Trojaner-Board
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Vermutung an Trojaner oder Virus (https://www.trojaner-board.de/175768-vermutung-trojaner-virus.html)

Speed9001 09.02.2016 10:03
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:00:47) Run:3
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
S2 prgductyy; C:\Users\Dom\AppData\Local\Fase-ron.exe upyateupda prgductyy [X]
C:\Users\Dom\AppData\Local\Fase-ron.exe
File: C:\Windows\system32\dnsapi.dll
File: C:\Windows\SysWOW64\dnsapi.dll
emptytemp:
*****************

prgductyy => Dienst erfolgreich entfernt
"C:\Users\Dom\AppData\Local\Fase-ron.exe" => nicht gefunden.

========================= File: C:\Windows\system32\dnsapi.dll ========================

Datei ist nicht signiert
MD5: D41D8CD98F00B204E9800998ECF8427E
Erstellungs- und Änderungsdatum: 2015-08-21 10:50 - 2015-08-21 10:50
Größe: 0357888
Attribute: ----A
Firmenname:
Interne Name:
Original Name:
Produkt:
Beschreibung:
Datei Version:
Produkt Version:
Urheberrecht:

====== Ende von File: ======


========================= File: C:\Windows\SysWOW64\dnsapi.dll ========================

Datei ist nicht signiert
MD5: D41D8CD98F00B204E9800998ECF8427E
Erstellungs- und Änderungsdatum: 2015-08-21 10:50 - 2015-08-21 10:50
Größe: 0270336
Attribute: ----A
Firmenname:
Interne Name:
Original Name:
Produkt:
Beschreibung:
Datei Version:
Produkt Version:
Urheberrecht:

====== Ende von File: ======

EmptyTemp: => 3.3 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:00:48 ====

cosinus 09.02.2016 10:27
Irgendwas stimmt da mit ner Systemdatei bei dir noch nicht. Daher nochmal bitte das hier machen:

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
dnsapi.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 10:30
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:29:26) Run:4
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
dnsapi.dll
*****************

dnsapi.dll => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.

==== Ende von Fixlog 10:29:26 ====

cosinus 09.02.2016 10:32
Hmpf...irgendwie klappt das nicht wie ich will :balla:

Dann mal bitte so:

Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    dnsapi.dll
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.


Speed9001 09.02.2016 10:40
Da bleibt mein PC wohl zickig

Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 10:36 on 09/02/2016 by Dom
Administrator - Elevation successful

========== filefind ==========

Searching for "dnsapi.dll"
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\Windows\System32\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [09:50 21/08/2015] (Unable to calculate MD5)
C:\Windows\SysWOW64\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [09:50 21/08/2015] (Unable to calculate MD5)
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll        --a---- 357888 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] A52B6CC24063CC83C78C0E6F24DEEC01
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:24 03/03/2011] 492D07D79E7024CA310867B526D9636D
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll        --a---- 270336 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] 59DF156711A76BCB993253EC6C9BBF41
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:38 03/03/2011] B40420876B9288E0A1C8CCA8A84E5DC9
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD

-= EOF =-

cosinus 09.02.2016 10:53
Dann wollen wir die mal glattziehen:

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
replace: C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll C:\Windows\system32\dnsapi.dll
replace: C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll C:\Windows\SysWOW64\dnsapi.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 10:56
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:55:20) Run:5
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
replace: C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll C:\Windows\system32\dnsapi.dll
replace: C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll C:\Windows\SysWOW64\dnsapi.dll
       
*****************

C:\Windows\system32\dnsapi.dll => erfolgreich verschoben
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll erfolgreich kopiert zu C:\Windows\system32\dnsapi.dll
C:\Windows\SysWOW64\dnsapi.dll => erfolgreich verschoben
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll erfolgreich kopiert zu C:\Windows\SysWOW64\dnsapi.dll

==== Ende von Fixlog 10:55:20 ====

cosinus 09.02.2016 11:04
Gut...dann bitte neustarten falls noch nicht getan. Und bitte nochmal systemlook:

Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    dnsapi.dll
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.



Und auch frische FRST-Logs bitte zur Sicherheit. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

Speed9001 09.02.2016 11:24
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 11:18 on 09/02/2016 by Dom
Administrator - Elevation successful

========== filefind ==========

Searching for "dnsapi.dll"
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\Windows\System32\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\SysWOW64\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll        --a---- 357888 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] A52B6CC24063CC83C78C0E6F24DEEC01
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:24 03/03/2011] 492D07D79E7024CA310867B526D9636D
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll        --a---- 270336 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] 59DF156711A76BCB993253EC6C9BBF41
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:38 03/03/2011] B40420876B9288E0A1C8CCA8A84E5DC9
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD

Searching for "        "
No files found.

