| DerJimmy | 29.06.2015 15:12 |
Addition:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Stephan at 2015-06-29 14:05:55
Running from C:\Users\Stephan\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1238433510-164901315-395736174-500 - Administrator - Disabled)
Gast (S-1-5-21-1238433510-164901315-395736174-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1238433510-164901315-395736174-1002 - Limited - Enabled)
Stephan (S-1-5-21-1238433510-164901315-395736174-1000 - Administrator - Enabled) => C:\Users\Stephan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma 3 Server (HKLM-x32\...\Steam App 233780) (Version: - Bohemia Interactive)
ArmA3Sync 1.3.49 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.3.49 - The [S.o.E] team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Curse Client (HKU\S-1-5-21-1238433510-164901315-395736174-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DCS World (HKLM-x32\...\Steam App 223750) (Version: - Eagle Dynamics)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.18.1010 - Electronic Arts Inc.)
Dropbox (HKU\S-1-5-21-1238433510-164901315-395736174-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
DWA-547 (HKLM-x32\...\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}) (Version: 1 - D-Link)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.1 r3 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.1 r3 Alpha - ETS2MP Team)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version: - Giants Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gabelstapler Simulator 2009 (HKLM-x32\...\{AF805B23-DCB3-44D5-A9A8-B44C7A80C8D7}_is1) (Version: - Astragon)
GO Contact Sync Mod (HKLM-x32\...\{08111AD6-2719-4DED-9988-6B5DBC2135DD}) (Version: 3.9.2 - WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM\...\{9566573E-1092-4AF3-9805-8E86146EF578}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM\...\{6C6A2A68-E36C-4AF4-B1A3-EF3F53FF5766}) (Version: 3.7.410.1100 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (HKLM\...\{1686185A-3D85-428D-8786-ACB403B9D420}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Hilfe (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
MAGIX Fotos auf DVD 2014 Deluxe (HKLM-x32\...\MX.{D7951A7D-D2B7-494B-BFA8-0EC07C00EBDC}) (Version: 13.0.0.84 - MAGIX AG)
MAGIX Fotos auf DVD 2014 Deluxe (Version: 13.0.0.84 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{73E30AF2-0C07-442D-9406-F4BC1D676910}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{10EACC1C-7B87-4F57-ACA6-4EC15E13E4E9}) (Version: 12.0.01300 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (x32 Version: 12.0.0004 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.14 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKU\S-1-5-21-1238433510-164901315-395736174-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version: - Tango Gameworks)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TrackIR 5 (HKLM-x32\...\{2f2e6053-043c-4d69-94d0-4d42304ea4ee}) (Version: 5.2.0200 - NaturalPoint)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version: - RedLynx, in collaboration with Ubisoft Shanghai, Ubisoft Kiev)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version: - SCS Software)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XMedia Recode Version 3.2.0.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.3 - XMedia Recode)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{534dfbc8-8cde-44d2-b281-fea081309308}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1238433510-164901315-395736174-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
23-06-2015 10:40:20 Windows Update
26-06-2015 13:38:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
26-06-2015 13:38:16 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
26-06-2015 13:38:20 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
26-06-2015 13:38:24 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2011-12-27 00:20 - 00001735 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
