Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.11.2015, 14:23   #1
Redblood
 
Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm - Ausrufezeichen

Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm



Vor kurzem ist mir aufgefallen, das Avast immer deaktiviert ist und egal was ich mache sich nicht starten lässt. Zusätlich ist mir aufgefallen, das mein Arbeitsspeicher immer zu mindestens 40% ausgelastet ist (im Leerlauf 30%), obwohl ich 8 GB RAM habe. 300mb werden durch die Prozesse verbraucht, wo bleiben aber die restlichen 3-3,5 gb RAM die verbraucht werden? Ich habe mal mehrfach den Windows Defender laufen lassen und jedes Mal wurde zahlreich der Trojaner Ippedo.lnk gefunden. Gelöst hat dies aber das Problem nicht. Seit dem Avast deaktiviert ist, gibt es gelegentlich krasse fps Verringerungen z.B beim Zocken, was bisher nie geschehen ist.

Würde mich sehr freuen, wenn ihr mir hiermit helfen könntet. Eine Log von GMER konnte ich leider nicht erstellen, da der PC jedesmal dabei abstürzte.

Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Omid (2015-11-20 13:33:32)
Gestartet von C:\Users\Omid\Downloads
Windows 10 Pro (X64) (2015-08-27 11:34:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1748088528-2721310689-2990227484-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1748088528-2721310689-2990227484-503 - Limited - Disabled)
Gast (S-1-5-21-1748088528-2721310689-2990227484-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1748088528-2721310689-2990227484-1002 - Limited - Enabled)
Omid (S-1-5-21-1748088528-2721310689-2990227484-1000 - Administrator - Enabled) => C:\Users\Omid

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DSexVilla2 (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\3DSexVilla2) (Version: 2.114.001 - ThriXXX)
7 Sins (HKLM-x32\...\7 Sins) (Version: 1.0 - Montecristo Games)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Bird Story (HKLM-x32\...\Steam App 327410) (Version:  - Freebird Games)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 ME (HKLM-x32\...\Adobe Photoshop 7.0 ME) (Version: 7.0 ME - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Mythology: Extended Edition (HKLM-x32\...\QWdlb2ZNeXRob2xvZ3lFeHRlbmRlZEVkaXRpb24=_is1) (Version: 1 - )
AirPlus XtremeG DWL-G122 (HKLM-x32\...\{2B7E4354-0492-460A-BDB1-1F59EE141025}) (Version: 1.0.30 - D-Link)
Akamai NetSession Interface (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bello Civili (HKLM-x32\...\{F9EA4F2E-641A-4533-819B-F6100923D0C2}_is1) (Version: 2.0.0 - Hinkel, Willhelm, Mailman)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Borderlands 2 - Complete Edition (HKLM-x32\...\{25DDC029-E693-4062-BB96-04277DC62252}_is1) (Version: 1.8.2 - 2K Games)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 7.9 - Codeusa Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
China Localization Patcher (HKLM-x32\...\{28EEF3DA-9AA2-4195-996C-69C597110B98}) (Version: 2.0.2.0 - LokiReborn)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
CivCity (HKLM-x32\...\{994E24A6-EC47-4201-8D0B-D4563B7AD66B}) (Version: 1.10.0000 - Firefly Studios)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version:  - )
Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CrossFire (HKLM-x32\...\CrossFire_is1) (Version: 1213 - Z8Games.com)
Crusader Kings II Way of Life (HKLM-x32\...\Crusader Kings II Way of Life_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Deliverance (HKLM-x32\...\Deliverance_is1) (Version:  - )
Direct3D11 Renderer für Gothic 2 DNDR (HKLM-x32\...\Direct3D11 Renderer für Gothic 2 DNDR) (Version: X17.1 - Andre Taulien)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version:  - DIMPS)
Dream (HKLM-x32\...\Dream_is1) (Version:  - )
DriverUpdate (HKLM-x32\...\{6FF69967-0BFE-4F14-B6DF-E73783E52340}) (Version: 2.2.36428 - SlimWare Utilities, Inc.)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Elsword (HKLM-x32\...\Elsword_de_is1) (Version:  - Gameforge)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Europa Universalis IV Art of War (HKLM-x32\...\Europa Universalis IV Art of War_is1) (Version:  - )
Europa Universalis IV Common Sense (HKLM-x32\...\Europa Universalis IV Common Sense_is1) (Version:  - )
Everlasting Summer (HKLM-x32\...\Steam App 331470) (Version:  - Soviet Games)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.63.913 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.63.913 - DVDVideoSoft Ltd.)
Game of Thrones A Telltale Games Series (HKLM-x32\...\Game of Thrones A Telltale Games Series_is1) (Version:  - )
Game of Thrones Episode 3 [TeRMiNaToR] [StarDima Repack TeaM] Version 1.0.0.0 (HKLM-x32\...\Game of Thrones Episode 3 [TeRMiNaToR] [StarDima~A3BEA59C_is1) (Version: 1.0.0.0 - TeRMiNaToR)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GameRanger (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Garena - BlackShot (HKLM-x32\...\BlackShot) (Version: 2.228 - Garena Online Pte Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIGABYTE Gigabyte Wireless Adapter (HKLM-x32\...\{0E07E96A-7520-4C1A-BE34-9A2A5F2F0F89}) (Version: 1.0.0.0.01 - GIGABYTE)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gothic II - Modification Development Kit (HKLM-x32\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Grand Ages Medieval (HKLM-x32\...\Grand Ages Medieval_is1) (Version:  - )
Grand Ages Rome - Gold Edition (HKLM-x32\...\Grand Ages Rome - Gold Edition_is1) (Version:  - )
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Happy Cloud Client (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Hardcore-RELOADED (HKLM-x32\...\{B984FEBB-5953-4474-BD37-F3A6DEA90FE9}) (Version: 2.1.1 - Hardcore-RELOADED)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might and Magic 3 HD Edition (HKLM-x32\...\Heroes of Might and Magic 3 HD Edition_is1) (Version: 1.0 - ENiGMA)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IF MY HEART HAD WINGS (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\{5A0D1CE9-01BE-47E7-A019-45D5970AC1DA}) (Version: 1.00.0000 - MoeNovel)
IF MY HEART HAD WINGS (x32 Version: 1.00.0000 - MoeNovel) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\IMVU Avatar chat client software BETA) (Version:  - )
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - OP Productions LLC)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
Kingdom (HKLM-x32\...\Kingdom_is1) (Version:  - )
Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version:  - Reverie World Studios, INC)
Kings Quest Chapter 1 (HKLM-x32\...\Kings Quest Chapter 1_is1) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Legends of Eisenwald / RePack by Baracuda (HKLM-x32\...\Legends of Eisenwald_is1) (Version: 1.006 - )
LHiver BalancingFix 1.0 (HKLM-x32\...\LHiver BalancingFix) (Version: 1.0 - Marcello)
L'Hiver Edition DE Original 0.9 (HKLM-x32\...\L'Hiver Edition DE Original) (Version: 0.9 - unknown111)
Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version:  - )
Mainland (HKLM-x32\...\Steam App 366800) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Story Mode Episode 2 (HKLM-x32\...\Minecraft Story Mode Episode 2_is1) (Version:  - )
Minecraft: Story Mode - A Telltale Games Series (HKLM\...\TWluZWNyYWZ0U3RvcnlNb2RlQVRlbGx0YWxlR2FtZXNTZXJpZXM=_is1) (Version: 1 - )
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mount and Blade Warband - Viking Conquest (HKLM-x32\...\Mount and Blade Warband - Viking Conquest_is1) (Version:  - )
Mount and Blade Warband - Viking Conquest Reforged Edition (HKLM-x32\...\Mount and Blade Warband - Viking Conquest Reforg~0F961404_is1) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
My Game Long Name (HKLM\...\UDK-1f35e4a1-ceba-4957-99a7-af4b12a7f055) (Version:  - Epic Games, Inc.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Omegalodon (HKLM-x32\...\Steam App 248350) (Version:  - North of Earth)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9859afdd-1936-4f12-b362-36d541c45a7a}) (Version: latest - ppy Pty Ltd)
Patch 4.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version:  - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - RUNEFORGE Games Studios)
PlaysTV (HKLM-x32\...\PlaysTV) (Version:  - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Prison Architect (HKLM-x32\...\Prison Architect_is1) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Quake Live) (Version:  - id Software)
Rappelz (HKLM-x32\...\{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1) (Version: Rappelz - gPotato.eu)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.31.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Reus (HKLM-x32\...\GOGPACKREUS_is1) (Version: 2.0.0.10 - GOG.com)
RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
Rise and Fall (HKLM-x32\...\{D078226E-83F2-45FD-9CDE-5DA66E5ADB51}) (Version: 1.00.0000 - Midway Games)
Rocket (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Rocket) (Version: 31.0.1650.23 - Rocket) <==== ACHTUNG
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shards of War (HKLM-x32\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 56987 - Bigpoint GmbH)
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Smart-X7 7.80 (HKLM\...\WheelMouse) (Version:  - )
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Spotify (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Spotydl 0.9.37.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.37.0 - spotydl.com)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: 1.0 - PLAZA)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
Tales from the Borderlands (HKLM-x32\...\1432213337_is1) (Version: 2.0.0.1 - GOG.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\teraenmasse) (Version:  - )
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
The Klub 17 (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\The Klub 17) (Version: 6.3.0 - Team K17)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
The Sims 4 (HKLM-x32\...\{CC269FFF-85CD-408F-AC9B-FFDF919B121C}) (Version: 1.0.797.20 - Electronic Arts)
the static speaks my name (HKLM-x32\...\Steam App 387860) (Version:  - Jesse Barksdale)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Total War Shogun 2 - Fall Of The Samurai (HKLM-x32\...\Total War Shogun 2 - Fall Of The Samurai_is1) (Version:  - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.6 - Tunngle.net GmbH)
Two Worlds II Epic Edition (HKLM-x32\...\GOGPACKTWOWORLDS2_is1) (Version: 2.0.0.8 - GOG.com)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Verdun (HKLM-x32\...\Steam App 242860) (Version:  - M2H)
Victoria 2 (HKLM-x32\...\{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}) (Version:  - )
Victoria II A House Divided 2.1 (HKLM-x32\...\Victoria II A House Divided 2.1) (Version:  - )
Way of the Samurai 4 (HKLM-x32\...\Way of the Samurai 4_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Wondershare Data Recovery(Build 4.7.0.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.7.0.5 - Wondershare Software Co.,Ltd.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worldmerge by youngneil1 Version 1.4a (HKLM-x32\...\Worldmerge by youngneil1_is1) (Version: 1.4a - )
XviD 1.1 final uninstall (HKLM-x32\...\XviD_is1) (Version: 1.1 - XviD team (Koepi))