-= EOF =-
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von Dom (Administrator) auf DOM-PC (09-02-2016 11:22:02)
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(TS3index.com GbR) C:\Program Files (x86)\TS3index\MusicBot\bot-manager_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(GamersFirst) C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\Live.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [ts3index_musicbot_service] => "C:\Program Files (x86)\TS3index\MusicBot.\bot-manager_service"
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\MountPoints2: {83c2cac0-47b2-11e5-b70a-f6e0f5d76a61} - I:\pushinst.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-08-22]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-11-24]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2015-08-22]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-11-12]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4630 series.lnk [2016-02-09]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2A0CA051-E15A-4939-8D32-89D1DD26A106}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-23] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default
FF SelectedSearchEngine: Bing®
FF Homepage: C:\\ProgramData\\dlohns\\ff.HP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-22] (Adobe Systems) [Datei ist nicht signiert]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1300512 2016-01-17] ()
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2016-02-06] (BOONTY) [Datei ist nicht signiert]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-27] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-10-03] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S2 Labtech; C:\ProgramData\\Labtech\\Labtech.exe shuz -f "C:\ProgramData\\Labtech\\Labtech.dat" -l -a
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 REACHit; "C:\Program Files\REACHit\REACHit.exe" /s iid=10223560 did=Missing sid= ref= id=91d134fd45d1bfcf687aece54fe078c2ae2e3da5948a8b33ebe9ae3d896bc9d3 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-04] (AVM GmbH)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 11:22 - 2016-02-09 11:22 - 00018434 _____ C:\Users\Dom\Desktop\FRST.txt
2016-02-09 11:18 - 2016-02-09 11:21 - 00004322 _____ C:\Users\Dom\Desktop\SystemLook.txt
2016-02-09 11:17 - 2016-02-09 10:34 - 00165376 _____ C:\Users\Dom\Desktop\SystemLook_x64.exe
2016-02-08 16:00 - 2016-02-08 15:57 - 02370560 _____ (Farbar) C:\Users\Dom\Desktop\FRST64.exe
2016-02-08 16:00 - 2016-02-08 15:57 - 01609032 _____ (Malwarebytes) C:\Users\Dom\Desktop\JRT.exe
2016-02-08 15:49 - 2016-02-08 15:52 - 00000000 ____D C:\AdwCleaner
2016-02-08 15:48 - 2016-02-08 15:47 - 01508352 _____ C:\Users\Dom\Desktop\AdwCleaner_5.032.exe
2016-02-08 15:37 - 2016-02-08 15:45 - 00213770 _____ C:\TDSSKiller.3.1.0.9_08.02.2016_15.37.09_log.txt
2016-02-08 15:36 - 2016-02-08 15:34 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Dom\Desktop\tdsskiller.exe
2016-02-08 14:36 - 2016-02-08 14:36 - 00000000 ____D C:\Users\Dom\AppData\Roaming\IObit
2016-02-08 10:15 - 2016-02-08 15:23 - 00000000 ____D C:\Users\Dom\Desktop\mbar
2016-02-07 16:10 - 2016-02-08 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-07 13:39 - 2016-02-09 11:22 - 00000000 ____D C:\FRST
2016-02-06 09:06 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-06 09:06 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-06 09:06 - 2016-02-06 12:17 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-06 09:06 - 2016-02-06 09:06 - 00003172 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-02-06 09:06 - 2016-02-06 09:06 - 00002860 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Dom
2016-02-06 09:06 - 2016-02-06 09:06 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-02-06 09:06 - 2016-02-06 09:06 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-02-06 09:05 - 2016-02-06 09:05 - 00041472 _____ C:\Users\Dom\AppData\Local\Fase-ron.dat
2016-02-06 09:05 - 2016-02-06 09:05 - 00000187 _____ C:\Users\Dom\AppData\Local\Fase-ron.exe.config
2016-02-06 08:23 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BoontyGames
2016-02-06 08:08 - 2016-02-06 08:49 - 00000000 ____D C:\ProgramData\TEMP
2016-02-06 08:07 - 2016-02-07 11:37 - 00000000 ____D C:\Program Files (x86)\Games
2016-02-06 05:28 - 2016-02-06 05:28 - 00000000 ____D C:\Users\Dom\AppData\Roaming\kingsoft
2016-02-06 05:28 - 2016-02-06 05:28 - 00000000 ____D C:\Users\Dom\AppData\Local\kingsoft
2016-02-06 05:22 - 2016-02-06 09:03 - 00000000 ____D C:\Users\Dom\AppData\Local\Tempfolder
2016-02-06 05:22 - 2016-02-06 05:28 - 00000000 ____D C:\ProgramData\kingsoft
2016-02-06 05:21 - 2016-02-06 05:21 - 00003338 _____ C:\Windows\System32\Tasks\Amopc
2016-02-01 03:26 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-29 19:51 - 2016-01-29 19:51 - 00000000 ____D C:\Users\Dom\Documents\Rise of the Tomb Raider
2016-01-29 19:51 - 2016-01-29 19:51 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Crystal Dynamics
2016-01-29 19:43 - 2016-01-29 19:43 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-28 18:58 - 2016-01-28 18:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-28 00:37 - 2016-02-08 05:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 17:03 - 2016-01-26 17:03 - 00000000 ____D C:\Users\Dom\Documents\Black Ops 2 - GSC Studio
2016-01-26 16:59 - 2016-01-26 16:59 - 00000000 ____D C:\Users\Dom\Desktop\MAPS
2016-01-24 22:19 - 2016-01-24 22:19 - 00000006 _____ C:\Users\Dom\Desktop\Steam.txt
2016-01-24 17:09 - 2016-01-26 13:56 - 00000000 ____D C:\Users\Dom\AppData\Local\CyberGhost
2016-01-24 17:08 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-01-24 17:08 - 2016-01-26 07:04 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-01-24 17:08 - 2016-01-26 04:59 - 00001881 _____ C:\Users\Dom\Desktop\CyberGhost 5.lnk
2016-01-24 17:08 - 2016-01-24 17:08 - 00000000 ____D C:\Program Files\TAP-Windows
2016-01-24 04:52 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-01-24 04:52 - 2016-01-28 19:50 - 00001971 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-01-24 02:13 - 2016-01-24 04:53 - 00000000 ____D C:\Users\Dom\Documents\Rockstar Games
2016-01-24 02:13 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-01-24 02:13 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-01-23 20:48 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-23 20:48 - 2016-01-23 20:48 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-19 19:21 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TS3index
2016-01-19 19:21 - 2016-01-19 19:21 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TS3index
2016-01-19 19:19 - 2016-01-19 19:19 - 00000087 _____ C:\ProgramData\Uninstaller.bat
2016-01-16 21:24 - 2016-01-19 19:21 - 00000000 ____D C:\Users\Dom\AppData\Local\TS3index.com_GbR
2016-01-16 21:23 - 2016-01-19 19:20 - 00000000 ____D C:\Program Files (x86)\TS3index
2016-01-13 18:07 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 18:07 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 18:07 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 18:07 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 18:07 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 18:07 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 18:03 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 18:03 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 18:03 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 18:03 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 18:03 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 18:03 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 18:03 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 18:03 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 18:03 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 18:03 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 18:03 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 18:03 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 18:03 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 18:03 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 18:03 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 18:03 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 18:03 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 18:03 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 18:03 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 18:03 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 18:03 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 18:03 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 18:03 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 18:03 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 18:03 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 18:03 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 18:03 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 18:03 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 18:03 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 18:03 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 18:03 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 18:03 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 18:03 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 18:03 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 18:03 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 18:03 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 18:03 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 18:03 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 18:03 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 18:03 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 18:03 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 18:03 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 18:03 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 18:03 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 18:03 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 18:03 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 18:03 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 18:03 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 18:03 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 18:03 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 18:03 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 