There are 1 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1325821A-B063-42DE-9B85-D3AEE716EAAC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {162F3F9C-7B7C-4261-B659-069974B2ADD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {1D98456D-A9D8-417C-B8E0-4BB72934AE32} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {2696C331-A429-4E58-AC11-1471F0E7B320} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1238433510-164901315-395736174-1000Core => C:\Users\Stephan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {3167B521-D4FE-460D-BE17-71489AE6A95A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {412BF5AD-65D3-4B95-9B99-23477864CFBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {475CF301-C559-4BCE-A2B7-BC32844371A2} - System32\Tasks\AdobeAAMUpdater-1.0-Stephan-PC-Stephan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {68910F59-0BA7-4451-A490-1D0B649D5CEC} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {6DF4D100-BE9A-4745-819F-BE53B160748A} - System32\Tasks\{C2F94880-2A10-4EFC-B60A-FC166C200808} => pcalua.exe -a C:\Users\Stephan\Desktop\lgs510.exe -d C:\Users\Stephan\Desktop
Task: {6EE8FBCB-8D1F-4E23-A5A1-7D900DB056B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated)
Task: {71C53E80-4D8E-481A-A119-E32024F9C8F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {75CFA0B8-843B-4BD4-B56D-E569BEA68C94} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {A86D4EDE-BEAE-4769-A127-B420188A0D6F} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {AC923238-3053-4D0F-923B-641C5AEF5F44} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B062D7AE-77D2-4E40-BA60-BDCF3AF208C5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1238433510-164901315-395736174-1000UA => C:\Users\Stephan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {CBFD8D5C-8946-4882-80B5-5220484D2A1A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E7F20AAF-D878-4BCB-9E98-B0E6B7B51156} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1238433510-164901315-395736174-1000Core.job => C:\Users\Stephan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1238433510-164901315-395736174-1000UA.job => C:\Users\Stephan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-06-03 17:46 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-11 22:28 - 2014-12-16 21:16 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-14 07:49 - 2015-03-14 07:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
2015-06-25 15:42 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-25 15:42 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-06-25 15:42 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-06-25 15:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-06-25 15:42 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-31 11:50 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-19 11:42 - 2015-06-29 13:30 - 00619840 _____ () C:\Users\Stephan\AppData\Local\Temp\0KrakenDevProps.dll
2015-06-29 13:30 - 2015-06-29 13:30 - 00043008 _____ () c:\users\stephan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdtkrpr.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Stephan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-11-18 16:31 - 2014-11-26 04:12 - 40622592 _____ () C:\Users\Stephan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-18 16:31 - 2014-11-26 04:12 - 00911360 _____ () C:\Users\Stephan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2014-11-18 16:31 - 2014-11-26 04:12 - 00134144 _____ () C:\Users\Stephan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2014-06-03 17:34 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-03 16:56 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-23 11:30 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 11:30 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files\Common Files\System:JeLzCqMsefZgnbZrPfhzMD1
AlternateDataStreams: C:\ProgramData\Microsoft:K2hnGxvhtdoxiYJEbgRB3khn6d
AlternateDataStreams: C:\ProgramData\Microsoft:kOQmXMewPrNqfLovEtl4
AlternateDataStreams: C:\Users\Stephan\Lokale Einstellungen:Z81YNnus3EjHhX1OmZXLgaHj
AlternateDataStreams: C:\Users\Stephan\AppData\Local:Z81YNnus3EjHhX1OmZXLgaHj
AlternateDataStreams: C:\Users\Stephan\AppData\Local\9P8eGnG9:RNxsctjv54ZCkQ2S0jX
AlternateDataStreams: C:\Users\Stephan\AppData\Local\Anwendungsdaten:Z81YNnus3EjHhX1OmZXLgaHj