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

16-11-2015 15:21:39 avast! antivirus system restore point
17-11-2015 21:40:23 avast! antivirus system restore point
19-11-2015 11:02:49 avast! antivirus system restore point

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0882AC17-A204-491D-A418-F9C703B94407} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {15A93EF2-BD9F-4930-A438-0AF7E9DDD664} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {18222D84-177E-4D4B-90B6-30283EC52EEA} - System32\Tasks\{A30034FC-D121-42CC-BA66-1E517FC95A87} => C:\Program Files (x86)\Monte Cristo\7 Sins\GameSetup.exe [2005-03-17] ()
Task: {1FEC04F6-CBE8-4C10-8A80-E2D81AC1A3FB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {21932AF6-B998-4392-A511-54901DAA7911} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-17] (Microsoft Corporation)
Task: {23AEC51C-9E11-4E4C-AE74-DB5F904CFB62} - System32\Tasks\{3E7C5E0F-9B46-47B7-B877-E38D2BAAD368} => pcalua.exe -a "C:\Program Files (x86)\Paradox Interactive\Victoria II A House Divided\v2game.exe" -d "C:\Program Files (x86)\Paradox Interactive\Victoria II A House Divided\"
Task: {275977A5-B9F8-4195-924D-1E5A78AA78BD} - System32\Tasks\{4B8FA40D-66DC-4E53-82C8-D0B2E730C6F9} => C:\Program Files (x86)\Monte Cristo\7 Sins\THE7SINS_RETAIL.EXE [2005-08-18] ()
Task: {27842150-2FEF-4A88-9702-44CCA2A4AE06} - System32\Tasks\{2001361D-037B-4134-BE09-264413AAD004} => pcalua.exe -a D:\atisetup.exe -d D:\
Task: {3463E345-CC5F-492B-AB84-E7491622C56B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {37727301-FD56-4DE9-8EE0-4D70F1533ACC} - System32\Tasks\{F57D1A98-9020-4C8F-B1DC-F6770E79081F} => pcalua.exe -a C:\Users\Omid\AppData\Local\playnowradio\playnowradio\1.3.17.5\playsetup.exe -c /uninstl
Task: {37DB6BAC-59EE-4077-AC32-0CF6D3C91B03} - System32\Tasks\{012136E6-CACE-462B-98EB-790BA386FAD9} => C:\Program Files (x86)\Monte Cristo\7 Sins\THE7SINS_RETAIL.EXE [2005-08-18] ()
Task: {406F379A-D5B3-43F3-8267-3578181E26E9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {40E8345A-49BC-4E01-8FBB-330ED470F80A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {42A824E0-9F37-4D7B-BE18-F331CB99EA45} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {45848778-DC57-43EE-9492-AA3AFF8526BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4C540B11-9CB0-4F49-8673-8D8ADBDCDC54} - System32\Tasks\{C804F0BC-7A11-4D10-8E42-D1C45E1C8A0D} => pcalua.exe -a "C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution\NSUNSR.exe" -d "C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution"
Task: {4DF3BA5C-4367-468C-85F9-74B3DA883372} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {504A9AA8-F5BC-4B76-8B23-9B7D92F5D724} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5BF6B03B-E774-4560-988A-00CAF5CF3DD9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {64B264F6-5C42-48B2-B6B7-578A224EC779} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {71CEC979-F331-4871-A74F-65E7E9EE36FC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {73C2643F-9CFA-4D5C-A6A2-58B06FAB8311} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {743D0348-3983-432D-9AA3-D43B27FC957B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {75451E8B-85D5-4814-9E44-0C39A98AD0F0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {760A7068-C1AA-4417-956D-95DF769F12CF} - System32\Tasks\{8457E403-6B4E-4462-8670-89910AF38C50} => pcalua.exe -a "C:\Program Files (x86)\Haemimont Games\Grand Ages Rome - Gold Edition\Rome.exe" -d "C:\Program Files (x86)\Haemimont Games\Grand Ages Rome - Gold Edition"
Task: {7B648936-4C20-4160-B4CE-605C3F437D65} - System32\Tasks\{CF979E02-E3A2-4DB9-B12C-D7D293D5F0E9} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {7DD4FB68-58AB-448C-8C8C-C60AA04C28A5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {89CB1350-8AB2-4C0A-8BC5-2D4A8E5A0398} - System32\Tasks\{4AD9E5D4-7BB2-4E32-993D-B4FBD0CD5BF7} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {8AE7E897-57D0-43C4-80A1-D476A3180DD8} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {8CC9BE8E-9801-416B-BF9F-4499A19803A7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {99F23056-5557-4115-81EF-641F8C173ECC} - System32\Tasks\{C1D5B751-A7D2-46CE-AB3A-890333427439} => pcalua.exe -a "C:\Program Files (x86)\Monte Cristo\7 Sins\GameSetup.exe" -d "C:\Program Files (x86)\Monte Cristo\7 Sins"
Task: {9ACAC412-DFDC-4007-905C-0CCBDCACBD07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A5BC39F4-D543-48C4-A3AD-678C9FC4768E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {A6AC575E-2522-4CC2-9B82-AE85F1BF2497} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {A7C86E62-31A8-4D70-8382-E76174CE7F66} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A957B2DF-9EFD-4C0E-83D9-84840E7D210D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {AA66296A-7245-4DC3-9977-869976F4CAC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B10C4FA9-7C5F-4705-95F1-EB12B23D981D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {BB346581-C7CC-4219-B8CC-8484A696C7F5} - System32\Tasks\{842F8C88-2F89-42D0-A4A2-86915CACA2DD} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {BE67262E-7603-43C3-BEE3-1C6BEB0C49D9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {C6B41CEE-DC6C-4638-A183-469DE4931DEA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C83ED000-AF5A-4045-AC81-E915E5D76AF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C9707A2F-E877-4AEE-8673-655AA2E54D5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CA0933FF-3597-4E16-A3B7-885078DAEFE6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CA973DDE-2074-4E61-BD6F-5C9F94DFBF69} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {CD22212A-FC03-442D-A889-684769AA66E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D07C6E65-A4F6-4995-8D6C-6A21C4A2E345} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D99CD2CD-230F-4EFF-A25F-ABDEA8F8D5CD} - System32\Tasks\{F0CA0C71-DBAE-4C63-BD44-F50E6F9FFBB4} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {E1BA8930-8A68-43F5-BDA1-D39776856955} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {EA8981BE-28FD-4DDA-87DF-4A398AA5EB2F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {EB84319E-DED2-448D-8951-91BF78ADC2EF} - System32\Tasks\{08C870C9-4D03-4E6B-BFF2-B2AD467833E8} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {F3BFC09D-5DEC-42B2-8A1F-43F46B61A8BB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-19] (AVAST Software)
Task: {FD4B077F-0B1A-4332-81D7-089F9154409F} - System32\Tasks\{C86FA3B3-AF00-40BD-8F00-18F57D39591F} => C:\Program Files (x86)\H\Binaries\TK17_Launcher.exe [2011-09-30] ()
Task: {FDA19E60-6022-4D75-AC7B-6AB9C0353F62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {FF38C1A6-7D08-4F7C-B939-0E47C4C5342C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-27 00:32 - 2015-08-27 00:32 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-27 00:32 - 2015-08-27 00:32 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-10-16 21:56 - 2014-10-16 21:56 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-02 11:36 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-02 11:36 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-02 11:35 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 11:36 - 2015-09-17 06:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-02 11:36 - 2015-09-17 06:43 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-02 11:36 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 11:36 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-02 11:36 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 11:36 - 2015-09-17 06:49 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-02 11:36 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 11:36 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-27 00:32 - 2015-08-27 00:32 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-08-27 00:32 - 2015-08-27 00:32 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node
2015-07-10 12:00 - 2015-07-10 17:44 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-08-27 00:32 - 2015-08-27 00:32 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2014-06-24 14:54 - 2000-01-01 01:00 - 00196608 _____ () C:\Program Files\Mouse\Amoumain.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-06-12 21:41 - 2015-06-12 21:41 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-12 21:41 - 2015-06-12 21:41 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-12 21:41 - 2015-06-12 21:41 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-14 21:05 - 2015-11-13 18:47 - 50678592 _____ () C:\Users\Omid\AppData\Roaming\Spotify\libcef.dll
2015-03-14 21:05 - 2015-11-13 18:46 - 01880896 _____ () C:\Users\Omid\AppData\Roaming\Spotify\libglesv2.dll
2015-03-14 21:05 - 2015-11-13 18:46 - 00081216 _____ () C:\Users\Omid\AppData\Roaming\Spotify\libegl.dll
2014-07-13 14:42 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-24 22:26 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-07-13 14:42 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-24 22:26 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-24 22:26 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-10 18:11 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-10 18:11 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-10 18:11 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-10 18:11 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-10 18:11 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-07-13 14:42 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-13 14:42 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Omid\Desktop\fan_art_samurai_champloo_by_chuydeleon-d49xvvz.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\4Story\PrePatch.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Omid\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Omid\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{ABD7BC6A-7ABB-427E-892D-5BDF8FB1D8C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{B0033B3F-E219-45EE-B67D-25E2357C96CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{5E1F7B93-A5E4-427F-80AC-522A020A000C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship Tutorial\ship.exe
FirewallRules: [{353BF4F0-9871-452E-8A1E-34C53CEF0D5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship Tutorial\ship.exe
FirewallRules: [{1AD34073-B5F0-4198-B822-877B20A5A376}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship Single Player\ship.exe
FirewallRules: [{0BAF2EEB-8A71-46DD-ACAC-E36BD0CC9687}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship Single Player\ship.exe
FirewallRules: [{2E63D3A8-802C-4598-BA68-42423E3E4BD5}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{CC3A096D-7B5B-424D-9EAC-228B4B706ACC}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{4D1A4EFB-DCF9-4D26-BD02-A4F91AD5908B}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{EBCFDCDC-58AB-4095-84B0-8B8A90C3396F}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{C8B44385-24E0-454C-9E47-72510A61E206}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship\ship.exe
FirewallRules: [{887AF338-97DC-4BC8-A69E-3E1B7DD13FDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Ship\ship.exe
FirewallRules: [{C0D625A0-A10A-4878-A6D1-3C2260AE58FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [{5E155A9C-8E83-4B69-B3AC-51C6B0C7FFA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the static speaks my name\thestatic_win.exe
FirewallRules: [{FAB25E96-CB90-44A3-99AB-78C26F82C001}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{D0EA4EDC-1680-4AAD-A9CA-073D13BF6FCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [UDP Query User{60004AC8-AD3A-477D-9055-83A1E2FAFEB3}C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4_server.exe] => (Allow) C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4_server.exe