18:03 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 18:03 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 18:03 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 18:03 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 18:03 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 18:03 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 18:02 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 18:02 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 18:02 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 18:02 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 18:02 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 18:02 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 18:02 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 17:53 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 17:53 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 17:53 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 17:53 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 17:53 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 17:53 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 17:53 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 17:53 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 17:53 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 17:53 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 17:53 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 17:53 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 17:53 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 17:53 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 17:53 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 17:53 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 17:53 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 17:53 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 17:53 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 17:53 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 17:53 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 17:53 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 17:53 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 11:21 - 2015-08-21 19:12 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-02-09 11:19 - 2015-08-21 23:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 11:17 - 2015-08-21 00:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-09 11:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-09 11:15 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-09 11:15 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-09 09:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-08 20:09 - 2015-08-20 23:06 - 00000000 ____D C:\Users\Dom
2016-02-08 19:57 - 2015-09-05 04:34 - 00000000 ____D C:\Users\Dom\Desktop\Backups
2016-02-08 19:44 - 2015-11-17 10:25 - 00000000 ____D C:\Users\Dom\AppData\LocalLow\Temp
2016-02-08 16:20 - 2014-05-16 20:23 - 00000000 ____D C:\Users\Dom\Desktop\Dom
2016-02-08 14:41 - 2015-12-01 23:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-08 14:41 - 2015-08-22 00:23 - 00000000 ____D C:\Users\Dom\AppData\Local\CrashDumps
2016-02-08 14:40 - 2015-12-01 23:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-08 14:36 - 2015-11-24 17:45 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-02-08 14:33 - 2015-08-20 23:06 - 00000000 ____D C:\Users\Dom\AppData\Local\VirtualStore
2016-02-08 09:52 - 2015-08-23 13:06 - 00000000 ____D C:\Users\Dom\AppData\Local\LogMeIn Hamachi
2016-02-08 05:16 - 2015-08-21 00:37 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-02-08 05:15 - 2015-11-23 14:33 - 00000000 ____D C:\Program Files (x86)\Construction Simulator 2015
2016-02-08 05:15 - 2015-08-22 16:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-08 05:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Raptr
2016-02-08 05:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-08 05:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-02-08 05:13 - 2015-12-01 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-07 11:42 - 2015-08-20 23:07 - 00001433 _____ C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-07 11:37 - 2015-12-01 23:33 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-02-07 11:37 - 2015-11-17 11:28 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-02-07 11:37 - 2015-09-19 19:46 - 00000000 ____D C:\Program Files (x86)\DayZLauncher
2016-02-07 11:37 - 2015-08-23 20:42 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-02-07 11:37 - 2015-08-22 14:20 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-02-07 11:37 - 2015-08-22 14:18 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2016-02-07 11:37 - 2015-08-22 00:35 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-07 11:37 - 2015-08-21 20:10 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-07 11:37 - 2015-08-20 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-07 11:37 - 2014-11-17 21:15 - 00000000 ____D C:\Users\Dom\Desktop\MYSQL
2016-02-06 12:05 - 2015-08-22 00:53 - 00000000 ____D C:\Users\Dom\AppData\Roaming\uTorrent
2016-02-06 10:54 - 2015-12-06 00:10 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TeamViewer
2016-02-06 10:54 - 2015-08-23 20:50 - 00000000 ____D C:\Users\Dom\AppData\Roaming\FileZilla
2016-02-06 06:03 - 2015-12-01 23:33 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TS3Client
2016-02-06 05:03 - 2015-08-21 09:57 - 00000000 ____D C:\Users\Dom\AppData\Roaming\vlc
2016-02-05 00:44 - 2015-09-01 21:31 - 00000080 _____ C:\Users\Dom\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-02-04 20:13 - 2015-08-21 10:14 - 00000000 ____D C:\Users\Dom\AppData\Roaming\.minecraft
2016-02-03 06:37 - 2015-08-22 01:04 - 00000000 ____D C:\ProgramData\Origin
2016-02-02 23:13 - 2015-08-22 01:04 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-01 03:27 - 2015-08-21 20:27 - 00000000 ____D C:\Users\Dom\AppData\Roaming\DVDVideoSoft
2016-02-01 03:26 - 2015-08-21 20:28 - 00001302 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-02-01 03:26 - 2015-08-21 20:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-02-01 03:25 - 2015-08-21 20:28 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-01-29 19:44 - 2015-11-17 11:27 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-29 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-29 19:42 - 2015-11-17 11:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-28 19:17 - 2015-09-01 21:27 - 00000000 ____D C:\Program Files\Rockstar Games
2016-01-28 19:17 - 2015-09-01 21:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-24 06:25 - 2009-07-14 05:45 - 00432728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-24 04:54 - 2015-09-01 20:21 - 00000000 ____D C:\Users\Dom\AppData\Local\Rockstar Games
2016-01-24 04:52 - 2015-08-20 23:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-23 23:07 - 2015-08-21 00:49 - 00000000 ____D C:\Users\Dom\AppData\Local\2K Games
2016-01-23 22:23 - 2015-08-20 23:24 - 00111080 _____ C:\Users\Dom\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-23 22:08 - 2015-11-17 13:36 - 00000000 ____D C:\Program Files (x86)\HP
2016-01-23 22:02 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2016-01-23 21:59 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-23 21:18 - 2015-11-17 14:52 - 03936256 ___SH C:\Users\Dom\Desktop\Thumbs.db
2016-01-23 20:49 - 2015-08-21 10:30 - 00000000 ____D C:\ProgramData\Oracle
2016-01-23 20:48 - 2015-08-21 10:30 - 00000000 ____D C:\Users\Dom\.oracle_jre_usage
2016-01-23 20:48 - 2015-08-21 10:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-23 03:18 - 2015-09-01 20:30 - 00000000 ____D C:\Users\Dom\Documents\Rockstar Games[Steam]
2016-01-22 05:07 - 2015-08-23 20:42 - 00001837 _____ C:\Users\Dom\Desktop\FileZilla Client.lnk
2016-01-20 21:20 - 2015-12-13 00:37 - 00000000 ____D C:\output
2016-01-20 21:18 - 2015-12-13 00:34 - 00003072 ____H C:\Users\Dom\Desktop\photothumb.db
2016-01-20 03:19 - 2015-08-21 23:47 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 03:19 - 2015-08-21 23:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 03:19 - 2015-08-21 23:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 00:21 - 2015-11-12 14:34 - 00000000 ____D C:\ProgramData\MEGAsync
2016-01-19 19:19 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-19 17:28 - 2015-10-03 16:16 - 00000000 ____D C:\Users\Dom\AppData\Roaming\.technic
2016-01-18 17:47 - 2015-11-06 11:31 - 00000000 ____D C:\Users\Dom\AppData\Roaming\7DaysToDie
2016-01-18 15:45 - 2015-08-23 20:42 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-01-17 20:06 - 2015-10-09 22:20 - 00000000 ____D C:\Users\Dom\AppData\Local\Arma 3
2016-01-17 15:29 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-01-17 15:29 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-01-17 15:29 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 14:49 - 2015-11-24 20:27 - 00000000 ____D C:\Users\Dom\Desktop\MUSIK
2016-01-15 15:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 17:10 - 2015-08-21 18:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 17:10 - 2015-08-21 18:52 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 03:07 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-05 18:29 - 2015-11-11 10:21 - 0000297 _____ () C:\Users\Dom\AppData\Roaming\BreakingPoint_Login.ini
2015-11-05 22:47 - 2015-11-11 10:48 - 0001428 _____ () C:\Users\Dom\AppData\Roaming\BreakingPoint_Options.ini
2015-08-22 00:38 - 2015-08-22 00:38 - 0003584 _____ () C:\Users\Dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-20 23:21 - 2015-08-20 23:21 - 0000000 _____ () C:\Users\Dom\AppData\Local\Driver_LOM_8161Present.flag
2016-02-06 09:05 - 2016-02-06 09:05 - 0041472 _____ () C:\Users\Dom\AppData\Local\Fase-ron.dat
2016-02-06 09:05 - 2016-02-06 09:05 - 0000187 _____ () C:\Users\Dom\AppData\Local\Fase-ron.exe.config
2015-11-19 10:29 - 2015-11-19 10:29 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-20 23:17 - 2015-08-20 23:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-17 13:35 - 2016-01-23 22:08 - 0005968 _____ () C:\ProgramData\hpzinstall.log
2016-01-19 19:19 - 2016-01-19 19:19 - 0000087 _____ () C:\ProgramData\Uninstaller.bat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Uninstaller.bat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-08 16:52

