 19:45 - 2014-08-24 15:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-27 19:45 - 2014-08-24 12:22 - 00000000 ____D C:\Users\Public\Documents\phase6_19_Daten
2015-10-27 19:45 - 2013-12-06 18:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-27 19:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-27 19:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-27 19:30 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-27 19:20 - 2015-07-02 11:22 - 00035554 _____ C:\Windows\PFRO.log
2015-10-27 19:19 - 2014-04-14 18:26 - 00000000 ____D C:\AdwCleaner
2015-10-27 16:50 - 2013-12-06 17:34 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Adobe
2015-10-25 08:56 - 2013-12-25 13:08 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Audacity
2015-10-24 18:51 - 2013-12-07 13:04 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\TS3Client
2015-10-24 12:23 - 2014-06-18 19:04 - 02870272 ___SH C:\Users\Marian Curdt\Desktop\Thumbs.db
2015-10-24 12:03 - 2013-12-06 18:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-24 10:49 - 2015-03-07 13:14 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Steam
2015-10-23 13:36 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-22 21:03 - 2014-04-13 20:07 - 00000000 ____D C:\Qoobox
2015-10-22 21:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-22 14:38 - 2014-04-15 10:19 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 20:39 - 2015-04-27 15:34 - 00000000 ____D C:\Users\locales
2015-10-21 20:09 - 2014-02-05 16:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-21 17:51 - 2014-10-28 17:41 - 00000000 ____D C:\ProgramData\PC Suite
2015-10-19 20:08 - 2015-01-22 16:29 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-19 19:57 - 2013-12-15 22:04 - 00063833 _____ C:\Users\Marian Curdt\Downloads\FRST.txt
2015-10-19 16:08 - 2014-11-27 20:29 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\2K Games
2015-10-19 16:08 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-19 15:22 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieUserList
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieSiteList
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieBrowserModeList
2015-10-18 21:20 - 2015-02-14 14:31 - 00000000 ____D C:\Users\Marian Curdt\Desktop\Projekte
2015-10-18 19:22 - 2014-01-05 12:00 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Spotify
2015-10-18 19:22 - 2014-01-05 11:55 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Spotify
2015-10-17 18:03 - 2014-12-14 17:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 18:03 - 2014-05-06 11:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 11:51 - 2013-12-11 16:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 11:50 - 2014-12-27 12:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-09 11:15 - 2015-04-05 15:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 00:32 - 2015-04-05 15:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 10:50 - 2014-09-20 14:15 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Maize Sampler Player
2015-10-03 14:45 - 2013-12-29 12:43 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\LolClient
2015-10-02 14:51 - 2013-12-06 18:56 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\.minecraft
2015-09-29 16:37 - 2015-01-19 20:34 - 00000000 ____D C:\Users\Marian Curdt\Desktop\VSTs
2015-09-28 17:49 - 2015-09-10 07:42 - 00000000 ____D C:\$Windows.~BT
2015-09-28 17:24 - 2013-12-06 16:18 - 00000000 ____D C:\Windows\Panther
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-18 21:45 - 2015-07-01 09:37 - 0000132 _____ () C:\Users\Marian Curdt\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA
2014-11-19 14:50 - 2014-11-22 12:50 - 0000130 _____ () C:\Users\Marian Curdt\AppData\Roaming\WB.CFG
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Marian Curdt\AppData\Roaming\WJCWK
2014-01-09 14:20 - 2014-01-09 14:20 - 0001456 _____ () C:\Users\Marian Curdt\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-10 15:18 - 2013-12-23 16:28 - 0004608 _____ () C:\Users\Marian Curdt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 12:50 - 2014-11-22 12:50 - 0000001 _____ () C:\Users\Marian Curdt\AppData\Local\DSI.DAT
2014-04-29 18:09 - 2014-04-29 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Marian Curdt\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marian Curdt\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-24 10:00
==================== Ende von FRST.txt ============================
|
|
27.10.2015, 19:57
| #12 |
| | Firefox stürtzt immer wieder ab.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Marian Curdt (2015-10-27 19:53:51)
Gestartet von C:\Users\Marian Curdt\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 15:36:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1656074084-342888944-3947257893-500 - Administrator - Disabled)
Gast (S-1-5-21-1656074084-342888944-3947257893-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1656074084-342888944-3947257893-1002 - Limited - Enabled)
Marian Curdt (S-1-5-21-1656074084-342888944-3947257893-1000 - Administrator - Enabled) => C:\Users\Marian Curdt
UpdatusUser (S-1-5-21-1656074084-342888944-3947257893-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.60.616 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.60.616 - DVDVideoSoft Ltd.)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
GameRanger (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\GameRanger) (Version: - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Update Helper (x32 Version: 70.3.29.7018 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes )
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 1510 series - Grundlegende Software für das Gerät (HKLM\...\{FD79E5D2-5CFE-49C2-9461-D011D1355696}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Hilfe (HKLM-x32\...\{23972F22-BA23-4C61-9F91-B9470E1563EB}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Key Performer 1.1 (HKLM-x32\...\{75C44648-578E-471F-9897-F01757BEB420}_is1) (Version: - GSi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\CopyTrans Suite) (Version: 3.006 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steinberg Hypersonic VSTi DXi v2.0 (HKLM-x32\...\Steinberg Hypersonic VSTi DXi_is1) (Version: - )
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Styx: Master of Shadows (HKLM-x32\...\Steam App 242640) (Version: - Cyanide Studio)
SuperWave P8 (HKLM-x32\...\{B681D0E8-6676-4AB9-846F-38CA5E0B5412}) (Version: 2.4 - SuperWave)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - Black Pants Game Studio)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-10-2015 19:59:47 avast! antivirus system restore point
21-10-2015 20:11:45 ComboFix created restore point
22-10-2015 14:47:01 JRT Pre-Junkware Removal
23-10-2015 14:10:21 Windows Update
27-10-2015 16:46:25 Windows Update
27-10-2015 19:31:31 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-10-22 21:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DE5228A-0A07-443E-BC5B-C318537AA76B} - System32\Tasks\WJCWK => C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe <==== ACHTUNG
Task: {1390B8FF-5F7C-4848-A7F8-C179D7DC38BB} - System32\Tasks\{E4844B58-3801-475A-AFC0-5F103AE3873B} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\GameRangerSetup.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {2D0FF3E5-9610-4597-BD79-9A12682C8D49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {40555753-9863-4C56-AEFA-22315773ABE6} - System32\Tasks\AdobeAAMUpdater-1.0-MarianCurdtPC-Marian Curdt => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {50499318-9154-4228-9404-256202C93CF7} - System32\Tasks\{15DFB77F-763F-4561-B17C-29AFD4F0185A} => pcalua.exe -a "C:\Users\Marian Curdt\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=epom2
Task: {5944F998-FF45-411D-B7FE-0EC360DBE45A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CC1C031-416E-4CE3-A4FB-756AA204C45C} - System32\Tasks\{EB994BD4-70B6-4C34-95CD-F733C201CDD8} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2\setup.exe" -d "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2"
Task: {8EF55E48-0AF7-4066-B482-7D4AE1D3BF2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19] (Adobe Systems Incorporated)
Task: {9CF2D2B6-9DAF-4255-A1CC-7CE85276EEA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {A4974F52-8C19-4E6E-81FD-68861C62CFF0} - System32\Tasks\{51C95BFA-FBA3-4117-90E4-46154531F0C2} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {B5DD572F-E56E-4692-9A91-1EFCCE155092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-19] (Avast Software s.r.o.)
Task: {BEE13837-2AF0-4607-BA40-AEA31BA81337} - System32\Tasks\{4E41F9C3-D503-49D8-B689-7949F60414AE} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\setup.exe" -d "C:\Users\Marian Curdt\Desktop"
Task: {BF9A4B4B-CFE2-4FAC-B48A-A3D319419EAC} - System32\Tasks\{75C1B7B4-7594-40DD-B866-F5A13294F4BB} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\epson374730eu.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {C0837618-74D6-4F3F-94C7-215D2736AFC5} - System32\Tasks\avastBCLRestartS-1-5-21-1656074084-342888944-3947257893-1000 => Firefox.exe
Task: {DA96A7E8-1FA1-46B1-9830-3BD2A25D31F0} - System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {E63EBBF3-C239-4BA0-8944-7388B4422164} - System32\Tasks\TXFAZSA => C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe <==== ACHTUNG
Task: {EBC9CB1D-06BD-48EF-B2AD-18892B010013} - System32\Tasks\hpUrlLauncher.exe_{5AA93921-2E13-494F-B126-FD0E1BAF48A4} => C:\Program Files\HP\HP Deskjet 1510 series\Bin\utils\hpUrlLauncher.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {FD80FBF7-D84D-4D8E-801F-F1490CFA830C} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-06 18:08 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-15 13:47 - 2013-12-22 13:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-05 15:07 - 2015-07-05 15:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-05 15:07 - 2015-07-05 15:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-27 18:34 - 2015-10-27 18:34 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102701\algo.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2015-07-05 15:07 - 2015-07-05 15:07 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-22 12:44 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1D816BEF-53EE-4D07-B0C4-3A83F8A3708C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{46F4E976-4BC8-4765-97FD-04C65F8D8C3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{928DCD71-3F2F-4993-BD1B-D83F8A9A50D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF1F9B3B-6B75-45F0-9CBA-7D4A874642D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95E9BE84-F5DA-426A-9223-C5E525DE745F}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{245BD2BF-54E4-4F84-8CEA-7C87815E660A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{2B0E8CA3-4587-4E89-A087-4C16DD9F813A}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{43EEDB72-897D-41B4-B7D0-3132A210AD00}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7FDAF181-64FA-499A-95F3-1A35DCF80D52}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7891C02A-54D9-473C-98B6-E5B9DD9E5864}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{212839AF-605E-480F-8E5A-713F32EF4B3B}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{C1327AB3-9942-4CD1-848F-0C024CBCF7D8}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{8270F73D-BC3C-4C24-8EF1-A9745B3B62F3}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{23176B84-9B17-408E-959D-30E513AF4F40}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{69CF1657-2C7E-494A-B5B5-92CB8902BE31}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{3A7E5D46-0E89-42DA-92F4-7CC7A0360124}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{31021679-5FAB-48F0-B79F-4CE57686099B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC83AE3-5FD5-4AE5-8933-BD56520753F3}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{94D24698-30B8-4A54-AFAA-C985552E0EB9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{58DB2E72-7085-48CB-8110-D840A6F051A0}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{0ACB4AB7-A740-40B9-8F6A-748F02F36551}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{20CD95A0-A5FB-4E80-AE65-2B18C7A5F51C}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{C0A13CE6-71C6-45B1-ACE4-645C8DDBB8F3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C894E379-5469-48B4-AF5E-2336B73AAF83}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{6D24D669-D41C-4AC0-B398-B2E3A0A7F25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54FA0D8A-64F8-43D2-8963-8445262498F