FirewallRules: [TCP Query User{10124383-099C-4456-8F78-3D73F9EA5292}C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4_server.exe] => (Allow) C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4_server.exe
FirewallRules: [UDP Query User{293C4262-24FD-4908-AC42-40BF3CBC9C62}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaalt.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaalt.exe
FirewallRules: [TCP Query User{26243734-D274-46B5-BD8A-EA03C74D3DE3}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaalt.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaalt.exe
FirewallRules: [{161E3733-7517-405D-94BA-A1DD0752952E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{47367DD6-ADE5-4E71-9F84-8D8E86F5E212}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{49FF5D7B-40C5-4ADD-A3DD-46E62A1951CE}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F71C45F6-5D2F-4667-AE51-31F1EB643169}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [UDP Query User{7C952E01-4215-4EE8-A067-323FCBD0847A}C:\program files (x86)\dream\binaries\win32\dream.exe] => (Allow) C:\program files (x86)\dream\binaries\win32\dream.exe
FirewallRules: [TCP Query User{E3F98945-A146-47E5-BE45-C9A26C75D81E}C:\program files (x86)\dream\binaries\win32\dream.exe] => (Allow) C:\program files (x86)\dream\binaries\win32\dream.exe
FirewallRules: [{E53F6A25-49BA-42EB-98C8-3A8305950189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\VillagersAndHeroes\AMysticalLandSAC\VillagersAndHeroes.exe
FirewallRules: [{5FAEE906-E122-49E6-A7AD-5955633E9D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\VillagersAndHeroes\AMysticalLandSAC\VillagersAndHeroes.exe
FirewallRules: [UDP Query User{7A54F651-1A8E-4F0D-A267-17D618770B13}C:\program files (x86)\kings quest chapter 1\binaries\win\kingsquest.exe] => (Allow) C:\program files (x86)\kings quest chapter 1\binaries\win\kingsquest.exe
FirewallRules: [TCP Query User{6E2278F3-5A29-4E46-8DCE-9BF015844976}C:\program files (x86)\kings quest chapter 1\binaries\win\kingsquest.exe] => (Allow) C:\program files (x86)\kings quest chapter 1\binaries\win\kingsquest.exe
FirewallRules: [UDP Query User{A02A978C-B065-4BF4-9828-120CDAD8E54E}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C5F9ED49-4EA0-4455-A9F4-A60AE5BE4030}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{F14B069D-80CD-45E2-957A-A2E94FD82D90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{05965220-9AC3-4D2E-981E-D63F4C274B3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{813B5E5E-38CC-40E9-8F7F-88160FA71974}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [TCP Query User{72067A8D-580E-4BA9-ADCD-FBB68D6D8FE8}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [UDP Query User{4C6633A1-3F79-4BF9-8EA4-08AA21FFA54F}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{A7862498-4248-4E4E-941B-97D43C8446B1}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{3B504180-4548-45C8-BEB4-06FB7916D326}] => (Block) %SystemDrive%\GOG Games\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{C2C29CAE-6B92-4C31-8F29-816BE8A6F316}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{87959747-9EAC-45F5-B695-43F48441782F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{1AC6038F-0428-49F5-8126-207BB78FA873}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{65ADFBFC-F801-4E9E-BD28-86B87836DCC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [UDP Query User{1C53CDA9-89DB-4970-8A3C-FEDCE73D81A9}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{07117485-C76D-4FCD-889B-9D471E3CA5D8}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{CCF4CCF4-D91B-46F7-9227-2FCF24D5D7F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{CB6BE4A7-1AA8-43BE-89D3-BFB48C1358C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{E0388EA8-B81B-4556-A03C-6F1EA79C153F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{C33F9E59-B3F6-414E-A21C-99F89BC7B4F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{D9CD9518-30B5-463B-883A-A90B86134847}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8284DA47-9DDB-4DBB-A882-0077F7E06E54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{F6ABB22E-5A11-4057-A4F5-F6DAFE8EACF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{8631A8EC-EFE2-468C-8FA7-B2157291E957}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{F3B3476B-3F0F-4249-AE08-B8EF125BD687}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A0DB1E5E-78BE-4963-B38F-D84B753035E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{540BC9E0-37DC-4AF9-B8D8-545FEC321201}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{4CD6BB98-3D42-48D5-9ED4-7759DDDDAB46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{604BC764-E995-43B3-B769-1630851B518B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{E91DFBAC-1689-4198-A956-0F34E8F874A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{8EF9F0D5-B4AB-45D2-A896-1CC314ECB231}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{BE2BE4EC-CBF2-43ED-A089-5F72C2F9D7E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{C65593A1-045C-432B-9444-5943DB5E1703}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{C55E8487-B4A1-4739-A327-CD6582C7458B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{6D4553E5-12F2-4A32-BECC-F8B74D457480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A Bird Story\A Bird Story\A Bird Story.exe
FirewallRules: [{D8C81951-3A24-4B16-AC57-BA6AB8F6986B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A Bird Story\A Bird Story\A Bird Story.exe
FirewallRules: [{F0574176-991C-4A16-97E9-C31B475993CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{BDDD9EEB-97EB-4775-BC51-A369CBCC6724}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{89998D36-B2DF-4A5C-BF09-32B148A6B1E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Omegalodon\Omegalodon.exe
FirewallRules: [{A68620FB-6867-47DA-8CF7-6AB2AC07E8F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Omegalodon\Omegalodon.exe
FirewallRules: [{548195F8-EDF5-491A-8B74-A90009060539}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mainland\instead-mainland.exe
FirewallRules: [{90EE7E25-0A95-443B-B4A9-E41EC84C50C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mainland\instead-mainland.exe
FirewallRules: [{029F65A9-F848-4D4D-826B-2086035E52DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{6AEC5562-A8C9-4B15-B19A-CD55E05F5ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{C420F8C4-C74C-4367-AEC5-CA2CEC4EA8A4}] => (Allow) %ProgramFiles% (x86)\The Guild 2 - Renaissance\GuildII.exe
FirewallRules: [{136F6848-7C52-4697-8818-C3E9705C0D68}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{D8CDAAA4-8E5E-489A-8978-166640A07B58}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{7191187A-163C-439E-99DE-939A9796B850}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AE198043-FE10-4F53-A21A-E1A7F032A753}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{68E1581C-0B6C-48B6-8622-A2A74649EEDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{CDCF959B-7FB9-41CE-9505-D6398B96E323}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{4BD117A9-7B46-4A6D-8173-67DCEDB89262}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{53A90A18-71F1-4B05-A3B7-08AA0A5168DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{E102A9F2-CD73-43B9-B73D-BD85F4BEE32A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{317ED92D-D305-4280-BA4D-2ABB3AA0A752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{6A9A259C-C946-41FA-A244-A22F95D04E49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{73E5E527-256E-41AC-8BC3-062C36895587}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{D8CC9CE2-3ACC-4F22-B26C-2FA9C43F2D03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{2DBFDDE2-D74A-422A-B0CE-65F6D8A4F12E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{2BBA54CE-CECB-4E25-B5F8-70D8911943C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{A704E1D3-7A4B-41D8-8818-CF3F1B7FD4BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{63B4F07C-E50B-4750-868C-D94A5303170D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8D300F1E-BA12-45D0-B479-8A3C33254BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{21BE90BE-23CF-4806-A9F3-F5ED4396A8C0}] => (Block) %ProgramFiles% (x86)\Electronic Arts\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{4D0276DD-44FB-43F6-94A1-57CA8D20C81D}] => (Allow) C:\Program Files (x86)\Game of Thrones A Telltale Games Series\Thrones.exe
FirewallRules: [UDP Query User{1219C836-2B36-46A1-9545-DF8C4F3BAB49}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{2E7A469B-2262-4F74-9D1F-AB58DD0B1485}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A61260F2-F44B-4882-A9E2-6D26F1D26AE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{6C87550D-D28F-43C0-9D07-E36567C71FE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [UDP Query User{8C921CDF-40A1-4C38-9107-851A588F9208}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{92BE2A33-9D20-4847-8A8C-6ABD3547EC79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7C600BCC-5D4B-4653-93D8-04EE3E43C7AA}C:\users\omid\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\omid\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CEA4DC4A-7FB9-4350-B775-4F6E2C273238}C:\users\omid\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\omid\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{172206DC-2A85-42C5-BD0F-47BBE5AE854C}C:\users\omid\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\omid\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B6E8FD49-E6AB-426E-8F0D-AE2BCD3828D4}C:\users\omid\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\omid\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E144FEA7-BE02-4568-9211-7BB65CCDA93C}] => (Block) C:\Program Files (x86)\Game of Thrones A Telltale Games Series\Thrones.exe
FirewallRules: [{D464075B-0B48-4501-9716-AFD0ADF8AB4A}] => (Block) C:\Program Files (x86)\Game of Thrones A Telltale Games Series\Thrones.exe
FirewallRules: [{4E3F4C4E-BB58-4302-81E3-E8E2E1B5D1F4}] => (Block) C:\Program Files (x86)\Game of Thrones A Telltale Games Series\Thrones.exe
FirewallRules: [{FB9FB34B-9357-468F-AAC3-657C2C9C0C17}] => (Block) C:\Program Files (x86)\Game of Thrones A Telltale Games Series\Thrones.exe
FirewallRules: [{0BE97944-E6A8-4B81-9E34-FA6D1AD38718}] => (Block) C:\Program Files (x86)\SEGA\Total War Shogun 2 - Fall Of The Samurai\Shogun2.exe
FirewallRules: [{70E72696-5B6C-4D58-9B27-B0B6F5B31730}] => (Block) C:\Program Files (x86)\SEGA\Total War Shogun 2 - Fall Of The Samurai\Shogun2.exe
FirewallRules: [{C0DA964B-3240-41FB-ADD7-316775B3F63D}] => (Block) C:\Program Files (x86)\SEGA\Total War Shogun 2 - Fall Of The Samurai\Shogun2.exe
FirewallRules: [{65EC8419-4B7A-439C-AE32-F954EEC42780}] => (Block) C:\Program Files (x86)\SEGA\Total War Shogun 2 - Fall Of The Samurai\Shogun2.exe
FirewallRules: [{F63F8D5B-AD37-40D7-A083-8CD27CEA533E}] => (Allow) C:\Users\Omid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D5F6FD0-4BF3-4C0E-BD11-DDF147651825}] => (Allow) C:\Users\Omid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE8EF06D-FD06-4AD7-AFDB-782AAF43AF52}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{B1EC7CB8-F9DB-417E-B88E-BF9A110AA865}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{D99DCF6F-B1F1-45D0-A1FC-B9798D2AD1F6}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D25FBD9A-EC3F-4380-A17B-DF80A79BB408}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [UDP Query User{343CD691-59AF-4864-BB7A-4EA61CD3B0EF}C:\users\omid\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\omid\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{2D757432-2132-4043-AFB2-3136F79C6AB1}C:\users\omid\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\omid\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{1DADF538-4A87-4574-A4C4-7AB97A5B699B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{057A674F-71C2-4C9E-A88F-395480A3B004}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{6EB8934D-29B1-447A-BDB9-52FC5542A872}C:\program files (x86)\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [TCP Query User{56A8FFC5-FC08-409E-B8B0-C1A4C65AFCB0}C:\program files (x86)\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [{3394A10A-11DB-40D1-A2A4-F8856B04C2A9}] => (Allow) LPort=1900