==================== Ende von FRST.txt ============================

Speed9001 09.02.2016 11:25
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 11:22:39)
Gestartet von C:\Users\Dom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-20 22:06:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1235700998-711781633-2637323769-500 - Administrator - Disabled)
Dom (S-1-5-21-1235700998-711781633-2637323769-1000 - Administrator - Enabled) => C:\Users\Dom
Gast (S-1-5-21-1235700998-711781633-2637323769-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1235700998-711781633-2637323769-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Agricultural Simulator 2013 Steam Edition (HKLM-x32\...\Steam App 236790) (Version:  - Actalogic)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.7.672769 - )
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
D1600 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
DJ_SF_06_D1600_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.14.1 (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GamersFirst LIVE! (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{3566FFED-696A-4260-8F12-073426CAC951}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO® Jurassic World (HKLM-x32\...\Steam App 352400) (Version:  - TT Games Ltd)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\OpenIV) (Version: 2.6.4.642 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.14 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Officejet 4630 series (HKLM\...\{3917CF9F-DF46-406E-B524-CA0F150C70D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TS3index Bot-Manager (HKLM\...\TS3index-MusicBot) (Version: 1.0.4.1 - TS3index.com GbR)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0AF25965-B903-4B2B-956D-AD4CDCDFC9E2} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {21067C23-AF81-4D97-BB25-A7EBF525104C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)
Task: {233D6A45-A883-44E5-8892-73BC001BB99B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {2C918559-208D-433F-A594-D29D5CD0A688} - System32\Tasks\{8E3F63A9-347F-40E2-9223-AFACFA445E61} => pcalua.exe -a C:\Users\Dom\Downloads\vcredist_x86(1).exe -d C:\Users\Dom\Downloads
Task: {351153FA-66AE-421A-BB08-7222B6D6DDA2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {377BE9B2-82E3-4F28-AEB7-781918A3E8B4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {4B56C203-57C9-44FC-90F3-3A1BFCBBA55A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {7832440A-5513-4D98-BCDE-95733F3E9F3B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {89983B81-D595-4EE7-85C3-50A78A2A0F02} - System32\Tasks\ASC9_SkipUac_Dom => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {BA3E072B-3AE2-4F0D-8C75-9230C23EB31C} - System32\Tasks\Amopc => C:\PROGRA~1\GROOVE~1\Tenciubg.bat
Task: {E8204C68-68E8-4C6B-A0BA-AD61D61513DF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ED9F2364-2362-44C4-A789-67FD237B2D2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F54A718C-39D8-4544-B14E-A915FDD95837} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-24 00:50 - 2016-01-17 14:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-03 01:35 - 2015-10-03 01:35 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-23 20:11 - 2015-06-23 20:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-01-29 19:40 - 2016-01-18 00:07 - 08913088 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2012-04-26 23:38 - 2012-04-26 23:38 - 20758016 _____ () C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\libcef.dll
2016-01-20 00:21 - 2016-01-20 00:21 - 00143872 _____ () C:\ProgramData\MEGAsync\libuv.dll
2015-12-16 14:42 - 2015-12-16 14:42 - 00052224 _____ () C:\ProgramData\MEGAsync\cares.dll
2015-05-20 03:29 - 2015-05-20 03:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:98DFF516
AlternateDataStreams: C:\Users\Dom\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Dom\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Dom\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Dom\AppData\Roaming:NT2