AlternateDataStreams: C:\Users\Stephan\AppData\Local\Temp:QMwm69Lx2KTdrGsBIi2F9LdVJG
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1238433510-164901315-395736174-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1238433510-164901315-395736174-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1238433510-164901315-395736174-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: KrakenLauncher => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe /start
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{63339C84-EC95-486C-8CAD-E55865D4EC06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4693FAF5-E573-41F0-BD0E-4E21BF55F618}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7147B95C-2794-4BC3-93E4-D0E17926D751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A253C1DA-51AF-4A85-B981-344034E2EA36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7ED33A99-C7CC-4E77-949D-E2A209D5BD63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3CC5D50C-8587-49D9-9ED6-93F6C67E02C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3E9B2A56-3561-4860-BF5B-8F1572AB3AF0}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{1D947D66-BA9B-47C0-A32C-9E68DFF68E2D}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{16BFBFEE-8CC9-48BC-8C52-5885A5330A66}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{0C2F361D-4FBC-4B9E-B135-6F7E40841CC9}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{887DAC77-217B-48F1-83A4-F584D8507AF2}] => (Allow) E:\Spiele\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{EEB8E8A0-983A-4E58-8961-5BCAA825F497}] => (Allow) E:\Spiele\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{6877E9FE-14C6-4144-8A8B-F07E6993FEA3}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{A2D85CE8-61B4-4325-9DCE-272BC33F490E}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{3632736E-DD69-47EC-8975-F406AF02B42B}] => (Allow) E:\Spiele\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{0E1C6235-8738-4BD7-A2F3-43337E1DC735}] => (Allow) E:\Spiele\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A0507FFC-5E7D-4B22-B68F-D76011C2FD2A}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{58088031-6147-4AC5-AC40-50F3A1222CF9}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{7D470978-3B7A-4546-B84D-BC9C1DB86636}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{0853801B-1B56-4D6A-ABCF-4DF2E0125E03}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E52FDF43-AA4A-44CB-A40F-3A9BFDFE5D97}] => (Allow) C:\Users\Stephan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{67856416-BA54-4DE3-8B10-E35FA83BECD0}] => (Allow) C:\Users\Stephan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{E86EA52C-22AE-4992-9231-ACB4DBAB6986}] => (Allow) C:\Users\Stephan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{900BF993-FAD3-4CCE-BDCA-CA977676AAAE}] => (Allow) C:\Users\Stephan\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{0C1FECA6-EC77-4771-B2D0-091E1F4E7E83}] => (Allow) C:\Users\Stephan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AF7B92E2-8652-4840-BC4E-BEF4936D3407}] => (Allow) C:\Users\Stephan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FACFA648-78FC-42A3-BEA1-0D951AE54551}] => (Allow) E:\Spiele\Anno 1404\Anno4.exe
FirewallRules: [{660A2998-36B3-4A29-AF01-7895B2DF2D2D}] => (Allow) E:\Spiele\Anno 1404\Anno4.exe
FirewallRules: [{FC6A2E72-D1D9-426B-B2D7-04F163E3C124}] => (Allow) E:\Spiele\Anno 1404\Addon.exe
FirewallRules: [{5D79B290-B2A9-48C6-AB7F-B132403C333E}] => (Allow) E:\Spiele\Anno 1404\Addon.exe
FirewallRules: [{EC96DB20-8549-4CAE-B2F5-8E1AA0329F4B}] => (Allow) E:\Spiele\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{1541B522-9B37-425A-AE62-F05C6D198B32}] => (Allow) E:\Spiele\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{6F41E9BB-D3D6-4519-8D99-61243B0DD965}] => (Allow) E:\Spiele\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{51BEC095-C91E-44EC-958C-9A1BA0878795}] => (Allow) E:\Spiele\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{3FF2E885-50A9-4BCC-89BD-522C4C2D0537}] => (Allow) E:\Spiele\Anno 1404\tools\Benchmark.exe