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC8A140E-FE81-4C9D-AB40-D80B659E1D33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C481A424-8B8A-465C-9CAF-02885DCB4FDE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E577F5BC-721E-4B76-89A8-F147A996EE27}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8205D911-D81D-4AED-971D-683D2AEF9CA3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{033CCEDB-784A-473E-BAC9-B31AAB2ABA7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9A47DC0B-03C4-425F-94E7-820BFF486A0B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EE8AEC30-1A08-4B01-9098-3A23AED07000}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7C648A92-04DB-49FB-AD54-C76C32FDA2FD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{C8792660-62F0-4EE1-9F59-4842AD24D825}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A42336C6-225B-44F0-B6FA-7E5F9F1341D7}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [{F86FC463-FF3F-4978-83EC-352581F54282}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{78C8FA31-8325-45F4-A463-9875C13E430E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{1E5CC172-82A7-4E7C-BF4A-9C03015E1E9C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{E4D788FF-670E-4350-B451-4CD0B4DAFF13}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{ED48E8DE-9078-43B8-8A0F-0BA35E6CFF96}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{59967CE9-5992-4319-919A-70814F6F7132}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{748E0037-2E65-4C78-AD5C-DDA29FD8F785}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6A8A2446-F74D-4CF9-8088-F58B24A53B5E}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{937C99AB-D452-4F1B-A41B-4618E91457F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73675C35-2EDD-4980-AFE3-9CAAE3165627}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{494D6604-1C81-4342-B192-531A8F1DC0DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5F583CEB-5A39-411A-A997-1FE086CD2DB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{883CD010-27A9-4E16-A4C7-EC207A9EEEBD}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{D343060B-9E01-42A0-AE40-C1FBB6D608C2}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A4F8290A-C5EB-465E-866B-A20AFF261015}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{3AA72550-D0A1-4FED-B01F-7A85B4F0128A}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{63419D90-4A52-47BA-BF7B-58F806C7F441}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BCC5DE76-5A66-422A-9319-01DB06E62689}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4AC18C21-C09D-4E0F-AF79-08E9D3CC1A72}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{5F50F704-6CBF-4906-8374-B9474176E9AB}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D5BC7076-18F9-4B31-9475-D87A881D6A6D}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0D51E53E-940D-4059-817A-6A246563B442}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{DD1499E6-861A-40C7-A069-26D86F3CF413}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5919DB62-5D3E-49DB-84E3-7B2E239A50C9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{CDF43238-CA7F-45EF-8520-B6365EF6D816}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{BEFC6D7E-931C-494D-A519-EF057DB3A255}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F953CE3A-838E-49A9-A860-F6E93B3144A1}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{14A54C94-C100-4A19-A2D6-8F3AAD45A79A}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [TCP Query User{794FC4A4-BD53-417B-A2BC-1176C8273941}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D9AC5C51-74E5-4E2B-BCB1-1B1D4E491B8A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F2941B25-E40A-4AC6-B170-DB0EF42370C5}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{4660E7AE-1022-4891-BBF9-D3F47B4EB147}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E7AB135-DC0B-4EC7-9CFB-2FF3E946F661}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7594D002-2CA3-4BCC-A1A5-4DE93504F544}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26192515-ACCB-40B7-82A4-6C505C954575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90A545B6-467E-4126-8F5E-CE80EDFDF98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{99B30758-B93A-45DE-A296-F9B3387261A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1302965F-14F4-4C2E-A128-A022894783D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A090F5C1-CFD3-40CC-AA42-82DE2829209B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{C75E8CEE-E070-4CF3-ABFF-29AF114D33BA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26495C27-D97D-4D4F-8BD3-2A901341BE23}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{977C0677-2F98-448A-8E66-7CD153A6DB97}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3E2789F8-B791-483D-A3A0-BD6C7FE9B756}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{80D5CD76-F96D-44AB-BE4D-E339591C07C4}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D6E12DC4-F4D5-46D2-8A3D-F1D9384C71E0}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CCF7FEF6-8407-469B-9B3B-1459FBA1721A}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DD595FA3-0C69-4F83-8E9B-069389EBC1A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A850D484-6333-4055-B294-B24EE5075A8E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E3AEA024-BFAC-4DD3-8219-E8E575042E44}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1495DE4C-F6D9-48FF-B834-0100B433FCBC}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{8DE4741E-5858-4ADF-ADFD-AFE805AEEEF1}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7D7F9E09-CA92-432C-8514-A55955442784}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1A5A76FA-FF87-40F9-91A7-3EF89F7FCF2C}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{23278EA9-7273-4B10-9386-9A7485FE13B9}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0769FEF1-6C9F-402D-9ECF-BDA7A3218A28}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A1D7ECE2-810D-4834-8709-7E0C2AC41755}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FA9C4A1F-0C82-4C61-A1F0-0FB419CAAC05}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{68A29AB9-EB40-438F-BCDA-751A1D76EF04}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{0050676F-48D3-46F5-BC04-929E5406D4CE}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{287A760D-ED60-4BFB-A3BA-466F00330527}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{8A7E47A7-EE72-495E-85CD-07931BE5DF92}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{408BD32C-720B-4131-9DD6-3F1EB6F429DB}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{CDAE9442-08AE-46DE-A873-C5F481D078FC}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{C0C71E7C-E79E-4574-B1B0-6C0A20D26E89}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{A9F355EF-236B-4E18-8F14-D9745E9E8A25}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{5DA5A24A-D174-477F-B410-592E57E17221}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F81F6214-2DFF-4585-B75A-5859A46CF93A}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{7DF434E6-4264-448A-BCD3-64AE0987EEA4}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1E066DBB-E084-456F-ABFB-EE7FE65FE305}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{5FF18E49-D387-44F8-995C-BDB64E22ECC6}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{CCC9FE22-D25F-46D3-B628-B851EE9DC12A}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{A521BCCD-C22C-4485-BFBE-9B6A80602699}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{1A72CCC1-4905-41A6-9975-246BF81BC9D3}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{66EDC0DD-A01B-44DF-BAF8-82708517DF9F}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{82797596-4ED2-42EF-9569-528481D86479}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{E83B7029-9A2B-429F-9B18-9E3765D54FF3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C671675F-80BF-4978-A6F6-4990880209A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3EE19951-4BDC-439B-8FC7-B86F0324E11C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{84CCFAD3-4E29-4AC0-A184-08F659EBE384}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{EFFE4B47-266B-49C1-A4B8-D66E69E55DDA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{8BB39CDA-412F-4359-9C6B-7967233422B4}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{11E398CE-6F8F-4E77-B5F1-03D22068F200}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [TCP Query User{CF8DCE53-EE58-4829-BD19-3975E9CCD0C8}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{A1E24767-730C-40D6-88BA-E42F29F33CE4}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{2C4FDB17-16F0-46F2-9961-334E9AEDE5D1}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{E938C6BF-2B2A-4279-B599-3ADC15E80E6F}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{0159CC0E-C82C-42F8-934E-FD16D3372A6E}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92D641E1-EC1B-4ADF-BB27-6EFF2674CC21}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7162A15B-E861-4C50-B15A-97A271B4FCFF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B001828-518E-4455-933D-790ACEE861F9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D716299-DAEF-4DA6-A430-295A27C59DE2}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7133ED6F-F9B1-4C45-B203-C465426B8451}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{493363DD-6CF8-4519-A453-168A5CE500B7}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{847F4F8A-1490-483E-BDCA-EA43F1D9BB4B}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{1B463BE4-60B6-4C00-9A15-BB3424D868D2}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{96BC8B7C-4C7C-40CA-8680-6A43B7BED93C}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{2F13EBDB-69D7-4A07-BAD7-9FDBCC85C962}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{99F40ACA-B58F-49F4-B37C-75653A1B6BC1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{68245D90-5667-42FE-9884-CC48CDAE9EDF}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A1064ED4-127D-40CB-AFEA-9364F1D2CBE6}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{B5B4A5E6-F1D3-450F-B248-E932180B0C2D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC5DAEF-DAAB-48F9-977A-3BAC88851583}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E4A5B40E-A90C-4AD2-BFCD-549720892193}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1B340693-1AA8-4F1E-8780-28D589F247C1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F71D7219-C84B-45AB-88F1-0F49CB8A4659}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{CC2AC901-9484-4901-8006-248B2038CA0C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{80B14BA8-215B-4990-A0A7-B676FD6C5AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{9AC197BA-60F9-478D-9154-0DDD2BBE56CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D90691D7-4A49-47CC-A824-199F22B68F74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E43EE5ED-95B7-4E25-8E2F-BE4C1EEDF67C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DBE7C794-BCC1-4EED-8E1E-3239693F196A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{74DC7F08-3010-49A1-88CD-3BAF63E05686}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{A449D246-039B-4F45-95E7-6E940439199D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{F1F5FFA0-0BD4-4837-AA16-659975F6831B}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{FA397790-7EBE-473B-86BC-8C46C1232670}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7ED7C8B2-190E-41FC-A306-85410D0492D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7664701C-7A2C-4283-9F99-EB47517C8FDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{F22B2EF8-14FF-4749-8A33-C9CDD97C6698}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9478EB9A-3E64-4F7D-8340-730E2431FAA8}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{2FF2DDD6-02AC-4860-BEA7-74DD9FA13513}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9C5CEA99-D77C-45DF-A150-39F3E5D6EFF4}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{92C2E151-6075-425E-AE90-128887C0034A}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{D96FBFF1-F3A4-4F0D-8212-D3592319258C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{293CEF85-075C-4908-A1D9-0CAA61C6A3CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{6A982A09-FB48-48FF-AC64-331365C288E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2AF51C2B-9D52-40D3-B12F-D602A4140FA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D5532742-9D90-4C37-B129-726370D31C38}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{E5180642-3A12-4F41-AFCA-20C68CBFDFCD}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{16F611FC-04DA-4ADD-984D-563C706B7180}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{D0E41D43-043D-4A53-A3FB-46D49BB0B31D}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [TCP