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-08 20:09 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1235700998-711781633-2637323769-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{75B8FEAA-B2AD-4DFF-8D52-1660EBD15E56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4963F417-21BA-4147-B898-1FA299C00287}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB66ED09-072A-48AB-9AAA-E872DBC5C3D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B86B15DD-0F95-43E6-99C2-52013B9C4684}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{76C6E3D1-E28B-47CE-B066-E6D4B4858DBC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{81C2BA1E-5B52-4509-B4B5-84C4CDBB5042}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E4F8F776-7C18-4EE1-AE04-B3E1CA0FA338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{08B48107-8314-4AF2-8782-C265DB2DB6B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{74E43784-D126-40FC-B436-65188CD002F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9115CBB1-3C18-416F-A8FE-DD719584CB32}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F79CDD61-F218-4477-BB71-A3F0E076BEF3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6466359D-5A04-47D5-ABE3-F6A26900F3EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B935BABA-6E53-47E6-AE02-AC349E04C8D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4DD8C3DE-EE4C-4611-96BE-3F6F347DE899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{71E8F385-7EDF-45BE-BA89-322D6D677D39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E96DA8DA-C3E1-4B36-AAB5-9B2D92DD8403}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4E3785B1-A9BB-4BA9-803B-0B6F42A41E0F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{374ABD88-19A0-492D-96C9-3DD8F0311B05}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4C7250A-5BEE-4F13-ABA0-15F79C07D932}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AD991DF-2D41-471B-A506-5EB2555E9AE4}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31AF3599-DC8B-4676-A5F1-CC563E0AB92F}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1874C657-0B29-4D42-B045-4B7385392D98}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{13E19E92-2DEC-40C7-8471-32E55EE9D4F7}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5613FC39-DA02-465D-822B-CA734D673754}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{97B9D3E2-E66E-4708-A600-F8E7408FA8E2}] => (Allow) LPort=2869
FirewallRules: [{6206DAC0-DB7B-4423-BD1C-DB63299A79A0}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{90F6E918-81F9-4B51-82CB-8465EC5D16C1}C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6D2FF0BE-7F9F-4719-9902-6043FD597E5B}C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{39F1B8D6-E5A1-4243-8BF9-13F566ED396B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{9FBBF37C-241D-492B-AAE8-5AB000BED891}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{7AF90895-3B32-40F4-8336-DDE08736E326}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{70F7AA9B-797E-410A-B7E1-0937F601AB1E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{5F886389-A4A3-430A-A494-147FDFE84A72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C6782F67-FC40-42CD-90DD-26C6190C2372}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [TCP Query User{BB798B29-9082-4883-8253-A41CE1E89F53}C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe
FirewallRules: [UDP Query User{74FD511D-FD55-4A07-9083-051623C1D8FF}C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe
FirewallRules: [{8FA1A778-105C-4286-A6D6-9AF06D3E206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{51019B1D-EA88-4427-BCBF-0781BE76EE1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{BAC9DDCE-03BD-4A1C-8B1C-A87BD12F70A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A0B029FD-6DAE-47B8-8176-F5846886350C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{FCD571B1-954C-4C9C-B978-CCB104BED1FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{744C5826-C6A8-492E-9012-3AFA4227D1D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{E8FA4D48-A9F8-4527-90B4-4C95EA131D97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8B0CA78A-1A9D-4F88-BF66-5C6D0867733D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{07B3A6E4-03E3-432F-9AA9-5415D66A3A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9E8C1836-AC26-42AF-8332-FB304DC3252B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{96ACBFFA-2435-417F-ADE3-25E25414F846}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{2013FF12-DB80-40D6-960A-6D919203D373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{520F8648-DC3E-44D5-A0E5-14CF68FC0B2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{55DFBD21-8A62-494B-B525-A34CAEB9D4D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{F8ABFBA6-EE1E-4405-A7E2-5FDED6D0E4D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{5499BC2B-DFFC-4786-8D7F-81716E5F9F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{6F9486B7-9E81-4F0D-8693-9DFE7FD0F731}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{1007D4C1-4E05-4B1A-81A7-B036798903BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{0F1FE2C5-4D62-48FE-9E5F-1612A4711458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{2787D934-C6AC-41AF-AE71-32119EED2751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{3C5BD4DA-BB05-4F6A-B519-4DF92EE93957}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88703E28-9940-4F7F-B942-8C1BB19FC4BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{6336B09E-2BD4-4DE0-851D-D38CA775F074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CE181B20-5FDC-41BB-A096-9515A7DCAAEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{219E460B-356D-4A5B-8AE4-22F500AF8EEA}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AFED0340-60D0-4C41-998A-CD2BBF171ED4}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{1CE59142-DE34-475E-825E-C8EF853F0CCB}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{F86E535B-6649-41D1-9728-30C1721739E9}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{2F87416A-0384-4721-A6A1-6D73CB17596E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{90736B58-8E98-421F-9D90-B635A63A5699}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1E65960B-8A39-42E5-A9FE-23539EE96831}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{A79533C6-90AC-409A-8C49-DED2DC2D2ED2}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F8A87DCF-F659-423B-ACF7-53E7BC449937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{DC3F51DD-A144-4E2E-9175-A8B09324B7BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{7BBA87FA-C567-4DF7-AB17-6CF48D6C7CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{356D8870-CE26-4A5E-8ED4-4BD631BA6FD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{B33DA918-E282-49F2-9BB5-97874AA816B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{CB2D1F99-9D0F-4BB9-9130-8E957A3D3BFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [TCP Query User{4E405533-BFAC-4872-91E4-C2F168A13B96}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{D734D39A-34F9-4607-AB1E-5D9E37CD904D}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{F6CAE115-226A-4AAE-A36B-51AA81E2BAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agricultural Simulator 2013\agrarsimulator2013.exe
FirewallRules: [{EFE49666-32E9-47E9-ABB3-F383CDC81DBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agricultural Simulator 2013\agrarsimulator2013.exe