FirewallRules: [{74590338-3C1B-4E02-8073-0422602D2061}] => (Allow) LPort=2869
FirewallRules: [{DF90F866-615F-436D-91BB-55DB689EA277}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{77DAA82A-4FF6-42D4-8C7A-553F934710C8}] => (Allow) C:\Users\Omid\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{441D1CDD-7810-4427-80C9-1AAA17423883}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{52977CB7-CA4D-41FF-8CF0-B1AF5D28C2CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{A2BB78C9-B89D-4777-B470-5B4414B014F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{296DE5E4-5934-4414-8826-1EBB2B13872D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{B265203E-6F68-42CE-89EA-12A4606895BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{9CD8DEEF-F58E-4D10-B063-4A05A70B703B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{7B303C7F-E559-4822-AB62-19C3FCC1CC65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{BCA22691-7C86-4708-9EDB-077C72DF3A84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{9D5465A2-E936-479B-A7C7-E82F39F09082}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{9B8CF2EA-1776-48AA-8F56-44910811B2BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{376BCF94-9584-4B1F-8694-E2B4C78A396C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{20D904C0-0DCC-4DD6-8973-F0E378B6F7AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{29A8C3BF-7B9C-4E97-84C9-06903355FA73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F714BA8D-8976-418A-9DE5-FB97E775BE15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [UDP Query User{224279D5-A5A9-4763-A328-53E11941B1E8}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{FF945678-87BE-4E76-B790-659415B10E7C}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{BB5C4801-9D77-4B32-A0F4-63A263EC7BC2}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{8303CBBC-007B-463D-8D99-9184F999926C}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{D7298FBA-65AD-445B-9732-36A44D02CECE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{45932CC5-9389-44F4-AAA8-3128081B96A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [UDP Query User{522A140C-71FA-4FAA-AF8D-DF25D784D6CD}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Block) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [TCP Query User{D21D7C23-DE65-4BC4-A71E-EE72EEE238BA}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Block) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [{21A62B5C-65DA-42EA-9B0B-18969C3714A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6A3B12EC-F4F3-4767-B325-A3222DEC944F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D1C1F3E-D4A4-4B28-B4E1-9066D071347F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{017FDF35-E03C-42C4-A5CA-4C58F6D1BC56}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{65B1CE10-1B65-4D3E-A8C4-87936C95309E}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4982B966-3E2A-4762-87DD-4CF2260AFAB3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{0FBF4522-EE54-48DF-A519-77FDC52094EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{25DC57B6-897A-48F7-9987-27C4B8D278F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{40A3555D-3995-4CB0-8367-3AB1105115C9}] => (Allow) C:\Program Files (x86)\Midway Games\Rise and Fall\RiseAndFall.exe
FirewallRules: [{92D5298E-3D33-4C98-A7C1-1CA2ADFF295B}] => (Allow) C:\Program Files (x86)\Midway Games\Rise and Fall\RiseAndFall.exe
FirewallRules: [{FEE09451-F076-49F3-A529-782348E9BA74}] => (Block) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{72D74D7F-6001-42CC-8CAC-AD21FA781023}] => (Block) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0D162504-B583-47D3-A180-769A0B6988EA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B4A33C7B-C2B1-4C39-96D3-67AF3D768559}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5C5B886B-D1CC-4D3C-9626-73BD136D5841}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6795A8CC-CC86-4723-84E9-0EA24983B434}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2B0C10ED-80EC-4B85-8288-64351F30EB39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{961B9FA3-F897-49C0-BC54-4A2419AE4E28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A29BB6AB-F9E4-4E1D-A2FB-C6A7FD96E15C}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{FC949607-7DDB-428F-B45C-0EE8C4CC2DFF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{9BD181C9-DBA9-4BF4-B9DE-23D6E7E86EB6}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{14F21282-01FF-4EA9-8D20-6D83738E0DD4}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{7C112BF8-2050-4709-90C1-13A5A52FC33F}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{7338E750-6AC5-421D-956E-FA09DE49F487}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{EF7ED8C8-83AF-426D-9A71-9032817B6662}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{017DB71C-8909-4A1A-9072-426376E459F7}] => (Allow) C:\users\omid\appdata\local\akamai\netsession_win.exe
FirewallRules: [{CD5E2E25-855C-43FF-AEEF-2940705A3791}] => (Allow) C:\users\omid\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4C9863C-5AB6-45E2-9B1D-2C001074072B}C:\users\omid\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\omid\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{76619E51-1D1D-47C6-96E2-E6F459E81C5D}C:\users\omid\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\omid\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C557C073-181C-4CA2-8ADB-C30E1FEED26F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AFD37023-6FDF-4E89-9D97-3A9B45F7F5BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D581131C-A022-4F66-BCBC-FD0009B1FD9B}] => (Block) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [{D51819DF-08DC-4722-B428-52FB5CCEA8DE}] => (Block) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{434809A1-54CE-4A3E-9417-49FFD8C1F59E}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [TCP Query User{7AB41AF9-09E2-4E98-B31B-CBBDDB60B948}C:\program files (x86)\cossacks - back to war\dmcr.exe] => (Allow) C:\program files (x86)\cossacks - back to war\dmcr.exe
FirewallRules: [UDP Query User{15553B9F-7C3E-4966-AD2B-03EC4A7D7B98}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7FC1A282-BFB0-4A3B-A27E-020A3E2D2DAC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DE8CA17F-DA4A-4570-9B27-1BFF3E4D80DA}] => (Block) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe
FirewallRules: [{49E83784-2952-4628-B69A-DDAE827C344E}] => (Block) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe
FirewallRules: [UDP Query User{C468C92B-CB8B-45C5-8CA0-08591801F5AD}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe
FirewallRules: [TCP Query User{4C4788B1-6032-4875-BF35-5DD0EDB3BB3D}C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe] => (Allow) C:\program files (x86)\r.g. mechanics\total war - rome ii\rome2.exe
FirewallRules: [UDP Query User{59538898-87CC-4F4D-9B81-A92AF96E4D83}C:\users\omid\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\omid\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [TCP Query User{DC081113-58E6-4C53-B542-7C3691C9AF81}C:\users\omid\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\omid\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{D6815FB9-40DB-4CC4-8076-FC36DB416DFE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{04F6B12C-9513-4D30-8B98-6A819E94F543}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{4B246F28-AFE0-408E-A46F-3E7A0EBCB154}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF7EB04F-AFC1-4F41-95FE-9B0F6C75143B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A648B029-075A-45BB-BA4F-1B1B6258CD0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CF6037B5-17F3-4B9C-BB8E-46E8A0FBE40A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{6B525600-DDD9-450C-9A89-B929B85F9B99}C:\users\omid\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\omid\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{2637BED6-65AC-4FC3-AB49-BAAE96F86AD9}C:\users\omid\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\omid\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{CAC9A626-1DFF-4EB5-B8AE-921675E2213F}C:\program files (x86)\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files (x86)\the guild 2 - renaissance\guildii.exe
FirewallRules: [TCP Query User{9DF9E93C-A69F-43E0-9326-545CBC3596FA}C:\program files (x86)\the guild 2 - renaissance\guildii.exe] => (Allow) C:\program files (x86)\the guild 2 - renaissance\guildii.exe
FirewallRules: [UDP Query User{3652B8A8-E290-45DA-A7F4-5A37476B062F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{754BF21A-8019-4F54-8350-4154A0877BF2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E3C80B78-917F-4F71-9A87-22FDE630A1FF}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{B1044025-A3F3-42D5-ACB4-C9EA93D5BDCB}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{C507EDE8-4B6C-480C-8DBB-5585B5833BE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{73F51CCD-C00A-4507-908F-3924155F7E8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{E5751B53-F2F3-4B14-B91A-22E25425B444}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{36B86FC8-3C17-4F9C-9BF5-A9E61D0DC8A7}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{E3CD1F4E-8F1D-4F49-8E65-E8E713A017A8}C:\program files (x86)\grand ages medieval\grand ages medieval\grandagesmedieval.exe] => (Allow) C:\program files (x86)\grand ages medieval\grand ages medieval\grandagesmedieval.exe
FirewallRules: [UDP Query User{154A3144-F78F-46A0-861C-A6D726D2B38D}C:\program files (x86)\grand ages medieval\grand ages medieval\grandagesmedieval.exe] => (Allow) C:\program files (x86)\grand ages medieval\grand ages medieval\grandagesmedieval.exe
FirewallRules: [{1F89B848-52A7-440E-B10A-658A8864CBEC}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5A28F48D-5562-4529-AE9B-D584737B919E}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{9052D38E-8C5D-4E22-A221-385028E197B5}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{89212586-ADD2-4057-A492-10B6F18120CD}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{CD13683A-DEF6-45F6-853E-6BCE12319852}C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4.exe] => (Allow) C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4.exe
FirewallRules: [UDP Query User{2E6A81F4-B4F7-49BE-A8A7-2BA0CCA56B38}C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4.exe] => (Allow) C:\program files (x86)\paradox interactive\europa universalis iv common sense\eu4.exe
FirewallRules: [{6A58942E-8057-4B87-8A32-37328342D67F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{86BF6104-FE75-4619-B5D1-716A46AEC921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{F275B307-AB3A-4A98-815A-E16BF7CA2C63}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{83E236AF-DAC1-4E09-82B5-E1878C6E85C9}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{7077064E-06AE-42AE-AD52-8EF3DEB6E375}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{39302557-5673-41F3-A9D9-3AC4BB8A0ADA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AC329DA-66A5-4DA3-A751-84263A9ECE66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/20/2015 01:05:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 711c