FirewallRules: [{7761A0F0-8356-4C45-8CFC-20D982B221B2}] => (Allow) E:\Spiele\Anno 1404\tools\Benchmark.exe
FirewallRules: [{4DEB1F57-E3A0-4D01-9964-DDE62D66AF2B}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{6FB82C5D-8FEF-4DB6-9CC0-3CBFC334113E}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{EC5D894F-B628-42BD-B0DB-E1E4526CA713}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{2F8F40EC-B2D3-449F-B737-BDA620C794AA}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7A8EC516-D0FE-495B-98BF-83299B2B319F}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{64FF53EE-7F21-402A-85F8-7FDF37B7C874}] => (Allow) E:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3A54D879-0D2A-4BEF-8925-CFEDB77D86BD}] => (Allow) E:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3FE27893-D231-4238-B003-AF76C7CA6565}] => (Allow) E:\Spiele\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{84D031B5-518F-4362-A540-782436ACB8CC}] => (Allow) E:\Spiele\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{EC43819E-61AE-4053-8DA7-5134D390D9C5}E:\spiele\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\spiele\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{576D6232-3144-4D7D-BEE4-630FA2108DCA}E:\spiele\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\spiele\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{028E8A1C-5A77-4CE1-B98F-8AB083973A6B}] => (Allow) E:\Spiele\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8580B494-1B78-43E3-A2CE-BBFD5F9B1688}] => (Allow) E:\Spiele\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{20092415-D896-4CD7-B227-5E63D4EC0CE5}] => (Allow) E:\Spiele\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{D9BA8DBA-4946-43D8-90F4-28145F362203}] => (Allow) E:\Spiele\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{DC33DA05-5AB6-4C79-93C4-3E9F98CB84F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{999E3FD0-25F2-4B9F-BD52-F1ABF30DECE6}] => (Allow) LPort=80
FirewallRules: [{51B28379-B8BA-45DF-8C00-77548A310C43}] => (Allow) LPort=443
FirewallRules: [{DEF3DE6B-7390-4C03-AC8A-F34A69CC1075}] => (Allow) LPort=20010
FirewallRules: [{A28F1CFF-7DFB-4A91-A50C-91EDEAB91DB6}] => (Allow) LPort=3478
FirewallRules: [{3A3372F9-FF4D-483E-8EE4-1C03087AEB31}] => (Allow) LPort=7850
FirewallRules: [{5617C234-5597-4FEF-AB2B-C6661584F210}] => (Allow) LPort=7852
FirewallRules: [{D878004D-81EE-4473-A396-115FFE06B231}] => (Allow) LPort=7853
FirewallRules: [{6496214A-9FB3-4329-BF5F-50216EC50AE7}] => (Allow) LPort=27022
FirewallRules: [{297928C9-0BCC-4641-B953-681D6115E806}] => (Allow) LPort=6881
FirewallRules: [{697C8E89-52C6-41C1-A7B3-069CD680C2AF}] => (Allow) LPort=33333
FirewallRules: [{D8B49064-5E71-4A3C-815B-A640DDD77F39}] => (Allow) LPort=20443
FirewallRules: [{A7AF6A53-08F9-448B-BC09-7F11B89F6332}] => (Allow) LPort=8090
FirewallRules: [{9ACEAF23-1194-404C-9B72-E06F4F5E2A3D}] => (Allow) E:\Spiele\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{CC42ED0E-5B65-42DB-B0E3-71738B1AD5FC}] => (Allow) E:\Spiele\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{A7072E5C-B8A5-4CF5-B5E1-3C7B0A4EEC69}E:\spiele\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\spiele\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{B8364E04-0B2A-41B7-8813-C60786BD9BAD}E:\spiele\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\spiele\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{6979F2C7-EFE5-4805-BA78-C9AFD37EB4CA}E:\spiele\world of tanks\wotlauncher.exe] => (Allow) E:\spiele\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{90E8EE78-1D8F-450A-B05D-D0FA85B6C58C}E:\spiele\world of tanks\wotlauncher.exe] => (Allow) E:\spiele\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F68086AE-F39B-45BA-A24C-835B19E942AA}E:\spiele\world of tanks\worldoftanks.exe] => (Allow) E:\spiele\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{91A5C783-6BD8-4E26-A797-31EDE05F9F1C}E:\spiele\world of tanks\worldoftanks.exe] => (Allow) E:\spiele\world of tanks\worldoftanks.exe