FirewallRules: [{C7402F39-6E4E-42B5-B3B7-26DA931A4BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{71D42B19-30EA-4E8E-8A8B-22437A156C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{7632A17F-CDF9-4E3F-B007-A1231244F584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{F6DE6419-B34F-4F7C-AB49-F2DCEF7B7F95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{8BCD7223-A948-4D47-B7B1-C95D115CA39D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{68CF0643-9354-44DA-A0B3-72A246FB14CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{79BDD18E-7119-48FE-AB56-82A0DD1C21C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{C5287C74-9936-45D2-95AD-843EE8BEEBFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [TCP Query User{0658F253-87F1-49EA-AAAB-095B8ED0A512}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [UDP Query User{AC681115-00D5-4511-B4BA-18BF5F433CE7}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{6CE0C969-DFA1-4B3E-A2DB-96DB66B4A7AF}] => (Block) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{F1D0D095-F640-44C9-8755-06FAB6766B70}] => (Block) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{EB36CAB7-42B8-4BBD-B880-2327647D9209}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{30BDCC66-B856-4BA5-BB25-F85B3CD6FA69}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33788DA2-F22C-4694-88A1-92C1615A718D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DCCBD060-4246-40A1-921E-03D8C2DA7A31}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{26D66B95-ED21-427F-9061-363DD94FE6B9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{78634299-7CEA-4349-A21F-F855EBA17B01}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{17064DBD-E02E-4DAA-BAA9-2CFF048B5AF1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{3DADBBB1-AE36-469B-9F7A-4EDD2883F2B6}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{64EB3492-5300-4D7E-AF3B-975BDD06F2D4}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FCD35C7C-A5C4-49A8-B496-9D0097D99D52}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{922BB6F2-5774-4267-BA87-2CC4E4FF33FB}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{CBD63F08-A284-4ED6-9683-7930CBB7B567}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{50302829-BB7C-41F3-B5B0-10DCEC17B363}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{51C9B5F2-4498-48B4-90AC-DC5F49F496D3}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{7FF1153E-DB8E-4C9B-9677-1AF26030F0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{FD4787AA-F4C7-4E39-BF70-50D73639C1B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C8F3FB2-AECC-4EA9-8696-77CEF9B2763D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A6B7BDA1-31B6-4D7B-BA48-AF6A719790D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{6BC8CF49-9311-4DD2-B171-7A99D774892C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ABF7E66-7B16-4209-9A05-44D7EC750E39}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF4F41DD-15AA-4EBA-9090-0D96A074D095}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6C9B91D9-256E-4D0E-A880-CA4038EAA80A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F10BA6ED-2409-4155-8706-E121336C3CF7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4BE29969-DD9A-46B7-BE9A-40D7DDB9D86A}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{0712F209-293F-45BE-95F4-B55EEFFA8FFC}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{74E80A5D-ED06-4FC5-9363-E8ABB005B3FF}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{DEB06DCD-EA8E-4DD8-9F7C-F7E63A930D43}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{126C8E35-5156-41E1-9FA9-5A8B83E22E05}] => (Allow) LPort=5357
FirewallRules: [{45521AD0-9B28-4758-B5A8-32C6BD562581}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{01823059-8C1B-4535-B43E-5B734AC06255}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{65DC6E13-B70E-40CE-96B3-F62F75F8C61A}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{82B1B5BA-42C2-43E4-841C-34D8B6249730}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E52D2DDF-D104-41E7-95F1-94D498E2D3C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A001FC03-0BD0-4C54-B417-2AA0DFA8E4D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{61C33BA0-83C6-4B3A-9348-CC485427E8E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{58DA4153-3EF2-40B9-9132-31D8258E94B6}] => (Allow) C:\Users\Dom\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{6077118B-9131-48ED-AC0F-88E81711120E}C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{7CA9E6F0-0742-4260-BDD0-B8874C47DA17}C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{9A6E853D-F354-4091-9868-E9B08053B177}] => (Block) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{C52FC8BB-3FBF-47A0-9A62-22E732A21664}] => (Block) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{67965580-FB08-4126-A1F8-D548CDEFF9D7}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{7FD6266B-E40F-4CB7-9AFA-BB6DE962070F}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{EF300AD2-6F47-4851-A17D-9E20857E7BC3}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{2297EC24-F859-45B2-AAC7-EF1A787992ED}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{5FD904B5-D010-414E-B5E0-192EA491A9F4}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{DB1A7F18-8E2C-4FE3-B5F9-4B42F8F39753}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{BBC3FB4A-649B-41AC-8CB5-2B2539A824DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B4A2D0F0-83C6-47DD-A472-445934975C83}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{132201BC-170E-4318-B410-E990B84057DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4290CC36-FDFD-4035-9F36-F83E5EC20FCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0FF5AB65-B181-4BB8-BDA9-4FCA0B828535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{48FBD14B-B2C7-4DDB-A97F-2594DCF7A0C8}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{F0F2C69C-959D-4539-BAFF-406A820F2731}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4BD0EE7E-550C-42FA-8042-218C33E5C144}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{5DD7ED53-9671-4B68-A51F-B474C2087151}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{69BD5FDC-FA43-4136-B476-D69ADC055914}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{8BE1EF5D-7070-480A-989D-668BF9D20CD3}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{AEADAB4E-9B2D-482A-A8BD-E8FFA9583C6A}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{FCE36ED7-E983-4DB8-AAE7-152941AAB4CE}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{70D0A59E-9DA6-412E-9ECA-0957CF05B4F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{35863319-1D4E-419E-9B53-789D46FA59E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{67084401-CCF4-4B73-8811-DB40DFEE4EEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2CFF0CFE-D34C-485D-A29D-2EAADC86E27D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{F8706435-B45D-4A24-B4EF-84B1E4C65C3E}C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe] => (Block) C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe
FirewallRules: [UDP Query User{4B5ED74E-2BD0-41B4-8749-06BBA09075E5}C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe] => (Block) C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe
FirewallRules: [TCP Query User{17E24206-6748-46DC-9A39-1A4FDC5D765A}C:\users\dom\desktop\u1504.exe] => (Allow) C:\users\dom\desktop\u1504.exe
FirewallRules: [UDP Query User{74410425-4441-4DA4-A309-769C182C8C95}C:\users\dom\desktop\u1504.exe] => (Allow) C:\users\dom\desktop\u1504.exe
FirewallRules: [{13EB0C5E-4645-43D9-9DDA-9A418514AA89}] => (Block) C:\users\dom\desktop\u1504.exe
FirewallRules: [{3D7555D5-97F0-49C6-9286-E4F677046899}] => (Block) C:\users\dom\desktop\u1504.exe
FirewallRules: [{9A72F65E-5A0F-4DB3-8451-7F0129B6EF25}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{8A872420-5A93-4511-861A-4A7B8CE27BD3}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{34EAA603-CA52-4C66-9E8D-97B7BA350BB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{6E3EB179-240E-4FD1-B016-0CFB74AFF5AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{35B64F57-711A-4E82-9370-B4F500D0990D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{5708DF3F-2620-400B-B6BF-850ADC9E1435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0D6817FF-0FA1-468D-8DE9-9147C0883C3B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{70FC74C4-19E4-432E-8A89-5174333680C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{326B77B3-4C69-4CEF-9476-8E672A1B98C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{DCD8EF4C-D282-4107-B572-4F34B5555BDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E3C27FA3-AD49-488F-B493-FC2A6FBB0B50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{98832BFC-8197-44C1-9F30-CA2499D34EF3}C:\program files (x86)\prompt downloader\promptdownloader.exe] => (Allow) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [UDP Query User{F50DC459-AA33-4585-A499-2F665B14DB18}C:\program files (x86)\prompt downloader\promptdownloader.exe] => (Allow) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{EA3A9784-70CF-4201-AEA0-3CF6C8C9E053}] => (Block) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{393E217F-C2E6-4B5C-A921-233950F8BF2F}] => (Block) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{3652284C-5E66-4E1A-871A-9750BA314027}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{E7A3D930-C326-466D-93DD-0162A1BD6571}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{86422A76-AC0B-4164-AD10-D2767106B329}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{47446EC6-C8F2-468D-A350-F01EFA7E21E1}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{878ACE18-A2F7-4F66-A3A3-B47D679133CF}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe

==================== Wiederherstellungspunkte =========================

08-02-2016 05:08:58 Wiederherstellungsvorgang
08-02-2016 05:23:16 Removed Microsoft Silverlight
08-02-2016 10:51:39 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 11:36:13 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 12:15:45 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 12:55:51 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 13:37:03 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 14:21:17 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 16:00:48 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/09/2016 11:17:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 10:03:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 09:42:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 08:57:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0x80070005
Teil-Pkey=X9Y3P
ACID=?
Genauer Fehler[?]

Error: (02/08/2016 08:11:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 07:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 07:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 04:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 03:54:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 02:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000004830fd8
ID des fehlerhaften Prozesses: 0xd8c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


Systemfehler:
=============
Error: (02/09/2016 11:17:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (02/09/2016 11:16:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "REACHit" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdate" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Labtech" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Advanced SystemCare Service 9" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 10:55:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5

Error: (02/09/2016 10:55:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DHCP-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:55:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:54:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:54:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DHCP-Client" wurde mit folgendem Fehler beendet:
%%5


CodeIntegrity:
===================================
  Date: 2016-02-08 10:25:48.928
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.881
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.855
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.831
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.733
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.710
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.662
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8143.18 MB
Verfügbarer physikalischer RAM: 5925.65 MB
Summe virtueller Speicher: 16284.57 MB
Verfügbarer virtueller Speicher: 14017.26 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:333.39 GB) NTFS
Drive i: () (Removable) (Total:3.74 GB) (Free:3.37 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F8C768AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 09.02.2016 11:53
Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Speed9001 09.02.2016 16:31
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 09.02.2016
Suchlaufzeit: 11:56:54
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.02.0.1024
Malware-Datenbank: v2016.02.09.01
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Dom

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 389152
Abgelaufene Zeit: 12 Min., 30 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 10
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [cdd861fd5742ae88d7f005fb45bf2cd4],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\mtdlohn, In Quarantäne, [4461da84a2f7fc3a743d400d11f345bb],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\mtLabtech, In Quarantäne, [7f2647176e2b2b0b24ae4011ea1a8e72],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Labtech.exe, In Quarantäne, [2f763a2466332d09ab26ea67f3114fb1],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, In Quarantäne, [b6ef0856a4f51a1cc559727be51db24e],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LABTECH, In Quarantäne, [c1e479e56a2f53e36a18cb891de79070],
PUP.Optional.Komodia, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\INSTALLPATH\STATUS, In Quarantäne, [9b0a4a1468311e1859103f0c1ee6a15f],

Registrierungswerte: 11
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130992196231709222, In Quarantäne, [cdd861fd5742ae88d7f005fb45bf2cd4]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LABTECH|ImagePath, C:\ProgramData\\Labtech\\Labtech.exe shuz -f "C:\ProgramData\\Labtech\\Labtech.dat" -l -a, In Quarantäne, [c1e479e56a2f53e36a18cb891de79070]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3652284C-5E66-4E1A-871A-9750BA314027}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [aafbce901b7e78bed1567dc04db7aa56]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7A3D930-C326-466D-93DD-0162A1BD6571}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [e8bdabb338613df9cf58310c64a0ee12]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{86422A76-AC0B-4164-AD10-D2767106B329}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [c1e45b03f4a53600f235a6976b99f709]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{47446EC6-C8F2-468D-A350-F01EFA7E21E1}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [d0d5abb32f6a61d56fb8f44908fcc23e]
PUP.Optional.MaxDriverUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{878ACE18-A2F7-4F66-A3A3-B47D679133CF}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Max Driver Updater\maxdu.exe|Name=MaxDriverUpdater|, In Quarantäne, [1e87c29c4f4a290da96db9876f953ac6]
PUP.Optional.Linkury, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\ENVIRONMENT|SNF, C:\ProgramData\dlohns\snp.sc, In Quarantäne, [aef77ae42673360033bc8a5a867d4ab6]
PUP.Optional.Linkury, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\ENVIRONMENT|SNP, hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=DE&userid=2ef6e4b4-bc45-f7d3-9fea-e14931b1077e&searchtype=sc&installDate=07.02.2016&barcodeid=50045888&channelid=888&av=avira, In Quarantäne, [eeb71f3fb4e5171f519f8e56649fe51b]
PUP.Optional.Komodia, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, P, In Quarantäne, [9b0a4a1468311e1859103f0c1ee6a15f]
PUP.Optional.DeskBar, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DeskBar.exe, 8888, In Quarantäne, [cbda194556435bdb59780c3cc93bb14f]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 6
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-k.mbam, In Quarantäne, [4c599dc11c7db77f45661ae4828254ac],
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-r.mbam, In Quarantäne, [8520d787128772c4703b906e1aea4fb1],
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-u.mbam, In Quarantäne, [eabb59058e0bc67093188b735ea6d729],
PUP.Optional.Elex, C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$R2V361E\ihpmServer.exe, In Quarantäne, [dfc6ec720b8e290d18b2229a9170be42],
PUP.Optional.Elex, C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$R2V361E\Raydld.exe, In Quarantäne, [802517479009d165c30a3b81a061d42c],
PUP.Optional.Linkury.ShrtCln, C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "C:\\ProgramData\\dlohns\\ff.HP), Ersetzt,[376e9ac475242a0cd79e80891de822de]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# end=init
# utc_time=2016-02-09 11:24:13
# local_time=2016-02-09 12:24:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28042
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# end=updated
# utc_time=2016-02-09 11:28:28
# local_time=2016-02-09 12:28:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# engine=28042
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-09 01:03:51
# local_time=2016-02-09 02:03:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6022267 206652881 0 0
# scanned=377797
# found=8
# cleaned=0
# scan_time=5723
sh=6673BD9A1B2A1594E9DC61B9E70805C208FBABBA ft=1 fh=a70b5efdab44dd52 vn="Mehrere Bedrohungen" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$RVTWRAV\Uninstall_PCSpeedUp.exe"
sh=6BE0CB83D2A56A3BC4F7F802131F9358DC4EC012 ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\task.vbs.vir"
sh=BCC5BB1F889EA9BE95E7F44C994F21FDEBAF02A7 ft=1 fh=d9865bc30cd837fb vn="Variante von Win32/RiskWare.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\poz.exe.vir"
sh=FBFE3294CC95A338FE68A7F79A57630DBB33CF4C ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Dom\AppData\Local\Temp\task.vbs.vir"
sh=40F29CFF3A1127228DF08C722F42B1B77D2DEF15 ft=1 fh=d2e5c051dc8cb44a vn="Variante von Win32/Adware.Hicosmea.J Anwendung" ac=I fn="C:\Config.Msi\a20eb.rbf"
sh=DF7E881BBFD3523DBF2792A553101FAD11F07C4C ft=1 fh=a816dea73d4b7715 vn="Variante von Win64/Adware.Hicosmea.I Anwendung" ac=I fn="C:\Config.Msi\a20ec.rbf"
sh=812D5993E2870376E2F10BFBC40F9578818B419D ft=1 fh=bd05769236fe2510 vn="Variante von Win32/AdWare.RK.AR Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\rlls64.dll.xBAD"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
Code:
Results of screen317's Security Check version 1.009 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 71 
 Java version 32-bit out of Date!
 Adobe Flash Player 20.0.0.286 
 Mozilla Firefox (44.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

cosinus 09.02.2016 16:32
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Config.Msi\a20eb.rbf
C:\Config.Msi\a20ec.rbf
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 16:37
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 16:34:00) Run:6
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Config.Msi\a20eb.rbf
C:\Config.Msi\a20ec.rbf
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu
emptytemp:
       
*****************

C:\Config.Msi\a20eb.rbf => erfolgreich verschoben
C:\Config.Msi\a20ec.rbf => erfolgreich verschoben
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu => erfolgreich verschoben
EmptyTemp: => 40.9 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:34:00 ====

cosinus 09.02.2016 16:40
Sieht soweit ok aus :daumenhoc

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:53 Uhr.
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132