Startzeit: 01d1238bc973d62d

Beendigungszeit: 2

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 0d43a5dd-8f7f-11e5-9bee-001a7dda7109

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/20/2015 00:35:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mb_warband.exe, Version: 1.0.0.0, Zeitstempel: 0x55e9a89a
Name des fehlerhaften Moduls: mb_warband.exe, Version: 1.0.0.0, Zeitstempel: 0x55e9a89a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ff64
ID des fehlerhaften Prozesses: 0x6e74
Startzeit der fehlerhaften Anwendung: 0xmb_warband.exe0
Pfad der fehlerhaften Anwendung: mb_warband.exe1
Pfad des fehlerhaften Moduls: mb_warband.exe2
Berichtskennung: mb_warband.exe3
Vollständiger Name des fehlerhaften Pakets: mb_warband.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mb_warband.exe5

Error: (11/20/2015 00:14:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OMID-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/19/2015 02:56:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2744

Startzeit: 01d122d1fd64d110

Beendigungszeit: 35

Anwendungspfad: C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

Berichts-ID: 4a20430b-8ec5-11e5-9bee-001a7dda7109

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/19/2015 01:44:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/17/2015 09:40:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/17/2015 00:55:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OMID-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/16/2015 08:25:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.13.80.101, Zeitstempel: 0x561eb505
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.10240.16590, Zeitstempel: 0x563ad155
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00453cab
ID des fehlerhaften Prozesses: 0x13a8
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Vollständiger Name des fehlerhaften Pakets: Skype.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Skype.exe5

Error: (11/16/2015 03:45:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 34c

Startzeit: 01d1207cf1c5cf5f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: b6b0e103-8c70-11e5-9bed-001a7dda7109

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (11/16/2015 03:45:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OMID-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.