FirewallRules: [{7B8D8E9E-D1ED-4314-BBD4-1A63AEAD1C3E}] => (Allow) E:\Spiele\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{37823D74-7D0C-4BDB-ACB6-652D14F33748}] => (Allow) E:\Spiele\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1663B486-9DDF-4AA8-A0A2-7C26F702A2E3}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{CE6E4CD7-0566-4741-AB31-D6C3164EF32A}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{984C0183-8A58-4D57-BF1C-259433CFEE5D}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{ED043E32-935D-4DB0-A1BC-F7C7B5A0049D}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{52F9FD6D-7130-4E5F-A7A8-82C584DF6402}E:\spiele\star citizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\star citizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{0D78618B-57BA-44C7-8D56-CC48B7FC3C54}E:\spiele\star citizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\star citizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [{AC4AE9DD-6A13-40A0-B483-FF3BAEF9873A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{BF7276EA-579A-4AFD-A44E-FECB397C98C6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{5B87244B-A5E5-44F4-B99D-A90A13C6720D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9A65A9FB-6BCD-4F45-B087-7439C75C5457}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D4203029-8B85-49D2-BE77-26FE2BD036D8}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{758B96C0-68C0-4626-8BDD-138C462DB0F3}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{04858595-0E9D-4A4B-83C8-77A5C0BC4E18}] => (Allow) E:\Spiele\Diablo III\Diablo III.exe
FirewallRules: [{1186349B-9F07-419E-955D-A898590FE4E3}] => (Allow) E:\Spiele\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{1F37358D-3F69-48D5-BFD4-94316A77145F}E:\spiele\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\spiele\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{5886DDE4-4185-4176-9B67-ACED7795E617}E:\spiele\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\spiele\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{AE022FC2-7290-46B1-ABE2-D110D7CC4947}] => (Allow) E:\Spiele\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{6ABE3444-5135-4D80-A00B-9E4D843E0AF2}] => (Allow) E:\Spiele\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{9168C6C0-263E-4920-A4FC-49A666065D5F}] => (Allow) E:\Spiele\Steam\SteamApps\common\DCSWorld\Run.exe
FirewallRules: [{CFA2728C-F175-41AE-A712-F64AA722B998}] => (Allow) E:\Spiele\Steam\SteamApps\common\DCSWorld\Run.exe
FirewallRules: [{27155F85-132E-4B9D-972A-B49BEE4B9B22}] => (Allow) E:\Spiele\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{BBCA461E-2DA5-4AFA-A2D7-7C6FEDF9C14C}] => (Allow) E:\Spiele\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{7C252A5A-42AA-4C72-91B1-F0D67F89ADBD}] => (Allow) E:\Spiele\Steam\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{EBFEE06B-A589-4375-AB29-0CE0D01DA16F}] => (Allow) E:\Spiele\Steam\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{68D8344E-506C-4993-B612-7D0AA80D99E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{829F8758-18F7-4697-9F57-2DC16B304622}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{C5CD03FE-753A-4DA5-9A49-AED0B44A0BBC}] => (Allow) E:\Spiele\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{D61A4805-52ED-4A28-8685-A005AFB35931}] => (Allow) E:\Spiele\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{3066017C-DF45-4307-A3C1-66BF64677AE9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{0B8FC843-D1DC-4127-80FF-ED649CA476B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{F9D044D6-4383-4932-84DD-5315AA3144B0}] => (Allow) E:\Spiele\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{F07006C7-BD60-4EE1-8B3B-9D887AE1541E}] => (Allow) E:\Spiele\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{DDD43157-2DD9-489B-A907-4AC87A16D4A9}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{93A61E91-BE15-4356-A0A1-1DF639AED34E}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{10F767EA-3690-47DD-9D1D-EF6D14A4B7BC}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{7780B732-EFD1-49C0-8603-2C0B4DDC98C1}] => (Allow) E:\Spiele\Steam\SteamApps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{5E9BDE1A-9E01-4949-A108-5724C1322A42}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2AD20D70-5DF6-4C0F-90A7-99D79ADA2D12}] => (Allow) LPort=2869
FirewallRules: [{23477947-4E2D-4036-8959-86580F314997}] => (Allow) LPort=1900