Query User{D5430A7B-8EC2-4A42-90FE-DF6AA837054E}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{D23A02D8-019F-495C-BDDB-55C0CB12A3B0}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{966F5998-3E09-4348-BDCD-2FFD905D459A}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{13627D36-35E8-4FC1-A94D-9766C210B7B1}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{7025D146-24F9-40BC-AFD7-0BC45CA44C87}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{9FA8A2B8-23F3-4D43-A384-7C5572CB7413}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{3048C89C-B59F-4C82-91E6-079E6015B9A7}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{1F208BA0-5750-4C8B-8A7F-9E6928430C21}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{90318156-F538-4C0D-A032-F8B0053EECB0}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{D66D6121-78FD-4D1E-9116-2699815624A8}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{B5EBE6FC-CC71-4410-934F-086487BE3E22}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{A2ED3162-0E4F-4400-930C-5BD45FCE5365}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{C76D2950-4916-4FE1-A859-47B49BDA30D7}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{D8DAFE51-51AF-4AEE-AF37-3B16E5D4A6D4}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{7D3AE328-15F4-4076-BB08-352024D85824}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E028728C-F0B4-4701-B55A-664C8D6000A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{F3CDE73A-68C8-40A9-B94A-589E94B050D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{19843A57-5F3E-4B4D-8343-3BB274CE11AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{EEEAAE5D-E17D-4E05-ABBE-A439318113F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E8591027-C4A1-4596-BC2D-D440C1F56BFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E4614A52-3255-4BCD-8AA5-DE0FA9F00214}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1BA8B22B-DD79-4C90-9527-3D12785B365C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C91EFB01-8793-49A8-B6E8-DD70C2C9D9FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B5485743-8356-4D53-B613-6C9ACE9603D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{42F40773-2FAA-4FB1-A7E1-5E144C50C788}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{7209CCFF-8C51-4D98-96DC-9EB565335878}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{F5910ED7-84C1-4C2E-A581-2B19770670ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{81EE6BC8-39A3-47AE-9F16-A6E37DFEECF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{B412ABE2-DDD4-40E8-B219-581B1E0FFF3A}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{3DDB2714-A318-43F7-82D6-1F5DD9B1DBB2}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{423F0C52-3FA0-4AA8-91E1-826E61623E8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5C1F078B-8B5B-4494-A6C9-AC25F8B03F9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [TCP Query User{2E2CB623-2C94-413F-9162-B67D8E225FBD}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{E43A8F57-507C-46CA-9DFD-5B54C259FF9E}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{A14BF10A-EFCC-449A-8421-D31094114B42}] => (Allow) E:\fsetup.exe
FirewallRules: [{263AD71D-C639-47D7-ADDF-6F6AAC222459}] => (Allow) E:\fsetup.exe
FirewallRules: [{555B14A7-2C7D-4F6C-97F1-8C602E3A9542}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{14488A41-386A-4BCC-A7E1-1C2E10D70BD0}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{9587B315-072F-4385-95BC-46B08A76C38F}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C7D58D6F-0C50-41EF-88AB-9F75547C090A}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E24D77F1-BF1B-46F7-B73B-51550E769FE5}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{76A1C009-2605-41C9-B806-45D7B4E8658A}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7F5525F8-087F-4E37-905E-B4D93536EADF}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{413AC9E1-5089-41BE-BDBE-31D924F3FB9E}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{E5E278A1-22DD-4D20-9228-53A109EA611E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5209DAE4-73C0-4A0A-AA95-7E9623E443D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F4945F50-A040-4C06-850D-5283A7C4A564}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{A05CD856-F164-41CF-882B-6E6D0B751134}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{3B55DCCA-ED1A-447F-8388-0F2D4DE7C03B}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{B2B6E593-4FB5-46AF-8535-AB0E2D290192}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{6A1A5EFF-C70F-4909-91F3-3117BB0A6A8F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{0F852D05-94CB-42FE-B9EE-54913ADB4D9F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{BB0541E6-22E7-4DCA-8CA9-C10121F53AE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1F719D34-CD2B-4364-804C-03D662A5615A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4B564C96-ADDC-445E-B577-77FE0A1FADDA}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{E112FDD6-EC30-4C7C-8BE6-3232905C3674}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{91DB0DCF-9DAA-4103-B9F4-F80FC8712AD5}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{4AC3DAC3-56F7-452E-83E4-07480BC79A2C}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{F2237C95-7A01-4F51-B1E9-E07C1D819BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{7C12D419-C4CF-4905-B224-52913766F1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [TCP Query User{25CBC0CA-03DF-4522-AE5F-84300E00253A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CEF8C318-35E1-41DA-94FA-B22FB85F087C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{52B01CED-C045-44B8-81F4-6AC18A72FD31}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{64E81363-C12A-4F58-9DD8-C2351C20C09E}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{EC4DC8EB-B522-4771-B145-6AEF84FFD918}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E28F168A-9B7B-4558-99D0-D9B9DA7F9978}] => (Allow) C:\Users\Marian Curdt\AppData\Local\CrossBrowser\Application\crossbrowser.exe
FirewallRules: [{92A2EF10-70F6-4092-9523-9B6BFA0E2AFC}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{23A0D90A-E9BC-4471-8F2C-C7F60BA49E05}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{E6066999-7EF8-4845-8556-98047E4631DB}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{9B3D24CA-4734-4283-8A8A-5BAD58D70F38}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [{179B0E28-DDFB-4F19-B9E4-5025FAA629AF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{32FE816F-F21A-4B32-8B93-10F192A8269F}] => (Allow) LPort=2869
FirewallRules: [{DD5DAA96-CD21-40E2-AE56-14CCD086C604}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{83B96B26-28A1-4B39-B985-81F2142931BE}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{CBB85E63-52C3-4FA5-B3A6-ECE637569141}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{9DD77849-C080-4DBC-B294-0F6B9480B9AB}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{796EAB72-1677-407C-A299-8A07DD5A707D}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AD40C022-34CF-4539-B9F2-D8D0FE9BC8C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{209D83C9-69A0-4828-A4C4-4A87DE430894}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{788FE7A7-1CF1-4D4B-A5B5-BC6E55E4B832}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{722C18F0-4951-4873-AF36-C40C42A51FBA}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{D37FB4A9-B4B8-44E8-906C-1FFF652D75CA}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8DF642DD-0500-47AD-B3EE-A10A8FB059FC}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/27/2015 07:49:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e00f
ID des fehlerhaften Prozesses: 0x1524
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/27/2015 07:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/27/2015 07:47:23 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/27/2015 07:46:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/27/2015 07:34:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x3f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/27/2015 07:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x14f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/27/2015 07:23:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x94c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/27/2015 07:22:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/27/2015 07:22:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/27/2015 07:10:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x14a4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Systemfehler:
=============
Error: (10/27/2015 07:49:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/27/2015 07:47:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/27/2015 07:47:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (10/27/2015 07:46:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/27/2015 07:34:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (10/27/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/27/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/27/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/27/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/27/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-10-22 22:00:46.413
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.365
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.315
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.266
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:07.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:07.048
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.984
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.921
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.858
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.827
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8136.93 MB
Verfügbarer physikalischer RAM: 6077.46 MB
Summe virtueller Speicher: 16272.07 MB
Verfügbarer virtueller Speicher: 14115.21 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:244.04 GB) (Free:27.04 GB) NTFS
Drive d: () (Fixed) (Total:221.62 GB) (Free:31.76 GB) NTFS
Drive e: (South Park: The Stick of Truth) (CDROM) (Total:4.23 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F85853A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
28.10.2015, 08:58
| #13 |
| /// the machine /// TB-Ausbilder | Firefox stürtzt immer wieder ab.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.10.2015, 22:19
| #14 |
| | Firefox stürtzt immer wieder ab.Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4deffc6053827649998b386b7ecce8b1
# end=init
# utc_time=2015-10-28 06:06:50
# local_time=2015-10-28 07:06:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26456
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4deffc6053827649998b386b7ecce8b1
# end=updated
# utc_time=2015-10-28 06:11:11
# local_time=2015-10-28 07:11:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4deffc6053827649998b386b7ecce8b1
# engine=26456
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-28 08:48:17
# local_time=2015-10-28 09:48:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 97 723285 54456076 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 107349 197695147 0 0
# scanned=488346
# found=113
# cleaned=104
# scan_time=9425
sh=F43DC2757D89158E061EB109C3D4B450C9EDA155 ft=1 fh=f0ef89835c075e10 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\AppData\Roaming\WJCWK"
sh=71509AC84BC50901FB9E6D2758AECF65141938EE ft=0 fh=0000000000000000 vn="Win32/SmootherWeb.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\AppData\Roaming\Booster Web\jid1-U7omKQ6kQfxMaQ@jetpack.zip"
sh=E675B88B06C17B2502468A075EC3CF49FD1733E1 ft=1 fh=b0f609c3f8579be8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe"
sh=618A8E08D9D34351E3AC77A728EC502FE6EB3C0A ft=1 fh=0b6408c51f9011d7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\Downloads\ASIO4ALL - CHIP-Installer.exe"
sh=15B5369BACF0F0B232CCAA565A151FFC6C6A6604 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marian Curdt\Downloads\Full Game (Setup + Files).rar"
sh=89A203CD242DC3275734F0A4193701962BF5CDE5 ft=1 fh=d530faca23070308 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\Downloads\Nokia Suite - CHIP-Installer.exe"
sh=BE917413AEF21D6F396B50C5DDB3A3B20B77F3AE ft=1 fh=09a7e1d98d10561d vn="Variante von Win32/4Shared.AC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marian Curdt\Downloads\West Sine.exe"