Systemfehler:
=============
Error: (11/20/2015 00:14:18 AM) (Source: DCOM) (EventID: 10010) (User: OMID-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/20/2015 00:14:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 00:14:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 00:14:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 00:14:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/19/2015 07:30:22 PM) (Source: DCOM) (EventID: 10016) (User: OMID-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Omid-PCOmidS-1-5-21-1748088528-2721310689-2990227484-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (11/19/2015 07:30:22 PM) (Source: DCOM) (EventID: 10016) (User: OMID-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Omid-PCOmidS-1-5-21-1748088528-2721310689-2990227484-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (11/19/2015 05:19:32 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "OMID-PC" auf Transport "NetBT_Tcpip_{8D6A05F9-6FE2-4E25-BFC8-88FF7A7FC9D9}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (11/19/2015 05:13:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{8D6A05F9-6FE2-4E25-BFC8-88FF7A7FC9D9}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/19/2015 04:53:46 PM) (Source: DCOM) (EventID: 10016) (User: OMID-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Omid-PCOmidS-1-5-21-1748088528-2721310689-2990227484-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6100 Six-Core Processor 
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8174.11 MB
Verfügbarer physikalischer RAM: 4252.68 MB
Summe virtueller Speicher: 8686.11 MB
Verfügbarer virtueller Speicher: 4623.77 MB

==================== Laufwerke ================================

Drive c: (Windows7) (Fixed) (Total:930.97 GB) (Free:140.51 GB) NTFS
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 85EAEEE9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 20.11.2015, 14:24   #2
Redblood
 
Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm - Standard

Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm



Frst

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von Omid (Administrator) auf OMID-PC (20-11-2015 13:30:51)
Gestartet von C:\Users\Omid\Downloads
Geladene Profile: Omid (Verfügbare Profile: Omid & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files\Mouse\Amoumain.exe
(Akamai Technologies, Inc.) C:\Users\Omid\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Omid\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Spotify Ltd) C:\Users\Omid\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Omid\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Omid\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Omid\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Omid\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [WheelMouse] => C:\Program Files\Mouse\Amoumain.exe [196608 2000-01-01] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\PlaysTV\playstv_launcher.exe [56080 2015-08-27] (Plays.tv, LLC)
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Omid\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [Spotify Web Helper] => C:\Users\Omid\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-13] (Spotify Ltd)
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [Windows Update] => C:\Google\Windowsupdate.lnk [0 2015-03-24] ()
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Run: [AdopeUpdate] => C:\Google\GoogleUpdate.lnk
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\MountPoints2: {b8824a42-471a-11e5-8ca3-3085a94266a8} - "G:\Setup.exe" 
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\MountPoints2: {c5712a3e-3699-11e5-b373-3085a94266a8} - "E:\setup.exe" 
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\MountPoints2: {c5712c90-3699-11e5-b373-3085a94266a8} - "F:\Setup.exe" 
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Omid\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-12-03]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f5b7e91-30c9-440c-bae5-ec09e0c09d45}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{407a360f-136d-4480-afd8-477d8e4f9f81}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{847cee0d-471e-4d5d-93a5-d6c7cdba4e52}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8d6a05f9-6fe2-4e25-bfc8-88ff7a7fc9d9}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{aeb57330-6323-4fe9-8b93-c60e99e98424}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{e7cfc484-19ee-4dc3-abe7-0d66b4374a56}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWIwhbVl8XFBgacwxbTA0SEwAOIQ9ZVxQSFVBAcVwPA19DFQAFIk0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-dd__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQxbUFpGR1MWbQALVFpcFVYRdRRZV1hHDFYXJVoJBA4TRwcXdR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQxbUFpGR1MWbQALVFpcFVYRdRRZV1hHDFYXJVoJBA4TRwcXdR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQxbUFpGR1MWbQALVFpcFVYRdRRZV1hHDFYXJVoJBA4TRwcXdR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQxbUFpGR1MWbQALVFpcFVYRdRRZV1hHDFYXJVoJBA4TRwcXdR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1748088528-2721310689-2990227484-1000 -> {3A3D5A8F-0EBD-4C0A-8F58-E99CE649D00C} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-02] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll => Keine Datei
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-02] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1431173072455
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Omid\AppData\Roaming\Mozilla\Firefox\Profiles\6yzmojz3.default-1420306125037
FF NewTab: hxxp://google.de
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Default
FF Homepage: google.de
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQxbUFpGR1MWbQALVFpcFVYRdRRZV1hHDFYXJVoJBA4TRwcXdR9aFQQTR0cFME0FB18EURNNfWtdEkwdVUZrNVs=&q={searchTerms}
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1748088528-2721310689-2990227484-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1748088528-2721310689-2990227484-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Extension: Adblock Plus - C:\Users\Omid\AppData\Roaming\Mozilla\Firefox\Profiles\6yzmojz3.default-1420306125037\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-26]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Kein Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-20]
CHR Extension: (Google Docs) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]
CHR Extension: (Google Drive) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-28]
CHR Extension: (YouTube) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-28]
CHR Extension: (Google-Suche) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (Google Tabellen) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Skype Click to Call) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-28]
CHR Extension: (pbegekjleoplkhibgbmkmnnfffcpfanh) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh [2015-01-05]
CHR Extension: (Google Mail) - C:\Users\Omid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-1748088528-2721310689-2990227484-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-12] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-08-05] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-27] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
U2 OneSyncSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-22] (Electronic Arts)
U3 PimIndexMaintenanceSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-16] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH)
U3 UnistoreSvc_Session10; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-27] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-08-27] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-27] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-08-27] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-05] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-19] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-19] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-31] (Disc Soft Ltd)
R1 MpKsl11d9bccc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2296274-C5E0-4779-9EC5-6FFA1F7777C2}\MpKsl11d9bccc.sys [44928 2015-11-20] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R1 QqGameMasterControl; C:\Windows\system32\drivers\QMTgpNetflow764.sys [47928 2013-12-13] (tencent)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [610816 2008-01-16] (Ralink Technology, Corp.) [Datei ist nicht signiert]
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-16] (Razer, Inc.)
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
R0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [79800 2012-06-19] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
R3 tap0901t; C:\Windows\System32\drivers\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [910992 2014-08-14] (TENCENT)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation) [Datei ist nicht signiert]
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 X6va060; \??\C:\WINDOWS\SysWOW64\Drivers\X6va060 [21208 2015-09-26] ()
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-08-29] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 13:32 - 2015-11-20 13:32 - 00380416 _____ C:\Users\Omid\Downloads\Gmer-19357.exe
2015-11-20 13:30 - 2015-11-20 13:32 - 00026445 _____ C:\Users\Omid\Downloads\FRST.txt
2015-11-20 13:29 - 2015-11-20 13:30 - 02020352 _____ (Farbar) C:\Users\Omid\Downloads\FRST64.exe
2015-11-20 13:28 - 2015-11-20 13:28 - 00000470 _____ C:\Users\Omid\Downloads\defogger_disable.log
2015-11-20 13:28 - 2015-11-20 13:28 - 00000000 _____ C:\Users\Omid\defogger_reenable
2015-11-20 13:26 - 2015-11-20 13:27 - 00050477 _____ C:\Users\Omid\Downloads\Defogger.exe
2015-11-20 12:12 - 2015-11-20 12:12 - 00016148 _____ C:\WINDOWS\system32\OMID-PC_Omid_HistoryPrediction.bin
2015-11-19 17:03 - 2015-11-19 17:03 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-11-19 17:03 - 2015-11-19 17:03 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-11-19 17:03 - 2015-06-27 08:34 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswF8F1.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswF7F2.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswF901.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswF902.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswF8DD.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswF8EF.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswF8F0.tmp
2015-11-19 17:03 - 2015-06-12 21:41 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswF8DE.tmp
2015-11-18 20:07 - 2015-11-20 11:56 - 00000000 _RSHD C:\Google
2015-11-18 20:07 - 2015-11-19 18:32 - 00000000 _RSHD C:\Skypee
2015-11-18 20:07 - 2015-11-19 13:45 - 00000914 _____ C:\ProgramData\ProgramData.lnk
2015-11-17 17:00 - 2015-11-17 17:09 - 311293165 _____ C:\Users\Omid\Downloads\Het zandkasteel - Megamix #3 - ruim 1 uur plezier.mp4
2015-11-15 13:30 - 2015-11-15 13:30 - 00000000 ____D C:\Users\Omid\Downloads\Gameforge Live
2015-11-14 18:25 - 2015-11-14 18:27 - 00000000 ____D C:\Users\Omid\AppData\Roaming\.technic
2015-11-14 18:25 - 2015-11-14 18:25 - 04757856 _____ () C:\Users\Omid\Downloads\TechnicLauncher.exe
2015-11-14 18:23 - 2015-11-14 18:27 - 141376545 _____ C:\Users\Omid\Downloads\SAOServer1.6.10.rar
2015-11-14 11:17 - 2015-11-14 11:42 - 00000000 ____D C:\Users\Omid\AppData\Local\UNDERTALE
2015-11-14 11:15 - 2015-11-14 11:15 - 00001032 _____ C:\Users\Omid\Desktop\Game - Verknüpfung.lnk
2015-11-14 11:12 - 2015-11-14 11:12 - 00000000 ____D C:\Program Files (x86)\LISA
2015-11-14 10:58 - 2015-11-14 10:59 - 00000000 ____D C:\Users\Omid\Downloads\Neuer Ordner (2)
2015-11-14 10:58 - 2015-11-14 10:58 - 00000000 ____D C:\Users\Omid\AppData\LocalLow\uTorrent
2015-11-14 10:53 - 2015-11-14 10:53 - 00001984 _____ C:\Users\Omid\Desktop\UNDERTALE - Verknüpfung.lnk
2015-11-14 10:52 - 2015-11-14 10:52 - 00000000 ____D C:\Users\Omid\Downloads\Neuer Ordner
2015-11-14 10:22 - 2015-11-14 10:22 - 00000000 ____D C:\Program Files (x86)\Minecraft Story Mode 2
2015-11-14 01:51 - 2015-11-14 10:59 - 00000000 ____D C:\Users\Omid\Downloads\Assasins Creed Unity
2015-11-14 00:56 - 2015-11-14 00:57 - 00000000 ____D C:\Users\Omid\Downloads\border 5
2015-11-14 00:53 - 2015-11-14 10:02 - 00000000 ____D C:\Users\Omid\Downloads\Minecraft.Story.Mode.Episode.2-CODEX
2015-11-14 00:48 - 2015-11-14 00:48 - 00035099 _____ C:\Users\Omid\Downloads\Tales.from.the.Borderlands.Update.7.Incl.EP5.torrent
2015-11-11 18:28 - 2015-11-11 18:28 - 00003316 _____ C:\WINDOWS\System32\Tasks\{F0CA0C71-DBAE-4C63-BD44-F50E6F9FFBB4}
2015-11-11 14:20 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 14:20 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 14:20 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 14:20 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 14:20 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 14:20 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 14:20 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 14:20 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 14:20 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 14:20 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 14:20 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 14:20 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 14:20 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 14:20 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 14:20 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 14:20 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 14:20 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 14:20 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 14:20 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 14:20 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 14:20 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 14:20 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 14:20 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 14:20 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 14:20 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 14:20 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 14:20 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 14:20 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 14:20 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 14:20 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 14:20 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 14:20 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 14:20 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 14:20 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-11 14:17 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 14:17 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 14:17 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 14:17 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 14:17 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 14:17 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 14:17 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 14:17 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 14:17 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 14:17 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 14:17 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 14:17 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 14:17 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 14:17 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 14:17 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 14:17 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 14:17 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 14:17 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 14:16 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-07 14:27 - 2015-11-08 18:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 14:06 - 2015-11-06 14:06 - 00483352 _____ (Aeria Games & Entertainment) C:\Users\Omid\Downloads\edeneternal_us_downloader(2).exe
2015-11-05 23:15 - 2015-11-05 23:15 - 00483352 _____ (Aeria Games & Entertainment) C:\Users\Omid\Downloads\edeneternal_us_downloader(1).exe
2015-11-05 16:43 - 2015-11-05 16:43 - 00483352 _____ (Aeria Games & Entertainment) C:\Users\Omid\Downloads\edeneternal_us_downloader.exe
2015-11-05 15:32 - 2015-11-05 15:32 - 00000000 ____D C:\Users\Omid\AppData\Local\Gameforge4d
2015-11-05 15:31 - 2015-11-05 15:31 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2015-11-05 15:30 - 2015-11-05 15:31 - 20218792 _____ (Gameforge ) C:\Users\Omid\Downloads\Elsword_GameforgeLiveSetup.exe
2015-10-29 14:37 - 2015-10-29 14:37 - 00003316 _____ C:\WINDOWS\System32\Tasks\{842F8C88-2F89-42D0-A4A2-86915CACA2DD}
2015-10-27 18:50 - 2015-10-27 18:50 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-10-24 13:51 - 2015-10-24 13:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-23 20:56 - 2015-10-23 20:59 - 16101093 _____ C:\Users\Omid\Downloads\vic231.rar
2015-10-23 20:18 - 2015-10-23 20:18 - 00003462 _____ C:\WINDOWS\System32\Tasks\{3E7C5E0F-9B46-47B7-B877-E38D2BAAD368}
2015-10-23 19:57 - 2015-10-23 19:58 - 138106138 _____ (Paradox Interactive ) C:\Users\Omid\Downloads\VIIAHDSetup.exe
2015-10-23 19:56 - 2015-10-23 20:05 - 308187941 _____ (Paradox Interactive ) C:\Users\Omid\Downloads\V2AHDFullSetup.exe
2015-10-23 18:39 - 2015-10-23 18:39 - 00000000 ____D C:\Users\Omid\AppData\LocalLow\noio
2015-10-23 18:37 - 2015-10-23 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raw Fury
2015-10-23 18:37 - 2015-10-23 18:37 - 00000000 ____D C:\Program Files (x86)\Raw Fury
2015-10-23 17:39 - 2015-11-14 00:52 - 00000000 ____D C:\Users\Omid\Downloads\Kingdom-TiNYiSO
2015-10-22 14:13 - 2015-11-05 15:28 - 00000000 ____D C:\Users\Omid\Downloads\KeRnOnline
2015-10-21 17:07 - 2015-10-23 11:29 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-10-21 17:07 - 2015-10-23 11:28 - 00000000 ____D C:\Users\Omid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcore-RELOADED
2015-10-21 17:07 - 2015-10-23 11:28 - 00000000 ____D C:\Program Files (x86)\Hardcore-RELOADED
2015-10-21 17:07 - 2015-10-22 14:13 - 2353548224 _____ (Igor Pavlov) C:\Users\Omid\Downloads\KeRnOnline.exe
2015-10-21 17:04 - 2015-10-21 17:06 - 40222720 _____ C:\Users\Omid\Downloads\hardcore.msi
2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 _____ C:\Users\Omid\Downloads\0ByeKO-taKOYubE9tSUFwbDRsMVk.htm

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 13:32 - 2015-02-14 19:32 - 00000000 ____D C:\Users\Omid\AppData\Roaming\Spotify
2015-11-20 13:30 - 2014-02-11 22:23 - 00000000 ____D C:\FRST
2015-11-20 13:28 - 2015-08-26 23:53 - 00000000 ____D C:\Users\Omid
2015-11-20 13:27 - 2015-02-21 14:30 - 00000000 ____D C:\Users\Omid\AppData\Local\Steam
2015-11-20 13:22 - 2014-08-20 12:38 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 13:21 - 2014-06-24 17:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-20 13:18 - 2015-03-13 00:15 - 00007618 _____ C:\Users\Omid\AppData\Local\Resmon.ResmonCfg
2015-11-20 13:15 - 2014-08-07 07:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-20 12:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-20 12:31 - 2015-02-14 19:34 - 00000000 ____D C:\Users\Omid\AppData\Local\Spotify
2015-11-20 12:30 - 2014-06-24 14:49 - 00000408 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2015-11-20 11:59 - 2014-06-23 21:25 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{964F1CD3-7B0F-40B9-892E-C7489FEBF95C}
2015-11-20 11:57 - 2014-08-20 12:38 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 23:50 - 2014-06-24 17:47 - 00000000 ____D C:\Users\Omid\AppData\Roaming\Skype
2015-11-19 20:23 - 2014-06-27 20:07 - 00000000 ____D C:\Users\Omid\AppData\Roaming\TS3Client
2015-11-19 19:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-19 18:56 - 2014-12-03 21:27 - 00000000 ____D C:\Adobe Photoshop 7.0 ME_ARS
2015-11-19 18:56 - 2014-02-13 21:51 - 00000000 ____D C:\AdwCleaner
2015-11-19 18:56 - 2012-10-28 12:40 - 00000000 ____D C:\AeriaGames
2015-11-19 17:03 - 2014-06-23 21:29 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-19 17:03 - 2014-06-23 21:28 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00154256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-11-19 17:03 - 2014-06-23 21:28 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-11-19 17:02 - 2014-06-23 21:28 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-11-19 16:53 - 2015-09-19 17:47 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-19 15:43 - 2015-03-17 19:37 - 00000000 ____D C:\Users\Omid\AppData\Roaming\.minecraft
2015-11-19 15:02 - 2015-06-28 11:21 - 00000000 ____D C:\Users\Omid\Desktop\Mc Mods
2015-11-19 14:50 - 2014-08-06 10:56 - 00000000 ____D C:\ProgramData\Skype
2015-11-19 13:48 - 2014-10-12 13:33 - 00000000 ____D C:\Users\Omid\Desktop\Spiele
2015-11-19 11:10 - 2015-08-26 23:52 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-19 11:10 - 2015-07-10 17:34 - 00883752 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-19 11:10 - 2015-07-10 17:34 - 00195886 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-19 11:03 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-19 11:02 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-18 20:07 - 2015-09-26 17:26 - 00000000 ____D C:\CFLog
2015-11-18 20:07 - 2015-08-14 00:34 - 00000000 ____D C:\Crusader.Kings.II.v2.4.1.Incl.54.DLC
2015-11-18 20:07 - 2015-05-17 16:42 - 00000000 ____D C:\If my Heart had Wings
2015-11-18 20:07 - 2015-05-09 15:22 - 00000000 ____D C:\IExp1.tmp
2015-11-18 20:07 - 2015-05-09 15:22 - 00000000 ____D C:\IExp0.tmp
2015-11-18 20:07 - 2015-03-17 17:27 - 00000000 ____D C:\KOGGAMES
2015-11-18 20:07 - 2014-11-21 22:05 - 00000000 ____D C:\meshes
2015-11-18 20:07 - 2014-11-16 15:07 - 00000000 ____D C:\BOSS
2015-11-18 20:07 - 2014-07-31 17:08 - 00000000 ___HD C:\ArcTemp
2015-11-18 20:07 - 2014-06-23 20:56 - 00000000 ____D C:\Windows.old(1)
2015-11-18 20:07 - 2014-02-19 18:20 - 00000000 ____D C:\uninstall.exe
2015-11-18 20:07 - 2014-02-18 17:40 - 00000000 ____D C:\GOG Games
2015-11-18 20:07 - 2014-02-12 19:36 - 00000000 ____D C:\Qoobox
2015-11-18 20:07 - 2013-12-27 22:20 - 00000000 ____D C:\Ubisoft
2015-11-18 20:07 - 2013-12-20 23:28 - 00000000 ____D C:\AMD
2015-11-18 20:07 - 2013-12-05 14:05 - 00000000 ____D C:\Crash
2015-11-18 20:07 - 2013-06-02 15:05 - 00000000 ____D C:\Intel
2015-11-18 20:07 - 2013-03-01 20:58 - 00000000 ____D C:\Riot Games
2015-11-18 20:07 - 2012-12-21 16:41 - 00000000 ____D C:\Games
2015-11-18 20:07 - 2012-11-05 18:00 - 00000000 ____D C:\Fraps
2015-11-18 20:07 - 2012-10-31 20:56 - 00000000 ____D C:\Sierra
2015-11-18 20:07 - 2012-10-30 17:36 - 00000000 ____D C:\SG Interactive
2015-11-18 20:07 - 2012-10-20 15:05 - 00000000 ____D C:\Temp
2015-11-18 20:07 - 2012-10-20 11:42 - 00000000 ____D C:\gPotato.eu
2015-11-18 20:07 - 2012-10-18 14:30 - 00000000 ____D C:\aws
2015-11-18 20:07 - 2012-10-18 14:30 - 00000000 ____D C:\ASUS WebStorage
2015-11-18 20:06 - 2015-09-16 18:06 - 00008714 _____ C:\WINDOWS\setupact.log
2015-11-17 17:25 - 2015-04-15 23:01 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2015-11-17 17:25 - 2014-06-25 00:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-17 17:18 - 2014-06-25 00:10 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-17 15:48 - 2015-10-20 18:08 - 00000000 ____D C:\Users\Omid\AppData\Local\osu!
2015-11-16 16:57 - 2014-06-27 20:07 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-11-15 17:06 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-14 11:19 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-14 11:19 - 2014-06-25 18:56 - 00000000 ____D C:\Users\Omid\AppData\Roaming\uTorrent
2015-11-14 10:56 - 2014-10-12 13:34 - 00000000 ____D C:\Users\Omid\Desktop\Dokumente
2015-11-14 10:29 - 2014-12-13 10:39 - 00000000 ____D C:\Users\Omid\Documents\Telltale Games
2015-11-14 09:12 - 2014-11-13 18:34 - 00000000 ____D C:\Users\Omid\AppData\Local\JDownloader v2.0
2015-11-12 15:48 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 17:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-11 16:15 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-08 18:50 - 2015-08-26 23:44 - 00010974 _____ C:\WINDOWS\PFRO.log
2015-11-08 18:50 - 2014-06-23 21:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-05 21:46 - 2014-12-29 11:06 - 00000000 ____D C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution
2015-11-05 15:32 - 2014-07-27 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-03 19:20 - 2015-10-09 18:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-09 18:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-26 20:32 - 2015-08-26 23:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-23 20:12 - 2014-08-16 16:01 - 00000000 ____D C:\Users\Omid\Documents\Paradox Interactive
2015-10-23 20:09 - 2015-04-02 21:52 - 00000000 ____D C:\Program Files (x86)\Paradox Interactive
2015-10-23 19:55 - 2015-10-17 20:38 - 00000000 ____D C:\Users\Omid\Downloads\3DMGAME-Tales.from.the.Borderlands.Update.6.Incl.EP4.and.Crack-3DM
2015-10-23 18:39 - 2015-09-04 19:06 - 00000000 ____D C:\ProgramData\SkidRow
2015-10-23 17:42 - 2015-04-02 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2015-10-23 17:42 - 2014-06-23 21:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-23 11:29 - 2014-06-24 17:26 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-10-22 14:28 - 2015-04-24 21:37 - 00000000 ____D C:\Users\Omid\AppData\Local\KeRnStudios
2015-10-21 22:36 - 2015-07-16 15:39 - 00000034 _____ C:\Users\Omid\Desktop\Jobs.txt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-31 22:11 - 2014-12-31 22:11 - 1842664 _____ (Cinema PlusV31.12) C:\Users\Omid\AppData\Roaming\WTDAIB.exe
2015-03-13 00:15 - 2015-11-20 13:18 - 0007618 _____ () C:\Users\Omid\AppData\Local\Resmon.ResmonCfg
2015-08-26 23:48 - 2015-08-26 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-28 17:49 - 2014-08-14 14:19 - 0000040 _____ () C:\ProgramData\DT0001.dat
2014-07-28 17:22 - 2014-08-14 14:19 - 0000040 _____ () C:\ProgramData\DT0006.dat
2015-11-18 20:07 - 2015-11-19 13:45 - 0000914 _____ () C:\ProgramData\ProgramData.lnk

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat


Einige Dateien in TEMP:
====================
C:\Users\Omid\AppData\Local\Temp\15c541d78011de3cc8319ba6a97ecfde.dll
C:\Users\Omid\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Omid\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Omid\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
C:\Users\Omid\AppData\Local\Temp\InstallIMVU_522.0.exe
C:\Users\Omid\AppData\Local\Temp\proxy_vole1604269489905258130.dll
C:\Users\Omid\AppData\Local\Temp\proxy_vole3728024338189962957.dll
C:\Users\Omid\AppData\Local\Temp\proxy_vole4948399475389329192.dll
C:\Users\Omid\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Omid\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Omid\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Omid\AppData\Local\Temp\sqlite3.dll
C:\Users\Omid\AppData\Local\Temp\SRLDetectionLibrary4677805481034245237.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-20 12:07

==================== Ende von FRST.txt ============================
         
__________________


Alt 20.11.2015, 14:27   #3
M-K-D-B
/// TB-Ausbilder
 
Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm - Standard

Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!






Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\Omid\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.







Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
__________________

Alt 26.11.2015, 21:28   #4
M-K-D-B
/// TB-Ausbilder
 
Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm - Standard

Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm
antivirus, arbeitsspeicherauslastung, ausgelastet, auslastung, avast, computer, converter, defender, desktop, firefox, flash player, helper, internet explorer, launch, malware, onedrive, photoshop, problem, prozesse, registry, scan, security, server, software, starten, stick, trojaner, usb, visual c++ 2015, windows



Ähnliche Themen: Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm


  1. Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem
    Log-Analyse und Auswertung - 12.09.2015 (22)
  2. Hohe CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (1)
  3. Neuer Acer-Laptop kaum nutzbar: Sehr hohe Auslastung von Arbeitsspeicher und Datenträger
    Alles rund um Windows - 16.03.2015 (7)
  4. Laptop sehr langsam Arbeitsspeicher/CPU Auslastung hoch
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (11)
  5. Hohe Arbeitsspeicher Auslastung!
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (7)
  6. CPU Auslastung/Arbeitsspeicher
    Alles rund um Windows - 06.10.2013 (1)
  7. Hohe CPU/Ram-Auslastung
    Plagegeister aller Art und deren Bekämpfung - 17.11.2012 (15)
  8. Hohe CPU/Ram-Auslastung
    Alles rund um Windows - 17.11.2012 (5)
  9. Hohe CPU-Auslastung (cmd.exe)
    Plagegeister aller Art und deren Bekämpfung - 04.11.2011 (9)
  10. Hohe Arbeitsspeicher- & CPU-Auslastung
    Log-Analyse und Auswertung - 03.08.2011 (0)
  11. zu hohe CPU Auslastung
    Log-Analyse und Auswertung - 07.11.2010 (13)
  12. Hohe CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 11.11.2009 (2)
  13. hohe CPU-Auslastung
    Netzwerk und Hardware - 12.10.2009 (3)
  14. Hohe Auslastung
    Log-Analyse und Auswertung - 26.12.2006 (5)
  15. Hohe CPU-Auslastung..Help!!!
    Log-Analyse und Auswertung - 12.12.2006 (3)
  16. PC hat hohe CPU Auslastung :<
    Log-Analyse und Auswertung - 28.05.2005 (10)
  17. CPU/Arbeitsspeicher Auslastung beobachten
    Alles rund um Windows - 06.02.2004 (2)

Zum Thema Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm - Vor kurzem ist mir aufgefallen, das Avast immer deaktiviert ist und egal was ich mache sich nicht starten lässt. Zusätlich ist mir aufgefallen, das mein Arbeitsspeicher immer zu mindestens 40% - Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm...
Archiv
Du betrachtest: Hohe Arbeitsspeicher Auslastung und deaktiviertertes Virusprogramm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.