FirewallRules: [{8A2CCAA2-0EAE-476C-8105-0F4EBFD1C3CF}] => (Allow) E:\Spiele\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2D822E40-00AB-4F95-81ED-E3C655A0A10C}] => (Allow) E:\Spiele\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{13471EB6-0A67-483C-9410-1726C343EB86}] => (Allow) E:\Spiele\Steam\SteamApps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{545BB231-E8E6-4FCB-8B96-65ECE308CE5F}] => (Allow) E:\Spiele\Steam\SteamApps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{17AF9126-73CA-4365-9174-417279506C28}] => (Allow) E:\Spiele\Steam\SteamApps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{9B710EAC-E27A-4A82-B17D-2404DA0427E0}] => (Allow) E:\Spiele\Steam\SteamApps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{1EE8435D-F4D9-4602-93AC-0D00904FFD28}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{872AF148-A5AD-457D-8D5C-80BE6A697D49}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{8681A479-1428-46C4-BE5B-06414614CCA2}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{2F42EF7D-9D78-4AEE-9675-F4E5167E7F93}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{20BA72C5-DB6E-403F-A328-9D0FA756EC3C}] => (Allow) E:\Spiele\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{1BCC30FB-4202-402E-8B41-8E7575170D9C}] => (Allow) E:\Spiele\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{7DF89B66-3A83-4178-9A22-25213462AF65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E0728937-3E1A-4F94-929C-05E75803EA0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{786D22CD-B73F-4E65-9C7F-08E2E79DE100}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A6D3AEA1-B76A-4B93-B416-5FD3E7342A17}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6B542D19-560D-4B15-AE01-F25608EE04E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{875C76C9-5DD6-41D6-8E28-B5095C328282}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{386F24AE-BE40-4395-91D6-4789751F1190}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{2BE8F940-B101-48FF-A241-314C1A226D09}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{E28F34F0-9DA1-4C40-998B-57425667AA89}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A56754F8-6ACB-4FA5-96AB-B5FCE4B1E3E6}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{82D0C7F8-7D68-4680-A2F7-FCC73476C81C}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{D7AF282C-39BA-4D41-AE71-A75B9E362CBF}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{40AE7984-E1D7-40A6-8617-31F40F15066A}] => (Allow) E:\Spiele\Steam\SteamApps\common\OMSI 2\Omsi.exe
FirewallRules: [{ABD8C5DE-1902-4308-8F44-41018FE78E7B}] => (Allow) E:\Spiele\Steam\SteamApps\common\OMSI 2\Omsi.exe
FirewallRules: [TCP Query User{C538F276-0C50-4071-888C-AE034CD0C4E6}C:\users\stephan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\stephan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{47F5C802-2E43-428B-89E9-FFA5E24D5C90}C:\users\stephan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\stephan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4E4C607D-0A91-4E02-9A45-76666DD2CE67}] => (Allow) E:\Spiele\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{715384F5-CC7F-41AE-8AA4-89325FD4043A}] => (Allow) E:\Spiele\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{D13A04C4-93E7-4839-B655-7BC953C5C6EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AF48F592-A6DA-446E-9469-EE42F71D309A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{CBA925F0-A753-4554-921B-CA698C53ADDD}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E668B28D-DBA5-4298-AF2D-06372884335A}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{9181CB3F-ABC6-4F6E-9D11-FAF4C41D063D}] => (Allow) E:\Program Files (x86)\Office14\GROOVE.EXE
FirewallRules: [{9F3DEE39-E267-4088-995B-6A8054A716CF}] => (Allow) E:\Program Files (x86)\Office14\GROOVE.EXE
FirewallRules: [{C92021DA-2210-4264-9B57-629425CB780A}] => (Allow) E:\Program Files (x86)\Office14\ONENOTE.EXE
FirewallRules: [{902C2E54-0A96-468C-A90F-C83CA112666C}] => (Allow) E:\Program Files (x86)\Office14\ONENOTE.EXE
FirewallRules: [{DB2805AC-AAA1-49CF-AE0E-4DC4AEFBC197}] => (Allow) E:\Program Files (x86)\Office14\outlook.exe