sh=D20B5F7FE421B508765605E287EB3F946E11A1EC ft=1 fh=075bbbcd5faa128f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\$RECYCLE.BIN\S-1-5-21-1656074084-342888944-3947257893-1000\$R11L7R5.exe"
sh=EB64DE2BBC96DA818C18660FA605DF3F98111ADC ft=1 fh=787246bec8a5c825 vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\System\SysMenu.dll.vir"
sh=EB4E6055C07A2F02A34F6FF0E310879701A32827 ft=1 fh=1cb8194123060112 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\System\SysMenu64.dll.vir"
sh=3F17BAF98A53B3580114660790A90E9CC6F9B077 ft=1 fh=f6eca0ea532b0e5a vn="Variante von MSIL/BrowseFox.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AppEnable\AppEnable.FirstRun.exe.vir"
sh=4CAF139621DEB8548F7F0D80E2266184CC0802F1 ft=1 fh=24842f2321847814 vn="Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AppEnable\AppEnablebho.dll.vir"
sh=4AFAEEB23232D4D0AF948BAB4593700FCC1A113A ft=1 fh=7bf2b93db012b7bc vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AppEnable\AppEnableUninstall.exe.vir"
sh=FB4A065EE98BE43EEBCD50E9531B1B4FF68DEF4C ft=1 fh=a2f4b33eb82cba3e vn="Variante von MSIL/BrowseFox.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AppEnable\updateAppEnable.exe.vir"
sh=8B391DAB4598965EEE0DEAC63739EF7C0B2DCABC ft=1 fh=84a8cf02d0b471b6 vn="Variante von Win32/Tasks.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\GetPrivate\tasks.dll.vir"
sh=6CC122726C9334657AC32415344197A17BC50747 ft=1 fh=f022c61093bf357c vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mbot_de_444\mbot_de_444.exe.vir"
sh=D31E72BC608D102F6F11F1C42FB61BC21F9A05D6 ft=1 fh=0c961a6c6ee5698d vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mbot_de_444\mybestofferstoday_widget.exe.vir"
sh=A6C9CFC196541992A6EDF9D6697AF556FF603575 ft=1 fh=1fac6a7974539135 vn="Win32/Adware.EoRezo Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mbot_de_444\predm.exe.vir"
sh=31851B5A6CC41F7B4B743FA6E8B68DFA19760701 ft=1 fh=384b8133d32276a7 vn="Variante von Win32/Toolbar.CrossRider.CK evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\973ab9e7-0690-460d-9aba-a5201564b41e-2.exe.vir"
sh=FA9E541EF9547DB8653AEF9E9162E4F447CB78C2 ft=1 fh=f6fc65141d246f99 vn="Variante von Win32/Toolbar.CrossRider.BV evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\973ab9e7-0690-460d-9aba-a5201564b41e-4.exe.vir"
sh=120B2E150AF0D595EFBF5ED8BD955B24653162FE ft=1 fh=e987ada362758428 vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\973ab9e7-0690-460d-9aba-a5201564b41e-5.exe.vir"
sh=38492F0D833DE821705EBDB0434003CA88DE7339 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\973ab9e7-0690-460d-9aba-a5201564b41e.xpi.vir"
sh=E545D249B5EF3AD910D9C60437703DA7235E4377 ft=1 fh=2c7451ec76bfeff5 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-bg.exe.vir"
sh=A1AE0283E0D4518F960E60604E4ECB1B530E77DB ft=1 fh=eb5fd21e079c68d4 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-bho.dll.vir"
sh=35CC72E3B371DB3D8E4E15FDAFA0E5B63AF02204 ft=1 fh=19e53cbc7fed78b4 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-bho64.dll.vir"
sh=FDB40C2F544C99997695CD092C109ED1E2ECDDBB ft=1 fh=408108a30414c98b vn="Variante von Win32/Toolbar.CrossRider.BD evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-buttonutil.dll.vir"
sh=3E4868AA2F83884777A5D49B310E117B100781CD ft=1 fh=afa42baa77334a46 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-buttonutil.exe.vir"
sh=38EDB6156C3390FAE15E7C3BE640A07181E80260 ft=1 fh=99136ea6d24fc535 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-buttonutil64.dll.vir"
sh=23C69567368344DBCA0ADE559A11BBC53C0BC8F1 ft=1 fh=3182f6ee8587fb9a vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-buttonutil64.exe.vir"
sh=CBD3F7AB1C1026B7DE1342EF410032DF769F3EE3 ft=1 fh=df57aa34858a1bca vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe.vir"
sh=FE90B0F730B506C9EC5A04107D4782E02BBE4535 ft=1 fh=2e155bc7ccd1bd4b vn="Variante von Win32/Toolbar.CrossRider.CU evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\Uninstall.exe.vir"
sh=3F9741F3BC71E50EFCECE1C249A74425202DAF01 ft=1 fh=c9800dcfa3b821f2 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\utils.exe.vir"
sh=1C1691D53A24A5184AE315A00AC461767ADEDC20 ft=1 fh=5b79596457e5e7ad vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=8743F255E80C6A0A95A94CC668553686FF170120 ft=1 fh=0e8260637ee8e1d9 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=A704B6A7928A66851D5D0C251F975B52F6755053 ft=1 fh=3a141fdd6276f642 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=AAB44C79899999D77D4BC45AC1FC31746EE01C39 ft=1 fh=f19b2f7682fe88c5 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=3010A616F191A1AB67BAA394F95094E43E1B0F05 ft=1 fh=1d4eab4a3a54531e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir"
sh=CFD6E953ACB4E21B22DD6D2BBD7360C353AA5049 ft=1 fh=65b60511f931799f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=275F649C7C4613C61B59BD33393AA245AD3D3816 ft=1 fh=ecf7e3ee1d6b314e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=B46AC89336EE49AE7D475F54C6A0847EAA8A174F ft=1 fh=d456ecb0103eab2f vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=61BA34023A856D62B4E8062C3996C8B50E2F5A95 ft=1 fh=55852700a9b1c2c4 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WSE_Vosteran\uninstall.exe.vir"
sh=C0B7F8C09DB0ADA3DF2102A3D08FAC9781A15DC6 ft=1 fh=55bf436402755b8c vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir"
sh=52F9085A177DC911DC513ED9FA431A58126F73CF ft=1 fh=08f0a6962a427f0c vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir"
sh=FBDFC5A9C45940E1EE1DB6ADFCE2B1BD5DD301F3 ft=1 fh=c71c0011210d5c57 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir"
sh=3E365578C151761F5E799B2A06A0C4B5AB293B7B ft=1 fh=641afd291d079167 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir"
sh=D62E826B13E242DC0BABCAD05E3A4613795A024F ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi.vir"
sh=EAE26C38934A5DFC7EB58B885FCC83DA388D5AE1 ft=1 fh=bf40033c211bd84f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir"
sh=D4A43936353E001F542FB287278ED350644F1917 ft=1 fh=cf34ce2fc97c23ab vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir"
sh=599E2748522276CBF3F990EB4F46016868DEB898 ft=1 fh=f77aff1d76d0a3e6 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir"
sh=606D4414333C04E362F60B505926C78BB0B6C694 ft=1 fh=2f7c44d7fdd8d932 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab_Bak.dll.vir"
sh=AF36570D737043FEBEC5FA3DDB416A4CF5FDFBE9 ft=1 fh=c71c0011100f33aa vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=D0F37EA7D5B9D0BAF17F544AD921322A8BDCC51B ft=1 fh=31f57c6063df3bcc vn="Variante von Win32/Adware.EoRezo.AJ Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\mbot_de_444\upmbot_de_444.exe.vir"
sh=FE32033ADD503B9EF334B60BC8889B5511BDAA5C ft=1 fh=a034062f2565b3c7 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\mbot_de_444\Download\majmp_gentleeu.exe.vir"
sh=E075096D25B65981B61BA64BD595310C95BEA7B2 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.35.zip.vir"
sh=65DBF1D094F3C63AD12C8F034D8D132A962FA46E ft=1 fh=073c304ffb9fa3a8 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\aapt.exe.vir"
sh=B7832A1BC15B67EEA01C25B6C688021372FB4656 ft=1 fh=217f6af847730ddc vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashReport.exe.vir"
sh=85CC7149AE9F5B9C345C6E4291159EDB1E6D4AA2 ft=1 fh=28079c1ecc971f93 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashRpt.dll.vir"
sh=9E2C3D7CDEDE2543CC0F7960D9837D1B6D2BE75F ft=1 fh=7a481a0f621bd9cc vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x64.exe.vir"
sh=E54955407B312B936C2873446E59355F0EA5CA73 ft=1 fh=d287fe18b11aa882 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x86.exe.vir"
sh=7C8ADC955B8805D819D663DAB3E3875E4C55D72A ft=1 fh=82368099707bc5e6 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x64.exe.vir"
sh=EB41EE3BAB58E356677FAE6BE0405D3AB1403FD9 ft=1 fh=61913740263e2abe vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x86.exe.vir"
sh=8EE77C3EA732059837B316BEEE37A0809CD68F0B ft=1 fh=77f6a6fe09a20461 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\lsusb.exe.vir"
sh=F62E24423D06DDAF273DFFBA831C25EBC13B82EE ft=1 fh=9b120be6f077dc20 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\mgadb.exe.vir"
sh=02D365A799FDCBF8C8A507FCFC69946B402FEA53 ft=1 fh=92f3782890b0d44b vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\mgusb.exe.vir"
sh=B3E9B985A45EF896577466209FC1FDEDB066EB70 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8C6F55634ADBCA6FAA8101C1B2FB024B4855499D ft=1 fh=2876557c9c75ac21 vn="Variante von Win32/Adware.Mobogenie.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\OutlookOperatorC.exe.vir"
sh=8B391DAB4598965EEE0DEAC63739EF7C0B2DCABC ft=1 fh=84a8cf02d0b471b6 vn="Variante von Win32/Tasks.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\GetPrivate\tasks.dll.vir"
sh=A49421BC025099AA2C7D6FE32ACD7E1942940CD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\443991f30a86f86e0a06d427ce29083d.js.vir"
sh=03288CC161A9B79FF743B9F569B915F59AA7448A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\102.js.vir"
sh=937BEB5AC1F53E7FF1E3EB0BCA48BA7AF2D3664F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\104.js.vir"
sh=7C39FE0BD1EF44B15C43CAFE310F9C4327B63A0C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\123.js.vir"
sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\14.js.vir"
sh=59418B96ED4D653FE8F4C66E5E95BAE9ED93C808 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\180.js.vir"
sh=0987FB3F0C956A9578B1C3D050189BB99A017FC2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\184.js.vir"
sh=E7E3EEBCDE7D08E92E4DA1492D0198D99EB8347F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\200.js.vir"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js.vir"
sh=38127B297C16E3C01D59135893A6145C502DBFD2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\211.js.vir"
sh=823B5549471970F99E9103077FC040CE83D60A45 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\220.js.vir"
sh=6D004628B821AD14AECE03C413B45AAF0368CDE7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\221.js.vir"
sh=4A456E8397DFF5CBB4FF25D8B9710C41A42AFCC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\223.js.vir"
sh=ECFA5CA5F49B77A8A30BFEF14AF08218E56431D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\226.js.vir"
sh=F37EC8311BD02ECE1EEDDCF64735876812CF4BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\230.js.vir"
sh=8C6502A9C44CC9F92F94B3841EB8945FED4BBEFA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\233.js.vir"
sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\242.js.vir"
sh=3CA5653E6B858F15992AC689F06C8456A94B0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\253.js.vir"
sh=F07F02D132DE7A3F89F9CEE7284820DB1DD63331 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\263.js.vir"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js.vir"
sh=E9DD2C03F93A35E32413CBB3B87CA74D1430D8D7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\281.js.vir"
sh=01A099FCC8E901BC03DB4912F714A88E147EF013 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\286.js.vir"
sh=60E2D54A3634D60F4D536B16DFABB5A33242DA77 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\301.js.vir"
sh=E09BDEE66594192511CE81A0841BB11D294BFCBD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.M evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\47.js.vir"
sh=BDCFA8379825B1BC17A13BDF73B7384DE46E7C3B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.P evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\64.js.vir"
sh=DB4D5C550C59D20F5972E6CA38E3F4209E39C374 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js.vir"
sh=188CE710BE4D5B5A78696A24CBE0021B5D7FAE35 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\93.js.vir"
sh=4CF9EF4D739C2F8A1F3909A2720274527EC29E1F ft=1 fh=c71c001143f2d9bd vn="Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\mystartsearch\UninstallManager.exe.vir"
sh=EEFE0832A1CAA41E45898E4DE7DA18584AE5D33E ft=1 fh=c71c0011adc15447 vn="Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\webssearches\UninstallManager.exe.vir"
sh=84C580EA3C40AFD37CAABA54D5E8164D5A4FA5F4 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DY Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marian Curdt\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat.vir"
sh=EB8EE709EFC43D642B96263083C9FC02580476CF ft=1 fh=0eab41e55ff1149d vn="Variante von Win32/BrowseFox.U evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{8bb1bafc-0ec5-425d-a185-e54c52d82a80}Gw64.sys.vir"
sh=B4D63E593923A02327C9AA29B6057CB64FB9FC7B ft=1 fh=6e30cf2ca6c6efd2 vn="Variante von Win64/BrowseFox.BM evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{fd1d85f2-5262-40d6-8a2d-f402eec976eb}Gw64.sys.vir"
sh=F43DC2757D89158E061EB109C3D4B450C9EDA155 ft=1 fh=f0ef89835c075e10 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\AppData\Roaming\TXFAZSA"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\AppData\Roaming\WJCWK"
sh=71509AC84BC50901FB9E6D2758AECF65141938EE ft=0 fh=0000000000000000 vn="Win32/SmootherWeb.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\AppData\Roaming\Booster Web\jid1-U7omKQ6kQfxMaQ@jetpack.zip"
sh=E675B88B06C17B2502468A075EC3CF49FD1733E1 ft=1 fh=b0f609c3f8579be8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe"
sh=618A8E08D9D34351E3AC77A728EC502FE6EB3C0A ft=1 fh=0b6408c51f9011d7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\Downloads\ASIO4ALL - CHIP-Installer.exe"
sh=15B5369BACF0F0B232CCAA565A151FFC6C6A6604 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\Downloads\Full Game (Setup + Files).rar"
sh=89A203CD242DC3275734F0A4193701962BF5CDE5 ft=1 fh=d530faca23070308 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\Downloads\Nokia Suite - CHIP-Installer.exe"
sh=BE917413AEF21D6F396B50C5DDB3A3B20B77F3AE ft=1 fh=09a7e1d98d10561d vn="Variante von Win32/4Shared.AC evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Marian Curdt\Downloads\West Sine.exe"
sh=6408D61C9809E743126596AF762ABA61C67626F2 ft=1 fh=11b2d7f1750c67b8 vn="Win32/Adware.DsiLoad.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Marian Curdt\AppData\Local\dsisetup12357302.exe.vir"
sh=8B391DAB4598965EEE0DEAC63739EF7C0B2DCABC ft=1 fh=84a8cf02d0b471b6 vn="Variante von Win32/Tasks.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\SysWOW64\tasks.dll"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.226
Adobe Reader XI
Mozilla Firefox (41.0.2)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Marian Curdt (Administrator) auf MARIANCURDTPC (28-10-2015 22:10:32)
Gestartet von C:\Users\Marian Curdt\Desktop
Geladene Profile: Marian Curdt & UpdatusUser (Verfügbare Profile: Marian Curdt & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Spotify Ltd) C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marian Curdt\Desktop\FRST64(1).exe
() C:\Users\Marian Curdt\Desktop\SecurityCheck(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-102 103 Series"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Spotify Web Helper] => "C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\MountPoints2: {21fde83c-5e8b-11e3-8c52-d3a745ceaade} - G:\pushinst.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-05] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\p6_19_erinnerung.lnk [2014-08-24]
ShortcutTarget: p6_19_erinnerung.lnk -> C:\Program Files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2014-12-26]
ShortcutTarget: GameRanger.lnk -> C:\Users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{99FC47B1-73DE-4926-AF76-90364DA1192B}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {B638535A-6140-45BE-BB4F-C5F742EEB550} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.)
FireFox:
========
FF ProfilePath: C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-11-05] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-19] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll [Keine Datei]
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-11-05] (Adobe Systems)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi => nicht gefunden
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-05] (Avast Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-05] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-05] (Avast Software)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 22:10 - 2015-10-28 22:10 - 00020246 _____ C:\Users\Marian Curdt\Desktop\FRST.txt
2015-10-28 22:10 - 2015-10-28 22:10 - 00000916 _____ C:\Users\Marian Curdt\Desktop\checkup.txt
2015-10-28 20:35 - 2015-10-28 21:48 - 18301682 _____ C:\Users\Marian Curdt\Desktop\untitled.wav
2015-10-28 19:04 - 2015-10-28 19:04 - 00852720 _____ C:\Users\Marian Curdt\Desktop\SecurityCheck(1).exe
2015-10-28 19:04 - 2015-10-28 19:04 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-28 19:01 - 2015-10-28 19:01 - 02870984 _____ (ESET) C:\Users\Marian Curdt\Desktop\esetsmartinstaller_deu(1).exe
2015-10-27 19:52 - 2015-10-27 19:52 - 02197504 _____ (Farbar) C:\Users\Marian Curdt\Desktop\FRST64(1).exe
2015-10-27 19:30 - 2015-10-27 19:30 - 01798976 _____ (Malwarebytes) C:\Users\Marian Curdt\Desktop\JRT.exe
2015-10-27 19:11 - 2015-10-27 19:11 - 01694208 _____ C:\Users\Marian Curdt\Downloads\AdwCleaner_5.015.exe
2015-10-27 18:29 - 2015-10-27 18:31 - 22908888 _____ (Malwarebytes ) C:\Users\Marian Curdt\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-24 10:06 - 2015-10-24 10:07 - 00000000 ____D C:\Windows\rescache
2015-10-23 15:15 - 2015-10-23 15:16 - 13566651 _____ C:\Users\Marian Curdt\Downloads\hihat_n_cymbals_collection.rar
2015-10-23 15:15 - 2015-10-23 15:15 - 01045576 _____ C:\Users\Marian Curdt\Downloads\classic_hip-hop_drums.rar
2015-10-23 13:27 - 2015-10-23 13:27 - 00015201 _____ C:\Users\Marian Curdt\Downloads\MemTest41.zip
2015-10-22 14:37 - 2015-10-22 14:37 - 00000000 ____D C:\Users\Marian Curdt\AppData\LocalLow\Oracle
2015-10-21 20:22 - 2015-10-21 20:03 - 05637184 ____R (Swearware) C:\Users\Marian Curdt\Desktop\ComboFix.exe
2015-10-19 20:08 - 2015-10-19 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-19 20:07 - 2015-07-05 15:07 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-10-19 19:56 - 2015-10-19 19:56 - 02196992 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64.exe
2015-10-19 18:23 - 2015-10-27 19:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 18:23 - 2015-10-27 18:32 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-19 18:23 - 2015-10-27 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-19 18:23 - 2015-10-27 18:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-19 18:23 - 2015-10-19 18:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 18:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-19 18:23 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-19 18:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-19 18:04 - 2015-10-28 21:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-19 18:04 - 2015-10-19 18:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-19 18:04 - 2015-10-19 18:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 18:04 - 2015-10-19 18:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-19 17:00 - 2015-10-19 17:00 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-19 17:00 - 2015-10-19 17:00 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-19 17:00 - 2015-10-19 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-19 17:00 - 2015-10-19 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-19 16:13 - 2015-10-19 16:13 - 00291152 _____ C:\Windows\Minidump\101915-175407-01.dmp
2015-10-19 16:13 - 2015-10-19 16:11 - 673173729 ____N C:\Windows\MEMORY.DMP
2015-10-19 15:09 - 2015-10-19 15:09 - 00272248 _____ C:\Windows\Minidump\101915-46722-01.dmp
2015-10-19 14:49 - 2015-10-19 14:49 - 00290432 _____ C:\Windows\Minidump\101915-62244-01.dmp
2015-10-19 14:33 - 2015-10-19 14:33 - 00003154 _____ C:\Windows\System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745}
2015-10-19 14:13 - 2015-10-19 16:13 - 00000000 ____D C:\Windows\Minidump
2015-10-19 14:13 - 2015-10-19 14:13 - 00262144 _____ C:\Windows\Minidump\101915-224173-01.dmp
2015-10-16 11:50 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-16 11:50 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-16 11:50 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 11:50 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 11:50 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-16 11:50 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 11:50 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-16 11:50 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-16 11:50 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 11:50 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-16 11:50 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 11:50 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-16 11:50 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 11:50 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-16 11:50 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-16 11:50 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-16 11:50 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 11:50 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-16 11:50 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-16 11:50 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-16 11:50 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 11:50 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 11:50 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-16 11:50 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-16 11:50 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-16 11:50 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-16 11:50 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-16 11:50 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-16 11:50 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-16 11:50 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 11:50 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-16 11:50 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-16 11:50 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-16 11:50 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 11:50 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-16 11:50 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-16 11:50 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-16 11:50 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-16 11:50 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 11:50 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-16 11:50 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-16 11:50 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-16 11:50 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 11:50 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-16 11:50 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-16 11:50 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-16 11:50 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-16 11:50 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-16 11:50 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-16 11:50 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 11:50 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-16 11:50 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-16 11:50 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-16 11:50 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-16 11:50 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-16 11:50 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-16 11:50 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-16 11:50 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-16 11:50 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-16 11:50 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-16 11:50 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-16 11:50 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-16 11:50 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-16 11:49 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-16 11:49 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-16 11:49 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-16 11:49 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-16 11:49 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-16 11:49 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-16 11:49 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-16 11:49 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-16 11:49 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-16 11:49 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-16 11:49 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-16 11:49 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-16 11:49 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-16 11:49 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-16 11:49 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-16 11:49 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-16 11:49 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-16 11:49 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-16 11:49 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-16 11:49 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-16 11:49 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-16 11:49 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-16 11:49 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-16 11:49 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-16 11:49 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-16 11:49 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-16 11:48 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-16 11:48 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-16 11:48 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-16 11:48 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-16 11:48 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-16 11:48 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-16 11:48 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-16 11:48 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-16 11:48 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-16 11:48 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-16 11:48 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-16 11:48 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-16 11:48 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-16 11:48 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-16 11:48 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-16 11:48 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-16 11:48 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-16 11:48 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-16 11:48 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-16 11:48 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-16 11:48 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-16 11:48 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-16 11:48 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-16 11:48 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-16 11:48 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-16 11:48 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 11:48 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-16 11:48 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-16 11:48 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-16 11:48 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-16 11:48 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-16 11:48 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-16 11:48 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-16 11:48 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-16 11:48 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-16 11:48 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-16 11:47 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-11 21:22 - 2015-10-11 22:19 - 176463820 _____ C:\Users\Marian Curdt\Downloads\617656578698937492645909287456453.rar
2015-10-11 18:20 - 2015-10-11 19:18 - 176462876 _____ C:\Users\Marian Curdt\Downloads\604876588769671926877511875541876.rar
2015-10-08 19:59 - 2015-10-08 20:05 - 28684799 _____ C:\Users\Marian Curdt\Downloads\ht - 1983 ep.rar
2015-10-08 19:58 - 2015-10-08 20:32 - 105447572 _____ C:\Users\Marian Curdt\Downloads\Gz255.rar
2015-09-29 15:46 - 2015-09-29 16:02 - 155336441 _____ (Bitsonic LP ) C:\Users\Marian Curdt\Downloads\Bitsonic_Keyzone_1(3).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 22:10 - 2013-11-23 12:50 - 00000000 ____D C:\FRST
2015-10-28 21:52 - 2015-07-01 08:44 - 00040712 _____ C:\Windows\setupact.log
2015-10-28 21:50 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-28 21:50 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-28 21:47 - 2015-01-19 20:03 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Booster Web
2015-10-28 17:58 - 2013-12-06 16:24 - 01073847 _____ C:\Windows\WindowsUpdate.log
2015-10-28 17:57 - 2010-11-21 07:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-10-28 17:57 - 2010-11-21 07:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-10-28 17:57 - 2009-07-14 06:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-28 17:53 - 2013-12-21 19:33 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\LogMeIn Hamachi
2015-10-28 17:52 - 2014-08-24 15:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-28 17:52 - 2014-08-24 12:22 - 00000000 ____D C:\Users\Public\Documents\phase6_19_Daten
2015-10-28 17:51 - 2013-12-06 18:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-28 17:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-27 19:20 - 2015-07-02 11:22 - 00035554 _____ C:\Windows\PFRO.log
2015-10-27 19:19 - 2014-04-14 18:26 - 00000000 ____D C:\AdwCleaner
2015-10-27 16:50 - 2013-12-06 17:34 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Adobe
2015-10-25 08:56 - 2013-12-25 13:08 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Audacity
2015-10-24 18:51 - 2013-12-07 13:04 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\TS3Client
2015-10-24 12:23 - 2014-06-18 19:04 - 02870272 ___SH C:\Users\Marian Curdt\Desktop\Thumbs.db
2015-10-24 12:03 - 2013-12-06 18:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-24 10:49 - 2015-03-07 13:14 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Steam
2015-10-23 13:36 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-22 21:03 - 2014-04-13 20:07 - 00000000 ____D C:\Qoobox
2015-10-22 21:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-22 14:38 - 2014-04-15 10:19 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 20:39 - 2015-04-27 15:34 - 00000000 ____D C:\Users\locales
2015-10-21 20:09 - 2014-02-05 16:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-21 17:51 - 2014-10-28 17:41 - 00000000 ____D C:\ProgramData\PC Suite
2015-10-19 20:08 - 2015-01-22 16:29 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-19 19:57 - 2013-12-15 22:04 - 00063833 _____ C:\Users\Marian Curdt\Downloads\FRST.txt
2015-10-19 16:08 - 2014-11-27 20:29 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\2K Games
2015-10-19 16:08 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-19 15:22 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieUserList
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieSiteList
2015-10-19 14:27 - 2014-11-14 17:29 - 00000000 __SHD C:\Users\Marian Curdt\AppData\Local\EmieBrowserModeList
2015-10-18 21:20 - 2015-02-14 14:31 - 00000000 ____D C:\Users\Marian Curdt\Desktop\Projekte
2015-10-18 19:22 - 2014-01-05 12:00 - 00000000 ____D C:\Users\Marian Curdt\AppData\Local\Spotify
2015-10-18 19:22 - 2014-01-05 11:55 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Spotify
2015-10-17 18:03 - 2014-12-14 17:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 18:03 - 2014-05-06 11:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 11:51 - 2013-12-11 16:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 11:50 - 2014-12-27 12:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-09 11:15 - 2015-04-05 15:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 00:32 - 2015-04-05 15:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 10:50 - 2014-09-20 14:15 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\Maize Sampler Player
2015-10-03 14:45 - 2013-12-29 12:43 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\LolClient
2015-10-02 14:51 - 2013-12-06 18:56 - 00000000 ____D C:\Users\Marian Curdt\AppData\Roaming\.minecraft
2015-09-29 16:37 - 2015-01-19 20:34 - 00000000 ____D C:\Users\Marian Curdt\Desktop\VSTs
2015-09-28 17:49 - 2015-09-10 07:42 - 00000000 ____D C:\$Windows.~BT
2015-09-28 17:24 - 2013-12-06 16:18 - 00000000 ____D C:\Windows\Panther
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-18 21:45 - 2015-07-01 09:37 - 0000132 _____ () C:\Users\Marian Curdt\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-11-19 14:50 - 2014-11-22 12:50 - 0000130 _____ () C:\Users\Marian Curdt\AppData\Roaming\WB.CFG
2014-01-09 14:20 - 2014-01-09 14:20 - 0001456 _____ () C:\Users\Marian Curdt\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-10 15:18 - 2013-12-23 16:28 - 0004608 _____ () C:\Users\Marian Curdt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 12:50 - 2014-11-22 12:50 - 0000001 _____ () C:\Users\Marian Curdt\AppData\Local\DSI.DAT
2014-04-29 18:09 - 2014-04-29 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Marian Curdt\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marian Curdt\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-24 10:00
==================== Ende von FRST.txt ============================
|
|
28.10.2015, 22:24
| #15 |
| | Firefox stürtzt immer wieder ab.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Marian Curdt (2015-10-28 22:11:12)
Gestartet von C:\Users\Marian Curdt\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 15:36:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1656074084-342888944-3947257893-500 - Administrator - Disabled)
Gast (S-1-5-21-1656074084-342888944-3947257893-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1656074084-342888944-3947257893-1002 - Limited - Enabled)
Marian Curdt (S-1-5-21-1656074084-342888944-3947257893-1000 - Administrator - Enabled) => C:\Users\Marian Curdt
UpdatusUser (S-1-5-21-1656074084-342888944-3947257893-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.60.616 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.60.616 - DVDVideoSoft Ltd.)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
GameRanger (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\GameRanger) (Version: - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Update Helper (x32 Version: 70.3.29.7018 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes )
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 1510 series - Grundlegende Software für das Gerät (HKLM\...\{FD79E5D2-5CFE-49C2-9461-D011D1355696}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Hilfe (HKLM-x32\...\{23972F22-BA23-4C61-9F91-B9470E1563EB}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Key Performer 1.1 (HKLM-x32\...\{75C44648-578E-471F-9897-F01757BEB420}_is1) (Version: - GSi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\CopyTrans Suite) (Version: 3.006 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Spotify (HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steinberg Hypersonic VSTi DXi v2.0 (HKLM-x32\...\Steinberg Hypersonic VSTi DXi_is1) (Version: - )
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Styx: Master of Shadows (HKLM-x32\...\Steam App 242640) (Version: - Cyanide Studio)
SuperWave P8 (HKLM-x32\...\{B681D0E8-6676-4AB9-846F-38CA5E0B5412}) (Version: 2.4 - SuperWave)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - Black Pants Game Studio)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-10-2015 19:59:47 avast! antivirus system restore point
21-10-2015 20:11:45 ComboFix created restore point
22-10-2015 14:47:01 JRT Pre-Junkware Removal
23-10-2015 14:10:21 Windows Update
27-10-2015 16:46:25 Windows Update
27-10-2015 19:31:31 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-10-22 21:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DE5228A-0A07-443E-BC5B-C318537AA76B} - System32\Tasks\WJCWK => C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe <==== ACHTUNG
Task: {1390B8FF-5F7C-4848-A7F8-C179D7DC38BB} - System32\Tasks\{E4844B58-3801-475A-AFC0-5F103AE3873B} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\GameRangerSetup.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {2D0FF3E5-9610-4597-BD79-9A12682C8D49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {40555753-9863-4C56-AEFA-22315773ABE6} - System32\Tasks\AdobeAAMUpdater-1.0-MarianCurdtPC-Marian Curdt => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {50499318-9154-4228-9404-256202C93CF7} - System32\Tasks\{15DFB77F-763F-4561-B17C-29AFD4F0185A} => pcalua.exe -a "C:\Users\Marian Curdt\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=epom2
Task: {5944F998-FF45-411D-B7FE-0EC360DBE45A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CC1C031-416E-4CE3-A4FB-756AA204C45C} - System32\Tasks\{EB994BD4-70B6-4C34-95CD-F733C201CDD8} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2\setup.exe" -d "C:\Users\Marian Curdt\Desktop\VSTs\Hypersonic 2"
Task: {8EF55E48-0AF7-4066-B482-7D4AE1D3BF2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19] (Adobe Systems Incorporated)
Task: {9CF2D2B6-9DAF-4255-A1CC-7CE85276EEA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {A4974F52-8C19-4E6E-81FD-68861C62CFF0} - System32\Tasks\{51C95BFA-FBA3-4117-90E4-46154531F0C2} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {B5DD572F-E56E-4692-9A91-1EFCCE155092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-19] (Avast Software s.r.o.)
Task: {BEE13837-2AF0-4607-BA40-AEA31BA81337} - System32\Tasks\{4E41F9C3-D503-49D8-B689-7949F60414AE} => pcalua.exe -a "C:\Users\Marian Curdt\Desktop\setup.exe" -d "C:\Users\Marian Curdt\Desktop"
Task: {BF9A4B4B-CFE2-4FAC-B48A-A3D319419EAC} - System32\Tasks\{75C1B7B4-7594-40DD-B866-F5A13294F4BB} => pcalua.exe -a "C:\Users\Marian Curdt\Downloads\epson374730eu.exe" -d "C:\Users\Marian Curdt\Downloads"
Task: {C0837618-74D6-4F3F-94C7-215D2736AFC5} - System32\Tasks\avastBCLRestartS-1-5-21-1656074084-342888944-3947257893-1000 => Firefox.exe
Task: {DA96A7E8-1FA1-46B1-9830-3BD2A25D31F0} - System32\Tasks\{AB686BDB-30FB-4904-A2E3-D740074EB745} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {E63EBBF3-C239-4BA0-8944-7388B4422164} - System32\Tasks\TXFAZSA => C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe <==== ACHTUNG
Task: {EBC9CB1D-06BD-48EF-B2AD-18892B010013} - System32\Tasks\hpUrlLauncher.exe_{5AA93921-2E13-494F-B126-FD0E1BAF48A4} => C:\Program Files\HP\HP Deskjet 1510 series\Bin\utils\hpUrlLauncher.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {FD80FBF7-D84D-4D8E-801F-F1490CFA830C} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-06 18:08 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-15 13:47 - 2013-12-22 13:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-10-28 19:04 - 2015-10-28 19:04 - 00852720 _____ () C:\Users\Marian Curdt\Desktop\SecurityCheck(1).exe
2015-07-05 15:07 - 2015-07-05 15:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-05 15:07 - 2015-07-05 15:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-27 18:34 - 2015-10-27 18:34 - 02997616 _____ () C:\Program Files\AVAST Software\Avast\defs\15102701\algo.dll
2015-10-28 19:05 - 2015-10-28 19:05 - 02998664 _____ () C:\Program Files\AVAST Software\Avast\defs\15102801\algo.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2015-07-05 15:07 - 2015-07-05 15:07 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-22 12:44 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1D816BEF-53EE-4D07-B0C4-3A83F8A3708C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{46F4E976-4BC8-4765-97FD-04C65F8D8C3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{928DCD71-3F2F-4993-BD1B-D83F8A9A50D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF1F9B3B-6B75-45F0-9CBA-7D4A874642D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95E9BE84-F5DA-426A-9223-C5E525DE745F}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{245BD2BF-54E4-4F84-8CEA-7C87815E660A}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{2B0E8CA3-4587-4E89-A087-4C16DD9F813A}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{43EEDB72-897D-41B4-B7D0-3132A210AD00}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7FDAF181-64FA-499A-95F3-1A35DCF80D52}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7891C02A-54D9-473C-98B6-E5B9DD9E5864}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{212839AF-605E-480F-8E5A-713F32EF4B3B}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{C1327AB3-9942-4CD1-848F-0C024CBCF7D8}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{8270F73D-BC3C-4C24-8EF1-A9745B3B62F3}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{23176B84-9B17-408E-959D-30E513AF4F40}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{69CF1657-2C7E-494A-B5B5-92CB8902BE31}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{3A7E5D46-0E89-42DA-92F4-7CC7A0360124}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{31021679-5FAB-48F0-B79F-4CE57686099B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC83AE3-5FD5-4AE5-8933-BD56520753F3}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{94D24698-30B8-4A54-AFAA-C985552E0EB9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{58DB2E72-7085-48CB-8110-D840A6F051A0}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{0ACB4AB7-A740-40B9-8F6A-748F02F36551}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{20CD95A0-A5FB-4E80-AE65-2B18C7A5F51C}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{C0A13CE6-71C6-45B1-ACE4-645C8DDBB8F3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C894E379-5469-48B4-AF5E-2336B73AAF83}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{6D24D669-D41C-4AC0-B398-B2E3A0A7F25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54FA0D8A-64F8-43D2-8963-8445262498F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC8A140E-FE81-4C9D-AB40-D80B659E1D33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C481A424-8B8A-465C-9CAF-02885DCB4FDE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E577F5BC-721E-4B76-89A8-F147A996EE27}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8205D911-D81D-4AED-971D-683D2AEF9CA3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{033CCEDB-784A-473E-BAC9-B31AAB2ABA7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9A47DC0B-03C4-425F-94E7-820BFF486A0B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EE8AEC30-1A08-4B01-9098-3A23AED07000}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7C648A92-04DB-49FB-AD54-C76C32FDA2FD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{C8792660-62F0-4EE1-9F59-4842AD24D825}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A42336C6-225B-44F0-B6FA-7E5F9F1341D7}G:\diablo iii\diablo iii.exe] => (Block) G:\diablo iii\diablo iii.exe
FirewallRules: [{F86FC463-FF3F-4978-83EC-352581F54282}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{78C8FA31-8325-45F4-A463-9875C13E430E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{1E5CC172-82A7-4E7C-BF4A-9C03015E1E9C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{E4D788FF-670E-4350-B451-4CD0B4DAFF13}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{ED48E8DE-9078-43B8-8A0F-0BA35E6CFF96}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{59967CE9-5992-4319-919A-70814F6F7132}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{748E0037-2E65-4C78-AD5C-DDA29FD8F785}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{6A8A2446-F74D-4CF9-8088-F58B24A53B5E}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{937C99AB-D452-4F1B-A41B-4618E91457F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73675C35-2EDD-4980-AFE3-9CAAE3165627}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{494D6604-1C81-4342-B192-531A8F1DC0DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5F583CEB-5A39-411A-A997-1FE086CD2DB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{883CD010-27A9-4E16-A4C7-EC207A9EEEBD}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{D343060B-9E01-42A0-AE40-C1FBB6D608C2}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A4F8290A-C5EB-465E-866B-A20AFF261015}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{3AA72550-D0A1-4FED-B01F-7A85B4F0128A}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{63419D90-4A52-47BA-BF7B-58F806C7F441}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{BCC5DE76-5A66-422A-9319-01DB06E62689}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4AC18C21-C09D-4E0F-AF79-08E9D3CC1A72}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{5F50F704-6CBF-4906-8374-B9474176E9AB}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D5BC7076-18F9-4B31-9475-D87A881D6A6D}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0D51E53E-940D-4059-817A-6A246563B442}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{DD1499E6-861A-40C7-A069-26D86F3CF413}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5919DB62-5D3E-49DB-84E3-7B2E239A50C9}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{CDF43238-CA7F-45EF-8520-B6365EF6D816}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{BEFC6D7E-931C-494D-A519-EF057DB3A255}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F953CE3A-838E-49A9-A860-F6E93B3144A1}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{14A54C94-C100-4A19-A2D6-8F3AAD45A79A}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [TCP Query User{794FC4A4-BD53-417B-A2BC-1176C8273941}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D9AC5C51-74E5-4E2B-BCB1-1B1D4E491B8A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F2941B25-E40A-4AC6-B170-DB0EF42370C5}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{4660E7AE-1022-4891-BBF9-D3F47B4EB147}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E7AB135-DC0B-4EC7-9CFB-2FF3E946F661}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7594D002-2CA3-4BCC-A1A5-4DE93504F544}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26192515-ACCB-40B7-82A4-6C505C954575}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90A545B6-467E-4126-8F5E-CE80EDFDF98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{99B30758-B93A-45DE-A296-F9B3387261A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1302965F-14F4-4C2E-A128-A022894783D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A090F5C1-CFD3-40CC-AA42-82DE2829209B}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{C75E8CEE-E070-4CF3-ABFF-29AF114D33BA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26495C27-D97D-4D4F-8BD3-2A901341BE23}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{977C0677-2F98-448A-8E66-7CD153A6DB97}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3E2789F8-B791-483D-A3A0-BD6C7FE9B756}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{80D5CD76-F96D-44AB-BE4D-E339591C07C4}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D6E12DC4-F4D5-46D2-8A3D-F1D9384C71E0}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CCF7FEF6-8407-469B-9B3B-1459FBA1721A}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DD595FA3-0C69-4F83-8E9B-069389EBC1A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A850D484-6333-4055-B294-B24EE5075A8E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E3AEA024-BFAC-4DD3-8219-E8E575042E44}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1495DE4C-F6D9-48FF-B834-0100B433FCBC}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{8DE4741E-5858-4ADF-ADFD-AFE805AEEEF1}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7D7F9E09-CA92-432C-8514-A55955442784}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1A5A76FA-FF87-40F9-91A7-3EF89F7FCF2C}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{23278EA9-7273-4B10-9386-9A7485FE13B9}] => (Allow) G:\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0769FEF1-6C9F-402D-9ECF-BDA7A3218A28}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A1D7ECE2-810D-4834-8709-7E0C2AC41755}] => (Allow) G:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FA9C4A1F-0C82-4C61-A1F0-0FB419CAAC05}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{68A29AB9-EB40-438F-BCDA-751A1D76EF04}] => (Allow) G:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{0050676F-48D3-46F5-BC04-929E5406D4CE}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{287A760D-ED60-4BFB-A3BA-466F00330527}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\BFBC2Game.exe
FirewallRules: [{8A7E47A7-EE72-495E-85CD-07931BE5DF92}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{408BD32C-720B-4131-9DD6-3F1EB6F429DB}] => (Allow) G:\SteamLibrary\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{CDAE9442-08AE-46DE-A873-C5F481D078FC}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{C0C71E7C-E79E-4574-B1B0-6C0A20D26E89}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{A9F355EF-236B-4E18-8F14-D9745E9E8A25}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{5DA5A24A-D174-477F-B410-592E57E17221}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F81F6214-2DFF-4585-B75A-5859A46CF93A}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{7DF434E6-4264-448A-BCD3-64AE0987EEA4}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{1E066DBB-E084-456F-ABFB-EE7FE65FE305}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{5FF18E49-D387-44F8-995C-BDB64E22ECC6}] => (Allow) G:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{CCC9FE22-D25F-46D3-B628-B851EE9DC12A}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{A521BCCD-C22C-4485-BFBE-9B6A80602699}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{1A72CCC1-4905-41A6-9975-246BF81BC9D3}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{66EDC0DD-A01B-44DF-BAF8-82708517DF9F}] => (Allow) G:\SteamLibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{82797596-4ED2-42EF-9569-528481D86479}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{E83B7029-9A2B-429F-9B18-9E3765D54FF3}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C671675F-80BF-4978-A6F6-4990880209A1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{3EE19951-4BDC-439B-8FC7-B86F0324E11C}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{84CCFAD3-4E29-4AC0-A184-08F659EBE384}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{EFFE4B47-266B-49C1-A4B8-D66E69E55DDA}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{8BB39CDA-412F-4359-9C6B-7967233422B4}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{11E398CE-6F8F-4E77-B5F1-03D22068F200}D:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [TCP Query User{CF8DCE53-EE58-4829-BD19-3975E9CCD0C8}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{A1E24767-730C-40D6-88BA-E42F29F33CE4}D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{2C4FDB17-16F0-46F2-9961-334E9AEDE5D1}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{E938C6BF-2B2A-4279-B599-3ADC15E80E6F}] => (Block) D:\steamlibrary\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{0159CC0E-C82C-42F8-934E-FD16D3372A6E}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92D641E1-EC1B-4ADF-BB27-6EFF2674CC21}C:\users\marian curdt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marian curdt\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7162A15B-E861-4C50-B15A-97A271B4FCFF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B001828-518E-4455-933D-790ACEE861F9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D716299-DAEF-4DA6-A430-295A27C59DE2}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7133ED6F-F9B1-4C45-B203-C465426B8451}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{493363DD-6CF8-4519-A453-168A5CE500B7}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{847F4F8A-1490-483E-BDCA-EA43F1D9BB4B}D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{1B463BE4-60B6-4C00-9A15-BB3424D868D2}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{96BC8B7C-4C7C-40CA-8680-6A43B7BED93C}] => (Block) D:\steamlibrary\steamapps\common\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{2F13EBDB-69D7-4A07-BAD7-9FDBCC85C962}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{99F40ACA-B58F-49F4-B37C-75653A1B6BC1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{68245D90-5667-42FE-9884-CC48CDAE9EDF}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A1064ED4-127D-40CB-AFEA-9364F1D2CBE6}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{B5B4A5E6-F1D3-450F-B248-E932180B0C2D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9EC5DAEF-DAAB-48F9-977A-3BAC88851583}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E4A5B40E-A90C-4AD2-BFCD-549720892193}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1B340693-1AA8-4F1E-8780-28D589F247C1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F71D7219-C84B-45AB-88F1-0F49CB8A4659}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{CC2AC901-9484-4901-8006-248B2038CA0C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{80B14BA8-215B-4990-A0A7-B676FD6C5AF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{9AC197BA-60F9-478D-9154-0DDD2BBE56CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D90691D7-4A49-47CC-A824-199F22B68F74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E43EE5ED-95B7-4E25-8E2F-BE4C1EEDF67C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DBE7C794-BCC1-4EED-8E1E-3239693F196A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{74DC7F08-3010-49A1-88CD-3BAF63E05686}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{A449D246-039B-4F45-95E7-6E940439199D}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{F1F5FFA0-0BD4-4837-AA16-659975F6831B}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{FA397790-7EBE-473B-86BC-8C46C1232670}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7ED7C8B2-190E-41FC-A306-85410D0492D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7664701C-7A2C-4283-9F99-EB47517C8FDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{F22B2EF8-14FF-4749-8A33-C9CDD97C6698}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9478EB9A-3E64-4F7D-8340-730E2431FAA8}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{2FF2DDD6-02AC-4860-BEA7-74DD9FA13513}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9C5CEA99-D77C-45DF-A150-39F3E5D6EFF4}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{92C2E151-6075-425E-AE90-128887C0034A}] => (Allow) D:\SteamLibrary\steamapps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{D96FBFF1-F3A4-4F0D-8212-D3592319258C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{293CEF85-075C-4908-A1D9-0CAA61C6A3CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{6A982A09-FB48-48FF-AC64-331365C288E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2AF51C2B-9D52-40D3-B12F-D602A4140FA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D5532742-9D90-4C37-B129-726370D31C38}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{E5180642-3A12-4F41-AFCA-20C68CBFDFCD}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{16F611FC-04DA-4ADD-984D-563C706B7180}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{D0E41D43-043D-4A53-A3FB-46D49BB0B31D}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [TCP Query User{D5430A7B-8EC2-4A42-90FE-DF6AA837054E}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{D23A02D8-019F-495C-BDDB-55C0CB12A3B0}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{966F5998-3E09-4348-BDCD-2FFD905D459A}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{13627D36-35E8-4FC1-A94D-9766C210B7B1}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{7025D146-24F9-40BC-AFD7-0BC45CA44C87}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{9FA8A2B8-23F3-4D43-A384-7C5572CB7413}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{3048C89C-B59F-4C82-91E6-079E6015B9A7}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{1F208BA0-5750-4C8B-8A7F-9E6928430C21}] => (Allow) D:\SteamLibrary\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [TCP Query User{90318156-F538-4C0D-A032-F8B0053EECB0}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{D66D6121-78FD-4D1E-9116-2699815624A8}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{B5EBE6FC-CC71-4410-934F-086487BE3E22}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{A2ED3162-0E4F-4400-930C-5BD45FCE5365}] => (Allow) D:\SteamLibrary\steamapps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{C76D2950-4916-4FE1-A859-47B49BDA30D7}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{D8DAFE51-51AF-4AEE-AF37-3B16E5D4A6D4}] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{7D3AE328-15F4-4076-BB08-352024D85824}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E028728C-F0B4-4701-B55A-664C8D6000A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{F3CDE73A-68C8-40A9-B94A-589E94B050D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{19843A57-5F3E-4B4D-8343-3BB274CE11AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{EEEAAE5D-E17D-4E05-ABBE-A439318113F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E8591027-C4A1-4596-BC2D-D440C1F56BFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E4614A52-3255-4BCD-8AA5-DE0FA9F00214}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1BA8B22B-DD79-4C90-9527-3D12785B365C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C91EFB01-8793-49A8-B6E8-DD70C2C9D9FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B5485743-8356-4D53-B613-6C9ACE9603D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{42F40773-2FAA-4FB1-A7E1-5E144C50C788}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{7209CCFF-8C51-4D98-96DC-9EB565335878}] => (Allow) D:\SteamLibrary\steamapps\common\Reus\Reus.exe
FirewallRules: [{F5910ED7-84C1-4C2E-A581-2B19770670ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{81EE6BC8-39A3-47AE-9F16-A6E37DFEECF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{B412ABE2-DDD4-40E8-B219-581B1E0FFF3A}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{3DDB2714-A318-43F7-82D6-1F5DD9B1DBB2}] => (Allow) D:\SteamLibrary\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{423F0C52-3FA0-4AA8-91E1-826E61623E8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5C1F078B-8B5B-4494-A6C9-AC25F8B03F9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [TCP Query User{2E2CB623-2C94-413F-9162-B67D8E225FBD}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{E43A8F57-507C-46CA-9DFD-5B54C259FF9E}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{A14BF10A-EFCC-449A-8421-D31094114B42}] => (Allow) E:\fsetup.exe
FirewallRules: [{263AD71D-C639-47D7-ADDF-6F6AAC222459}] => (Allow) E:\fsetup.exe
FirewallRules: [{555B14A7-2C7D-4F6C-97F1-8C602E3A9542}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{14488A41-386A-4BCC-A7E1-1C2E10D70BD0}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{9587B315-072F-4385-95BC-46B08A76C38F}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C7D58D6F-0C50-41EF-88AB-9F75547C090A}C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E24D77F1-BF1B-46F7-B73B-51550E769FE5}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{76A1C009-2605-41C9-B806-45D7B4E8658A}] => (Block) C:\users\marian curdt\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7F5525F8-087F-4E37-905E-B4D93536EADF}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{413AC9E1-5089-41BE-BDBE-31D924F3FB9E}] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{E5E278A1-22DD-4D20-9228-53A109EA611E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{5209DAE4-73C0-4A0A-AA95-7E9623E443D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F4945F50-A040-4C06-850D-5283A7C4A564}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{A05CD856-F164-41CF-882B-6E6D0B751134}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{3B55DCCA-ED1A-447F-8388-0F2D4DE7C03B}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{B2B6E593-4FB5-46AF-8535-AB0E2D290192}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{6A1A5EFF-C70F-4909-91F3-3117BB0A6A8F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{0F852D05-94CB-42FE-B9EE-54913ADB4D9F}D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{BB0541E6-22E7-4DCA-8CA9-C10121F53AE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1F719D34-CD2B-4364-804C-03D662A5615A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4B564C96-ADDC-445E-B577-77FE0A1FADDA}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{E112FDD6-EC30-4C7C-8BE6-3232905C3674}] => (Allow) C:\Hearthstone\Hearthstone.exe
FirewallRules: [{91DB0DCF-9DAA-4103-B9F4-F80FC8712AD5}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{4AC3DAC3-56F7-452E-83E4-07480BC79A2C}] => (Allow) D:\SteamLibrary\steamapps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{F2237C95-7A01-4F51-B1E9-E07C1D819BD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{7C12D419-C4CF-4905-B224-52913766F1AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [TCP Query User{25CBC0CA-03DF-4522-AE5F-84300E00253A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CEF8C318-35E1-41DA-94FA-B22FB85F087C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{52B01CED-C045-44B8-81F4-6AC18A72FD31}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{64E81363-C12A-4F58-9DD8-C2351C20C09E}C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\marian curdt\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{EC4DC8EB-B522-4771-B145-6AEF84FFD918}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E28F168A-9B7B-4558-99D0-D9B9DA7F9978}] => (Allow) C:\Users\Marian Curdt\AppData\Local\CrossBrowser\Application\crossbrowser.exe
FirewallRules: [{92A2EF10-70F6-4092-9523-9B6BFA0E2AFC}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{23A0D90A-E9BC-4471-8F2C-C7F60BA49E05}] => (Allow) C:\Users\Marian Curdt\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{E6066999-7EF8-4845-8556-98047E4631DB}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{9B3D24CA-4734-4283-8A8A-5BAD58D70F38}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [{179B0E28-DDFB-4F19-B9E4-5025FAA629AF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{32FE816F-F21A-4B32-8B93-10F192A8269F}] => (Allow) LPort=2869
FirewallRules: [{DD5DAA96-CD21-40E2-AE56-14CCD086C604}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{83B96B26-28A1-4B39-B985-81F2142931BE}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{CBB85E63-52C3-4FA5-B3A6-ECE637569141}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{9DD77849-C080-4DBC-B294-0F6B9480B9AB}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{796EAB72-1677-407C-A299-8A07DD5A707D}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AD40C022-34CF-4539-B9F2-D8D0FE9BC8C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{209D83C9-69A0-4828-A4C4-4A87DE430894}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{788FE7A7-1CF1-4D4B-A5B5-BC6E55E4B832}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{722C18F0-4951-4873-AF36-C40C42A51FBA}] => (Allow) D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{D37FB4A9-B4B8-44E8-906C-1FFF652D75CA}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8DF642DD-0500-47AD-B3EE-A10A8FB059FC}] => (Allow) D:\SteamLibrary\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/28/2015 10:00:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/28/2015 08:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003222
ID des fehlerhaften Prozesses: 0x16fc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/28/2015 07:04:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/28/2015 07:04:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/28/2015 07:04:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/28/2015 07:04:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/28/2015 05:56:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e196
ID des fehlerhaften Prozesses: 0x1268
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/28/2015 05:54:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a1d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e00f
ID des fehlerhaften Prozesses: 0xac4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (10/28/2015 05:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FL.exe, Version: 1.1.3.0, Zeitstempel: 0x5208b287
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19018, Zeitstempel: 0x5609fed4
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1268
Startzeit der fehlerhaften Anwendung: 0xFL.exe0
Pfad der fehlerhaften Anwendung: FL.exe1
Pfad des fehlerhaften Moduls: FL.exe2
Berichtskennung: FL.exe3
Error: (10/28/2015 05:53:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Systemfehler:
=============
Error: (10/28/2015 09:48:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/28/2015 09:48:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIAN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/28/2015 09:48:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/28/2015 09:48:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIAN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/28/2015 09:48:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIAN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/28/2015 09:48:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/28/2015 09:48:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/28/2015 09:48:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIAN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/28/2015 09:48:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (10/28/2015 09:48:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIAN~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2015-10-22 22:00:46.413
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.365
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.315
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-22 22:00:46.266
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:07.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:07.048
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.984
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-30 11:58:06.921
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.858
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-13 21:14:07.827
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8136.93 MB
Verfügbarer physikalischer RAM: 5255.41 MB
Summe virtueller Speicher: 16272.07 MB
Verfügbarer virtueller Speicher: 13521.41 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:244.04 GB) (Free:26.68 GB) NTFS
Drive d: () (Fixed) (Total:221.62 GB) (Free:31.76 GB) NTFS
Drive e: (South Park: The Stick of Truth) (CDROM) (Total:4.23 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F85853A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
| Themen zu Firefox stürtzt immer wieder ab. |
| absturz, acrobat, adobe, anwendung, browser, code, cpu, firefox, geforce, java, meldung, mozilla, netscape, neue, neuen, nvidia, pdf, programme, system32, this, update, updates, web, windows, youtube |
WARNUNG an die MITLESER: 
Linear-Darstellung