FirewallRules: [TCP Query User{EE2AB22B-EA8D-430C-B8DB-EAEC9549AA84}C:\users\stephan\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\stephan\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [UDP Query User{E11D5AE3-A996-4A7E-A753-010C9AE527D0}C:\users\stephan\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\stephan\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [{8C133BEA-2DC2-427E-977B-87FCFF53C8D2}] => (Allow) E:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CFF7BCB-A2DB-4FCF-B4A4-3C3220CBDCF4}] => (Allow) E:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{9F49A25A-CA67-4504-81CD-26A65DF129C1}E:\spiele\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1BFC1D17-0FEA-4800-AE5D-68705EC1AFC1}E:\spiele\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B3F117C5-305B-43CF-AACE-C60B9B39CBCF}E:\spiele\gta v\gta5.exe] => (Allow) E:\spiele\gta v\gta5.exe
FirewallRules: [UDP Query User{4CA4D9C4-D06D-43CA-9204-3B5B1223C632}E:\spiele\gta v\gta5.exe] => (Allow) E:\spiele\gta v\gta5.exe
FirewallRules: [TCP Query User{BC76ADA5-5DF9-45D6-932D-483CD170606F}E:\spiele\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{65CED66F-B407-4CE2-8E0F-E7AFCBDD50D5}E:\spiele\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5B3FB8A8-D596-4EEF-802B-6A4E8B3FC089}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{B13E3747-67B6-4375-A9AE-AAE6D3462B4B}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [TCP Query User{D60F44ED-5FC0-4919-8A06-905C72CFEC36}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0119099D-223A-4E3C-820E-6B19C53A3F4D}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{E7AD1260-5304-472C-A448-36B521063A41}] => (Allow) C:\Users\Stephan\AppData\Local\Apps\2.0\Z5Q6G9R6.40Y\AR7TT5JK.XP1\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{393833F5-1736-41B0-A585-218604782A2A}] => (Allow) C:\Users\Stephan\AppData\Local\Apps\2.0\Z5Q6G9R6.40Y\AR7TT5JK.XP1\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{7BF03634-E2AB-44E6-AB7A-8B1B74812DC0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A4A39332-E3F0-432C-9E82-7F848843E9CF}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A108F6E9-62A2-4700-93CE-9E339568F656}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{88ECDD92-1660-475D-8129-488184F4D9AE}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{78BDAFD7-8F4C-48AA-8B35-0FFB664A55E2}] => (Allow) E:\Spiele\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ADB8A4A0-AFCF-4062-823D-CBF34EA41FAB}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{D90E0B85-239C-45B8-961F-C339D56D0407}] => (Allow) E:\Spiele\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/29/2015 01:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).
Error: (06/29/2015 10:38:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).
Error: (06/28/2015 11:50:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
Server stack trace:
bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/28/2015 03:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/29/2015 01:31:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/29/2015 01:30:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (06/29/2015 01:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/29/2015 01:30:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/29/2015 10:38:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/29/2015 10:38:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/28/2015 11:50:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
Server stack trace:
bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/28/2015 03:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 16229.02 MB
Available physical RAM: 12499.81 MB
Total Pagefile: 16427.23 MB
Available Pagefile: 12100.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100.51 GB) (Free:38.65 GB) NTFS
Drive e: (Daten) (Fixed) (Total:976.56 GB) (Free:497.58 GB) NTFS
Drive f: (Sonstiges) (Fixed) (Total:886.45 GB) (Free:131.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2EBBA735)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9A497667)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- ---
GMER:
ist leer!
MBAM von vor 9 Tagen Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 20.06.2015
Suchlauf-Zeit: 11:19:56
Logdatei: MBAM.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.06.20.01
Rootkit Datenbank: v2015.06.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Stephan
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365602
Verstrichene Zeit: 7 Min, 24 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 3
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [ec059527f69439fde2901879798c649c],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [b140803cdeaccd698ee4b3de0500ee12],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [df12d2ead8b2b383d5a2345f4db81ae6],
Registrierungswerte: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [ec059527f69439fde2901879798c649c]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [b140803cdeaccd698ee4b3de0500ee12]
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 0
(Keine schädliche Elemente gefunden)
Dateien: 0
(Keine schädliche Elemente gefunden)
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
Von Heute: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 29.06.2015
Suchlauf-Zeit: 13:36:10
Logdatei: MBAM_2.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.06.29.01
Rootkit Datenbank: v2015.06.26.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Stephan
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 368000
Verstrichene Zeit: 6 Min, 44 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)
Registrierungswerte: 0
(Keine schädliche Elemente gefunden)
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 0
(Keine schädliche Elemente gefunden)
Dateien: 1
PUP.Optional.AppDataFR.A, C:\Users\Stephan\AppData\Roaming\appdataFr2.bin, In Quarantäne, [096cdae66327e650f72a18dfcc374cb4],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
Habe eben auf der Suche nach einem Logfile folgendes gefunden:
in C:/Benutzer/Stephan/AppData/"Local***Viele Chinesische Schriftzeichen**"
Dateityp: ClickForSaLe
Kaspersky Log: Code:
26.06.2015 21.55.31 Gefundenes Objekt (Anlage zu einer Nachricht) wurde desinfiziert. [From:maiseynqn449@yahoo.com][Subject:Re:My resume][Time:2015/06/08 15:21:44]//my_resume.zip Anlage zu einer Nachricht: [From:maiseynqn449@yahoo.com][Subject:Re:My resume][Time:2015/06/08 15:21:44]//my_resume.zip Objektname:: Objekttyp:: Unbekannte Bedrohung Zeitpunkt:: 26.06.2015, 21:55
26.06.2015 21.55.31 Gefundenes Objekt (Anlage zu einer Nachricht) wurde gelöscht. [From:maiseynqn449@yahoo.com][Subject:Re:My resume][Time:2015/06/08 15:21:44]//my_resume.zip//resume1429.html Anlage zu einer Nachricht: [From:maiseynqn449@yahoo.com][Subject:Re:My resume][Time:2015/06/08 15:21:44]//my_resume.zip//resume1429.html Objektname:: Trojan.HTML.IFrame.hf Objekttyp:: Trojanisches Programm Zeitpunkt:: 26.06.2015, 21:55
21.06.2015 20.10.10 Gefundenes Objekt (Datei) wurde gelöscht. C:\AdwCleaner\Quarantine\C\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\60o0euy7.default\Extensions\kKiR@Tq.net\content\bg.js.vir Datei: C:\AdwCleaner\Quarantine\C\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\60o0euy7.default\Extensions\kKiR@Tq.net\content\bg.js.vir Objektname:: not-a-virus:HEUR:AdWare.Script.Generic Objekttyp:: Adware Zeitpunkt:: 21.06.2015, 20:10
21.06.2015 20.09.51 Gefundenes Objekt (Datei) wurde gelöscht. C:\AdwCleaner\Quarantine\C\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaliboanibgpppplnnkjpggnjkpgmla\4.41\P8kZ.js.vir Datei: C:\AdwCleaner\Quarantine\C\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\njaliboanibgpppplnnkjpggnjkpgmla\4.41\P8kZ.js.vir Objektname:: not-a-virus:HEUR:AdWare.Script.Generic Objekttyp:: Adware Zeitpunkt:: 21.06.2015, 20:09
21.06.2015 19.45.04 Gefundenes Objekt (Datei) wurde gelöscht. C:\AdwCleaner\Quarantine\C\ProgramData\SmartCompare\0LNMotX8tQzDxn.exe.vir Datei: C:\AdwCleaner\Quarantine\C\ProgramData\SmartCompare\0LNMotX8tQzDxn.exe.vir Objektname:: UDS:DangerousObject.Multi.Generic Objekttyp:: Unbekannte Bedrohung Zeitpunkt:: 21.06.2015, 19:45
|
FRST 32-Bit | FRST 64-Bit
Lesestoff: