Trojaner-Board
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Vermutung an Trojaner oder Virus (https://www.trojaner-board.de/175768-vermutung-trojaner-virus.html)

Speed9001 09.02.2016 10:03
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:00:47) Run:3
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
S2 prgductyy; C:\Users\Dom\AppData\Local\Fase-ron.exe upyateupda prgductyy [X]
C:\Users\Dom\AppData\Local\Fase-ron.exe
File: C:\Windows\system32\dnsapi.dll
File: C:\Windows\SysWOW64\dnsapi.dll
emptytemp:
*****************

prgductyy => Dienst erfolgreich entfernt
"C:\Users\Dom\AppData\Local\Fase-ron.exe" => nicht gefunden.

========================= File: C:\Windows\system32\dnsapi.dll ========================

Datei ist nicht signiert
MD5: D41D8CD98F00B204E9800998ECF8427E
Erstellungs- und Änderungsdatum: 2015-08-21 10:50 - 2015-08-21 10:50
Größe: 0357888
Attribute: ----A
Firmenname:
Interne Name:
Original Name:
Produkt:
Beschreibung:
Datei Version:
Produkt Version:
Urheberrecht:

====== Ende von File: ======


========================= File: C:\Windows\SysWOW64\dnsapi.dll ========================

Datei ist nicht signiert
MD5: D41D8CD98F00B204E9800998ECF8427E
Erstellungs- und Änderungsdatum: 2015-08-21 10:50 - 2015-08-21 10:50
Größe: 0270336
Attribute: ----A
Firmenname:
Interne Name:
Original Name:
Produkt:
Beschreibung:
Datei Version:
Produkt Version:
Urheberrecht:

====== Ende von File: ======

EmptyTemp: => 3.3 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:00:48 ====

cosinus 09.02.2016 10:27
Irgendwas stimmt da mit ner Systemdatei bei dir noch nicht. Daher nochmal bitte das hier machen:

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
dnsapi.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 10:30
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:29:26) Run:4
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
dnsapi.dll
*****************

dnsapi.dll => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.

==== Ende von Fixlog 10:29:26 ====

cosinus 09.02.2016 10:32
Hmpf...irgendwie klappt das nicht wie ich will :balla:

Dann mal bitte so:

Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    dnsapi.dll
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.


Speed9001 09.02.2016 10:40
Da bleibt mein PC wohl zickig

Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 10:36 on 09/02/2016 by Dom
Administrator - Elevation successful

========== filefind ==========

Searching for "dnsapi.dll"
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\Windows\System32\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [09:50 21/08/2015] (Unable to calculate MD5)
C:\Windows\SysWOW64\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [09:50 21/08/2015] (Unable to calculate MD5)
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll        --a---- 357888 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] A52B6CC24063CC83C78C0E6F24DEEC01
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:24 03/03/2011] 492D07D79E7024CA310867B526D9636D
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll        --a---- 270336 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] 59DF156711A76BCB993253EC6C9BBF41
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:38 03/03/2011] B40420876B9288E0A1C8CCA8A84E5DC9
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD

-= EOF =-

cosinus 09.02.2016 10:53
Dann wollen wir die mal glattziehen:

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
replace: C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll C:\Windows\system32\dnsapi.dll
replace: C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll C:\Windows\SysWOW64\dnsapi.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 10:56
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 10:55:20) Run:5
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
replace: C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll C:\Windows\system32\dnsapi.dll
replace: C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll C:\Windows\SysWOW64\dnsapi.dll
       
*****************

C:\Windows\system32\dnsapi.dll => erfolgreich verschoben
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll erfolgreich kopiert zu C:\Windows\system32\dnsapi.dll
C:\Windows\SysWOW64\dnsapi.dll => erfolgreich verschoben
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll erfolgreich kopiert zu C:\Windows\SysWOW64\dnsapi.dll

==== Ende von Fixlog 10:55:20 ====

cosinus 09.02.2016 11:04
Gut...dann bitte neustarten falls noch nicht getan. Und bitte nochmal systemlook:

Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    dnsapi.dll
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.



Und auch frische FRST-Logs bitte zur Sicherheit. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

Speed9001 09.02.2016 11:24
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 11:18 on 09/02/2016 by Dom
Administrator - Elevation successful

========== filefind ==========

Searching for "dnsapi.dll"
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17\dnsapi.dll        --a---- 686984 bytes        [07:09 30/10/2015]        [07:09 30/10/2015] (Unable to calculate MD5)
C:\Windows\System32\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\SysWOW64\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll        --a---- 357888 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] A52B6CC24063CC83C78C0E6F24DEEC01
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:24 03/03/2011] 492D07D79E7024CA310867B526D9636D
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll        --a---- 357888 bytes        [09:50 21/08/2015]        [06:12 03/03/2011] DCC0888655823103F19EF8FFD330080D
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll        --a---- 270336 bytes        [03:24 21/11/2010]        [03:24 21/11/2010] 59DF156711A76BCB993253EC6C9BBF41
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:38 03/03/2011] B40420876B9288E0A1C8CCA8A84E5DC9
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll        --a---- 270336 bytes        [09:50 21/08/2015]        [05:12 03/03/2011] 1F79F611109C2B97260B68FD6B4FC7DD

Searching for "        "
No files found.

-= EOF =-
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von Dom (Administrator) auf DOM-PC (09-02-2016 11:22:02)
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(TS3index.com GbR) C:\Program Files (x86)\TS3index\MusicBot\bot-manager_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(GamersFirst) C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\Live.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [ts3index_musicbot_service] => "C:\Program Files (x86)\TS3index\MusicBot.\bot-manager_service"
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\MountPoints2: {83c2cac0-47b2-11e5-b70a-f6e0f5d76a61} - I:\pushinst.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-08-22]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-11-24]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2015-08-22]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-11-12]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4630 series.lnk [2016-02-09]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2A0CA051-E15A-4939-8D32-89D1DD26A106}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-23] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default
FF SelectedSearchEngine: Bing®
FF Homepage: C:\\ProgramData\\dlohns\\ff.HP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-22] (Adobe Systems) [Datei ist nicht signiert]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1300512 2016-01-17] ()
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2016-02-06] (BOONTY) [Datei ist nicht signiert]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-27] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-10-03] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S2 Labtech; C:\ProgramData\\Labtech\\Labtech.exe shuz -f "C:\ProgramData\\Labtech\\Labtech.dat" -l -a
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 REACHit; "C:\Program Files\REACHit\REACHit.exe" /s iid=10223560 did=Missing sid= ref= id=91d134fd45d1bfcf687aece54fe078c2ae2e3da5948a8b33ebe9ae3d896bc9d3 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-04] (AVM GmbH)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 11:22 - 2016-02-09 11:22 - 00018434 _____ C:\Users\Dom\Desktop\FRST.txt
2016-02-09 11:18 - 2016-02-09 11:21 - 00004322 _____ C:\Users\Dom\Desktop\SystemLook.txt
2016-02-09 11:17 - 2016-02-09 10:34 - 00165376 _____ C:\Users\Dom\Desktop\SystemLook_x64.exe
2016-02-08 16:00 - 2016-02-08 15:57 - 02370560 _____ (Farbar) C:\Users\Dom\Desktop\FRST64.exe
2016-02-08 16:00 - 2016-02-08 15:57 - 01609032 _____ (Malwarebytes) C:\Users\Dom\Desktop\JRT.exe
2016-02-08 15:49 - 2016-02-08 15:52 - 00000000 ____D C:\AdwCleaner
2016-02-08 15:48 - 2016-02-08 15:47 - 01508352 _____ C:\Users\Dom\Desktop\AdwCleaner_5.032.exe
2016-02-08 15:37 - 2016-02-08 15:45 - 00213770 _____ C:\TDSSKiller.3.1.0.9_08.02.2016_15.37.09_log.txt
2016-02-08 15:36 - 2016-02-08 15:34 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Dom\Desktop\tdsskiller.exe
2016-02-08 14:36 - 2016-02-08 14:36 - 00000000 ____D C:\Users\Dom\AppData\Roaming\IObit
2016-02-08 10:15 - 2016-02-08 15:23 - 00000000 ____D C:\Users\Dom\Desktop\mbar
2016-02-07 16:10 - 2016-02-08 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-07 13:39 - 2016-02-09 11:22 - 00000000 ____D C:\FRST
2016-02-06 09:06 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-06 09:06 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-06 09:06 - 2016-02-06 12:17 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-06 09:06 - 2016-02-06 09:06 - 00003172 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-02-06 09:06 - 2016-02-06 09:06 - 00002860 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Dom
2016-02-06 09:06 - 2016-02-06 09:06 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-02-06 09:06 - 2016-02-06 09:06 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-02-06 09:05 - 2016-02-06 09:05 - 00041472 _____ C:\Users\Dom\AppData\Local\Fase-ron.dat
2016-02-06 09:05 - 2016-02-06 09:05 - 00000187 _____ C:\Users\Dom\AppData\Local\Fase-ron.exe.config
2016-02-06 08:23 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BoontyGames
2016-02-06 08:08 - 2016-02-06 08:49 - 00000000 ____D C:\ProgramData\TEMP
2016-02-06 08:07 - 2016-02-07 11:37 - 00000000 ____D C:\Program Files (x86)\Games
2016-02-06 05:28 - 2016-02-06 05:28 - 00000000 ____D C:\Users\Dom\AppData\Roaming\kingsoft
2016-02-06 05:28 - 2016-02-06 05:28 - 00000000 ____D C:\Users\Dom\AppData\Local\kingsoft
2016-02-06 05:22 - 2016-02-06 09:03 - 00000000 ____D C:\Users\Dom\AppData\Local\Tempfolder
2016-02-06 05:22 - 2016-02-06 05:28 - 00000000 ____D C:\ProgramData\kingsoft
2016-02-06 05:21 - 2016-02-06 05:21 - 00003338 _____ C:\Windows\System32\Tasks\Amopc
2016-02-01 03:26 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-29 19:51 - 2016-01-29 19:51 - 00000000 ____D C:\Users\Dom\Documents\Rise of the Tomb Raider
2016-01-29 19:51 - 2016-01-29 19:51 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Crystal Dynamics
2016-01-29 19:43 - 2016-01-29 19:43 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-28 18:58 - 2016-01-28 18:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-28 00:37 - 2016-02-08 05:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 17:03 - 2016-01-26 17:03 - 00000000 ____D C:\Users\Dom\Documents\Black Ops 2 - GSC Studio
2016-01-26 16:59 - 2016-01-26 16:59 - 00000000 ____D C:\Users\Dom\Desktop\MAPS
2016-01-24 22:19 - 2016-01-24 22:19 - 00000006 _____ C:\Users\Dom\Desktop\Steam.txt
2016-01-24 17:09 - 2016-01-26 13:56 - 00000000 ____D C:\Users\Dom\AppData\Local\CyberGhost
2016-01-24 17:08 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-01-24 17:08 - 2016-01-26 07:04 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-01-24 17:08 - 2016-01-26 04:59 - 00001881 _____ C:\Users\Dom\Desktop\CyberGhost 5.lnk
2016-01-24 17:08 - 2016-01-24 17:08 - 00000000 ____D C:\Program Files\TAP-Windows
2016-01-24 04:52 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-01-24 04:52 - 2016-01-28 19:50 - 00001971 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-01-24 02:13 - 2016-01-24 04:53 - 00000000 ____D C:\Users\Dom\Documents\Rockstar Games
2016-01-24 02:13 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-01-24 02:13 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-01-23 20:48 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-23 20:48 - 2016-01-23 20:48 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-19 19:21 - 2016-02-07 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TS3index
2016-01-19 19:21 - 2016-01-19 19:21 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TS3index
2016-01-19 19:19 - 2016-01-19 19:19 - 00000087 _____ C:\ProgramData\Uninstaller.bat
2016-01-16 21:24 - 2016-01-19 19:21 - 00000000 ____D C:\Users\Dom\AppData\Local\TS3index.com_GbR
2016-01-16 21:23 - 2016-01-19 19:20 - 00000000 ____D C:\Program Files (x86)\TS3index
2016-01-13 18:07 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 18:07 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 18:07 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 18:07 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 18:07 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 18:07 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 18:03 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 18:03 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 18:03 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 18:03 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 18:03 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 18:03 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 18:03 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 18:03 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 18:03 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 18:03 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 18:03 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 18:03 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 18:03 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 18:03 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 18:03 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 18:03 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 18:03 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 18:03 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 18:03 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 18:03 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 18:03 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 18:03 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 18:03 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 18:03 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 18:03 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 18:03 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 18:03 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 18:03 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 18:03 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 18:03 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 18:03 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 18:03 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 18:03 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 18:03 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 18:03 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 18:03 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 18:03 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 18:03 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 18:03 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 18:03 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 18:03 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 18:03 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 18:03 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 18:03 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 18:03 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 18:03 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 18:03 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 18:03 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 18:03 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 18:03 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 18:03 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 18:03 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 18:03 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 18:03 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 18:03 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 18:03 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 18:03 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 18:03 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 18:03 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 18:03 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 18:03 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 18:03 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 18:03 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 18:03 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 18:03 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 18:03 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 18:03 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 18:03 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 18:03 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 18:02 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 18:02 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 18:02 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 18:02 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 18:02 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 18:02 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 18:02 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 18:02 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 17:53 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 17:53 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 17:53 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 17:53 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 17:53 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 17:53 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 17:53 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 17:53 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 17:53 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 17:53 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 17:53 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 17:53 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 17:53 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 17:53 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 17:53 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 17:53 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 17:53 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 17:53 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 17:53 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 17:53 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 17:53 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 17:53 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 17:53 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 17:53 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 17:53 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 17:53 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 17:53 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 17:53 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 17:53 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 17:53 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 17:53 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:53 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 11:21 - 2015-08-21 19:12 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-02-09 11:19 - 2015-08-21 23:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 11:17 - 2015-08-21 00:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-09 11:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-09 11:15 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-09 11:15 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-09 09:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-08 20:09 - 2015-08-20 23:06 - 00000000 ____D C:\Users\Dom
2016-02-08 19:57 - 2015-09-05 04:34 - 00000000 ____D C:\Users\Dom\Desktop\Backups
2016-02-08 19:44 - 2015-11-17 10:25 - 00000000 ____D C:\Users\Dom\AppData\LocalLow\Temp
2016-02-08 16:20 - 2014-05-16 20:23 - 00000000 ____D C:\Users\Dom\Desktop\Dom
2016-02-08 14:41 - 2015-12-01 23:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-08 14:41 - 2015-08-22 00:23 - 00000000 ____D C:\Users\Dom\AppData\Local\CrashDumps
2016-02-08 14:40 - 2015-12-01 23:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-08 14:36 - 2015-11-24 17:45 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-02-08 14:33 - 2015-08-20 23:06 - 00000000 ____D C:\Users\Dom\AppData\Local\VirtualStore
2016-02-08 09:52 - 2015-08-23 13:06 - 00000000 ____D C:\Users\Dom\AppData\Local\LogMeIn Hamachi
2016-02-08 05:16 - 2015-08-21 00:37 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-02-08 05:15 - 2015-11-23 14:33 - 00000000 ____D C:\Program Files (x86)\Construction Simulator 2015
2016-02-08 05:15 - 2015-08-22 16:10 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-08 05:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Raptr
2016-02-08 05:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-08 05:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-02-08 05:13 - 2015-12-01 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-07 11:42 - 2015-08-20 23:07 - 00001433 _____ C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-07 11:37 - 2015-12-01 23:33 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-02-07 11:37 - 2015-11-17 11:28 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-02-07 11:37 - 2015-09-19 19:46 - 00000000 ____D C:\Program Files (x86)\DayZLauncher
2016-02-07 11:37 - 2015-08-23 20:42 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-02-07 11:37 - 2015-08-22 14:20 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-02-07 11:37 - 2015-08-22 14:18 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2016-02-07 11:37 - 2015-08-22 00:35 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-07 11:37 - 2015-08-21 20:10 - 00000000 ____D C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-07 11:37 - 2015-08-20 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-07 11:37 - 2014-11-17 21:15 - 00000000 ____D C:\Users\Dom\Desktop\MYSQL
2016-02-06 12:05 - 2015-08-22 00:53 - 00000000 ____D C:\Users\Dom\AppData\Roaming\uTorrent
2016-02-06 10:54 - 2015-12-06 00:10 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TeamViewer
2016-02-06 10:54 - 2015-08-23 20:50 - 00000000 ____D C:\Users\Dom\AppData\Roaming\FileZilla
2016-02-06 06:03 - 2015-12-01 23:33 - 00000000 ____D C:\Users\Dom\AppData\Roaming\TS3Client
2016-02-06 05:03 - 2015-08-21 09:57 - 00000000 ____D C:\Users\Dom\AppData\Roaming\vlc
2016-02-05 00:44 - 2015-09-01 21:31 - 00000080 _____ C:\Users\Dom\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-02-04 20:13 - 2015-08-21 10:14 - 00000000 ____D C:\Users\Dom\AppData\Roaming\.minecraft
2016-02-03 06:37 - 2015-08-22 01:04 - 00000000 ____D C:\ProgramData\Origin
2016-02-02 23:13 - 2015-08-22 01:04 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-01 03:27 - 2015-08-21 20:27 - 00000000 ____D C:\Users\Dom\AppData\Roaming\DVDVideoSoft
2016-02-01 03:26 - 2015-08-21 20:28 - 00001302 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-02-01 03:26 - 2015-08-21 20:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-02-01 03:25 - 2015-08-21 20:28 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-01-29 19:44 - 2015-11-17 11:27 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-29 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-29 19:42 - 2015-11-17 11:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-28 19:17 - 2015-09-01 21:27 - 00000000 ____D C:\Program Files\Rockstar Games
2016-01-28 19:17 - 2015-09-01 21:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-24 06:25 - 2009-07-14 05:45 - 00432728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-24 04:54 - 2015-09-01 20:21 - 00000000 ____D C:\Users\Dom\AppData\Local\Rockstar Games
2016-01-24 04:52 - 2015-08-20 23:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-23 23:07 - 2015-08-21 00:49 - 00000000 ____D C:\Users\Dom\AppData\Local\2K Games
2016-01-23 22:23 - 2015-08-20 23:24 - 00111080 _____ C:\Users\Dom\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-23 22:08 - 2015-11-17 13:36 - 00000000 ____D C:\Program Files (x86)\HP
2016-01-23 22:02 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2016-01-23 21:59 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-23 21:18 - 2015-11-17 14:52 - 03936256 ___SH C:\Users\Dom\Desktop\Thumbs.db
2016-01-23 20:49 - 2015-08-21 10:30 - 00000000 ____D C:\ProgramData\Oracle
2016-01-23 20:48 - 2015-08-21 10:30 - 00000000 ____D C:\Users\Dom\.oracle_jre_usage
2016-01-23 20:48 - 2015-08-21 10:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-23 03:18 - 2015-09-01 20:30 - 00000000 ____D C:\Users\Dom\Documents\Rockstar Games[Steam]
2016-01-22 05:07 - 2015-08-23 20:42 - 00001837 _____ C:\Users\Dom\Desktop\FileZilla Client.lnk
2016-01-20 21:20 - 2015-12-13 00:37 - 00000000 ____D C:\output
2016-01-20 21:18 - 2015-12-13 00:34 - 00003072 ____H C:\Users\Dom\Desktop\photothumb.db
2016-01-20 03:19 - 2015-08-21 23:47 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 03:19 - 2015-08-21 23:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 03:19 - 2015-08-21 23:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 00:21 - 2015-11-12 14:34 - 00000000 ____D C:\ProgramData\MEGAsync
2016-01-19 19:19 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-19 17:28 - 2015-10-03 16:16 - 00000000 ____D C:\Users\Dom\AppData\Roaming\.technic
2016-01-18 17:47 - 2015-11-06 11:31 - 00000000 ____D C:\Users\Dom\AppData\Roaming\7DaysToDie
2016-01-18 15:45 - 2015-08-23 20:42 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-01-17 20:06 - 2015-10-09 22:20 - 00000000 ____D C:\Users\Dom\AppData\Local\Arma 3
2016-01-17 15:29 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-01-17 15:29 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-01-17 15:29 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 14:49 - 2015-11-24 20:27 - 00000000 ____D C:\Users\Dom\Desktop\MUSIK
2016-01-15 15:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 17:10 - 2015-08-21 18:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 17:10 - 2015-08-21 18:52 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 03:07 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-05 18:29 - 2015-11-11 10:21 - 0000297 _____ () C:\Users\Dom\AppData\Roaming\BreakingPoint_Login.ini
2015-11-05 22:47 - 2015-11-11 10:48 - 0001428 _____ () C:\Users\Dom\AppData\Roaming\BreakingPoint_Options.ini
2015-08-22 00:38 - 2015-08-22 00:38 - 0003584 _____ () C:\Users\Dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-20 23:21 - 2015-08-20 23:21 - 0000000 _____ () C:\Users\Dom\AppData\Local\Driver_LOM_8161Present.flag
2016-02-06 09:05 - 2016-02-06 09:05 - 0041472 _____ () C:\Users\Dom\AppData\Local\Fase-ron.dat
2016-02-06 09:05 - 2016-02-06 09:05 - 0000187 _____ () C:\Users\Dom\AppData\Local\Fase-ron.exe.config
2015-11-19 10:29 - 2015-11-19 10:29 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-20 23:17 - 2015-08-20 23:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-17 13:35 - 2016-01-23 22:08 - 0005968 _____ () C:\ProgramData\hpzinstall.log
2016-01-19 19:19 - 2016-01-19 19:19 - 0000087 _____ () C:\ProgramData\Uninstaller.bat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Uninstaller.bat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-08 16:52

==================== Ende von FRST.txt ============================

Speed9001 09.02.2016 11:25
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 11:22:39)
Gestartet von C:\Users\Dom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-20 22:06:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1235700998-711781633-2637323769-500 - Administrator - Disabled)
Dom (S-1-5-21-1235700998-711781633-2637323769-1000 - Administrator - Enabled) => C:\Users\Dom
Gast (S-1-5-21-1235700998-711781633-2637323769-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1235700998-711781633-2637323769-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Agricultural Simulator 2013 Steam Edition (HKLM-x32\...\Steam App 236790) (Version:  - Actalogic)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.7.672769 - )
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
D1600 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
DJ_SF_06_D1600_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.14.1 (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GamersFirst LIVE! (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{3566FFED-696A-4260-8F12-073426CAC951}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO® Jurassic World (HKLM-x32\...\Steam App 352400) (Version:  - TT Games Ltd)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\OpenIV) (Version: 2.6.4.642 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.14 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Officejet 4630 series (HKLM\...\{3917CF9F-DF46-406E-B524-CA0F150C70D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TS3index Bot-Manager (HKLM\...\TS3index-MusicBot) (Version: 1.0.4.1 - TS3index.com GbR)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0AF25965-B903-4B2B-956D-AD4CDCDFC9E2} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {21067C23-AF81-4D97-BB25-A7EBF525104C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)
Task: {233D6A45-A883-44E5-8892-73BC001BB99B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {2C918559-208D-433F-A594-D29D5CD0A688} - System32\Tasks\{8E3F63A9-347F-40E2-9223-AFACFA445E61} => pcalua.exe -a C:\Users\Dom\Downloads\vcredist_x86(1).exe -d C:\Users\Dom\Downloads
Task: {351153FA-66AE-421A-BB08-7222B6D6DDA2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {377BE9B2-82E3-4F28-AEB7-781918A3E8B4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {4B56C203-57C9-44FC-90F3-3A1BFCBBA55A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {7832440A-5513-4D98-BCDE-95733F3E9F3B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {89983B81-D595-4EE7-85C3-50A78A2A0F02} - System32\Tasks\ASC9_SkipUac_Dom => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {BA3E072B-3AE2-4F0D-8C75-9230C23EB31C} - System32\Tasks\Amopc => C:\PROGRA~1\GROOVE~1\Tenciubg.bat
Task: {E8204C68-68E8-4C6B-A0BA-AD61D61513DF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ED9F2364-2362-44C4-A789-67FD237B2D2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F54A718C-39D8-4544-B14E-A915FDD95837} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-24 00:50 - 2016-01-17 14:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-03 01:35 - 2015-10-03 01:35 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-23 20:11 - 2015-06-23 20:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-01-29 19:40 - 2016-01-18 00:07 - 08913088 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-08-21 20:28 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2012-04-26 23:38 - 2012-04-26 23:38 - 20758016 _____ () C:\Users\Dom\AppData\Local\GamersFirst\LIVE!\libcef.dll
2016-01-20 00:21 - 2016-01-20 00:21 - 00143872 _____ () C:\ProgramData\MEGAsync\libuv.dll
2015-12-16 14:42 - 2015-12-16 14:42 - 00052224 _____ () C:\ProgramData\MEGAsync\cares.dll
2015-05-20 03:29 - 2015-05-20 03:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:98DFF516
AlternateDataStreams: C:\Users\Dom\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Dom\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Dom\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Dom\AppData\Roaming:NT2

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1235700998-711781633-2637323769-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-08 20:09 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1235700998-711781633-2637323769-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{75B8FEAA-B2AD-4DFF-8D52-1660EBD15E56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4963F417-21BA-4147-B898-1FA299C00287}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB66ED09-072A-48AB-9AAA-E872DBC5C3D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B86B15DD-0F95-43E6-99C2-52013B9C4684}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{76C6E3D1-E28B-47CE-B066-E6D4B4858DBC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{81C2BA1E-5B52-4509-B4B5-84C4CDBB5042}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E4F8F776-7C18-4EE1-AE04-B3E1CA0FA338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{08B48107-8314-4AF2-8782-C265DB2DB6B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{74E43784-D126-40FC-B436-65188CD002F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9115CBB1-3C18-416F-A8FE-DD719584CB32}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F79CDD61-F218-4477-BB71-A3F0E076BEF3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6466359D-5A04-47D5-ABE3-F6A26900F3EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B935BABA-6E53-47E6-AE02-AC349E04C8D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4DD8C3DE-EE4C-4611-96BE-3F6F347DE899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{71E8F385-7EDF-45BE-BA89-322D6D677D39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E96DA8DA-C3E1-4B36-AAB5-9B2D92DD8403}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4E3785B1-A9BB-4BA9-803B-0B6F42A41E0F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{374ABD88-19A0-492D-96C9-3DD8F0311B05}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4C7250A-5BEE-4F13-ABA0-15F79C07D932}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AD991DF-2D41-471B-A506-5EB2555E9AE4}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31AF3599-DC8B-4676-A5F1-CC563E0AB92F}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1874C657-0B29-4D42-B045-4B7385392D98}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{13E19E92-2DEC-40C7-8471-32E55EE9D4F7}] => (Allow) C:\Users\Dom\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5613FC39-DA02-465D-822B-CA734D673754}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{97B9D3E2-E66E-4708-A600-F8E7408FA8E2}] => (Allow) LPort=2869
FirewallRules: [{6206DAC0-DB7B-4423-BD1C-DB63299A79A0}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{90F6E918-81F9-4B51-82CB-8465EC5D16C1}C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6D2FF0BE-7F9F-4719-9902-6043FD597E5B}C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dom\desktop\dom\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{39F1B8D6-E5A1-4243-8BF9-13F566ED396B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{9FBBF37C-241D-492B-AAE8-5AB000BED891}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{7AF90895-3B32-40F4-8336-DDE08736E326}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{70F7AA9B-797E-410A-B7E1-0937F601AB1E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{5F886389-A4A3-430A-A494-147FDFE84A72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C6782F67-FC40-42CD-90DD-26C6190C2372}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [TCP Query User{BB798B29-9082-4883-8253-A41CE1E89F53}C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe
FirewallRules: [UDP Query User{74FD511D-FD55-4A07-9083-051623C1D8FF}C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\samp-server.exe
FirewallRules: [{8FA1A778-105C-4286-A6D6-9AF06D3E206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{51019B1D-EA88-4427-BCBF-0781BE76EE1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{BAC9DDCE-03BD-4A1C-8B1C-A87BD12F70A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A0B029FD-6DAE-47B8-8176-F5846886350C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{FCD571B1-954C-4C9C-B978-CCB104BED1FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{744C5826-C6A8-492E-9012-3AFA4227D1D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{E8FA4D48-A9F8-4527-90B4-4C95EA131D97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8B0CA78A-1A9D-4F88-BF66-5C6D0867733D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{07B3A6E4-03E3-432F-9AA9-5415D66A3A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9E8C1836-AC26-42AF-8332-FB304DC3252B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{96ACBFFA-2435-417F-ADE3-25E25414F846}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{2013FF12-DB80-40D6-960A-6D919203D373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{520F8648-DC3E-44D5-A0E5-14CF68FC0B2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{55DFBD21-8A62-494B-B525-A34CAEB9D4D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{F8ABFBA6-EE1E-4405-A7E2-5FDED6D0E4D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{5499BC2B-DFFC-4786-8D7F-81716E5F9F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{6F9486B7-9E81-4F0D-8693-9DFE7FD0F731}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{1007D4C1-4E05-4B1A-81A7-B036798903BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{0F1FE2C5-4D62-48FE-9E5F-1612A4711458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{2787D934-C6AC-41AF-AE71-32119EED2751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{3C5BD4DA-BB05-4F6A-B519-4DF92EE93957}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88703E28-9940-4F7F-B942-8C1BB19FC4BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{6336B09E-2BD4-4DE0-851D-D38CA775F074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CE181B20-5FDC-41BB-A096-9515A7DCAAEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{219E460B-356D-4A5B-8AE4-22F500AF8EEA}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{AFED0340-60D0-4C41-998A-CD2BBF171ED4}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{1CE59142-DE34-475E-825E-C8EF853F0CCB}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{F86E535B-6649-41D1-9728-30C1721739E9}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{2F87416A-0384-4721-A6A1-6D73CB17596E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{90736B58-8E98-421F-9D90-B635A63A5699}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1E65960B-8A39-42E5-A9FE-23539EE96831}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{A79533C6-90AC-409A-8C49-DED2DC2D2ED2}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F8A87DCF-F659-423B-ACF7-53E7BC449937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{DC3F51DD-A144-4E2E-9175-A8B09324B7BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{7BBA87FA-C567-4DF7-AB17-6CF48D6C7CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{356D8870-CE26-4A5E-8ED4-4BD631BA6FD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{B33DA918-E282-49F2-9BB5-97874AA816B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{CB2D1F99-9D0F-4BB9-9130-8E957A3D3BFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [TCP Query User{4E405533-BFAC-4872-91E4-C2F168A13B96}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{D734D39A-34F9-4607-AB1E-5D9E37CD904D}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{F6CAE115-226A-4AAE-A36B-51AA81E2BAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agricultural Simulator 2013\agrarsimulator2013.exe
FirewallRules: [{EFE49666-32E9-47E9-ABB3-F383CDC81DBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agricultural Simulator 2013\agrarsimulator2013.exe
FirewallRules: [{C7402F39-6E4E-42B5-B3B7-26DA931A4BF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{71D42B19-30EA-4E8E-8A8B-22437A156C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{7632A17F-CDF9-4E3F-B007-A1231244F584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{F6DE6419-B34F-4F7C-AB49-F2DCEF7B7F95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{8BCD7223-A948-4D47-B7B1-C95D115CA39D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{68CF0643-9354-44DA-A0B3-72A246FB14CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{79BDD18E-7119-48FE-AB56-82A0DD1C21C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{C5287C74-9936-45D2-95AD-843EE8BEEBFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [TCP Query User{0658F253-87F1-49EA-AAAB-095B8ED0A512}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [UDP Query User{AC681115-00D5-4511-B4BA-18BF5F433CE7}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{6CE0C969-DFA1-4B3E-A2DB-96DB66B4A7AF}] => (Block) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{F1D0D095-F640-44C9-8755-06FAB6766B70}] => (Block) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [{EB36CAB7-42B8-4BBD-B880-2327647D9209}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{30BDCC66-B856-4BA5-BB25-F85B3CD6FA69}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33788DA2-F22C-4694-88A1-92C1615A718D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DCCBD060-4246-40A1-921E-03D8C2DA7A31}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{26D66B95-ED21-427F-9061-363DD94FE6B9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{78634299-7CEA-4349-A21F-F855EBA17B01}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{17064DBD-E02E-4DAA-BAA9-2CFF048B5AF1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{3DADBBB1-AE36-469B-9F7A-4EDD2883F2B6}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{64EB3492-5300-4D7E-AF3B-975BDD06F2D4}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FCD35C7C-A5C4-49A8-B496-9D0097D99D52}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{922BB6F2-5774-4267-BA87-2CC4E4FF33FB}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{CBD63F08-A284-4ED6-9683-7930CBB7B567}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{50302829-BB7C-41F3-B5B0-10DCEC17B363}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{51C9B5F2-4498-48B4-90AC-DC5F49F496D3}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{7FF1153E-DB8E-4C9B-9677-1AF26030F0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{FD4787AA-F4C7-4E39-BF70-50D73639C1B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C8F3FB2-AECC-4EA9-8696-77CEF9B2763D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A6B7BDA1-31B6-4D7B-BA48-AF6A719790D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{6BC8CF49-9311-4DD2-B171-7A99D774892C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ABF7E66-7B16-4209-9A05-44D7EC750E39}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF4F41DD-15AA-4EBA-9090-0D96A074D095}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6C9B91D9-256E-4D0E-A880-CA4038EAA80A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F10BA6ED-2409-4155-8706-E121336C3CF7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4BE29969-DD9A-46B7-BE9A-40D7DDB9D86A}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{0712F209-293F-45BE-95F4-B55EEFFA8FFC}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{74E80A5D-ED06-4FC5-9363-E8ABB005B3FF}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{DEB06DCD-EA8E-4DD8-9F7C-F7E63A930D43}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{126C8E35-5156-41E1-9FA9-5A8B83E22E05}] => (Allow) LPort=5357
FirewallRules: [{45521AD0-9B28-4758-B5A8-32C6BD562581}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{01823059-8C1B-4535-B43E-5B734AC06255}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{65DC6E13-B70E-40CE-96B3-F62F75F8C61A}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{82B1B5BA-42C2-43E4-841C-34D8B6249730}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E52D2DDF-D104-41E7-95F1-94D498E2D3C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A001FC03-0BD0-4C54-B417-2AA0DFA8E4D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{61C33BA0-83C6-4B3A-9348-CC485427E8E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{58DA4153-3EF2-40B9-9132-31D8258E94B6}] => (Allow) C:\Users\Dom\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{6077118B-9131-48ED-AC0F-88E81711120E}C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{7CA9E6F0-0742-4260-BDD0-B8874C47DA17}C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{9A6E853D-F354-4091-9868-E9B08053B177}] => (Block) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{C52FC8BB-3FBF-47A0-9A62-22E732A21664}] => (Block) C:\program files (x86)\r.g. mechanics\dying light\dyinglightgame.exe
FirewallRules: [{67965580-FB08-4126-A1F8-D548CDEFF9D7}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{7FD6266B-E40F-4CB7-9AFA-BB6DE962070F}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{EF300AD2-6F47-4851-A17D-9E20857E7BC3}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{2297EC24-F859-45B2-AAC7-EF1A787992ED}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{5FD904B5-D010-414E-B5E0-192EA491A9F4}] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{DB1A7F18-8E2C-4FE3-B5F9-4B42F8F39753}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{BBC3FB4A-649B-41AC-8CB5-2B2539A824DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B4A2D0F0-83C6-47DD-A472-445934975C83}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{132201BC-170E-4318-B410-E990B84057DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4290CC36-FDFD-4035-9F36-F83E5EC20FCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0FF5AB65-B181-4BB8-BDA9-4FCA0B828535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{48FBD14B-B2C7-4DDB-A97F-2594DCF7A0C8}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{F0F2C69C-959D-4539-BAFF-406A820F2731}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4BD0EE7E-550C-42FA-8042-218C33E5C144}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{5DD7ED53-9671-4B68-A51F-B474C2087151}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{69BD5FDC-FA43-4136-B476-D69ADC055914}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{8BE1EF5D-7070-480A-989D-668BF9D20CD3}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{AEADAB4E-9B2D-482A-A8BD-E8FFA9583C6A}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{FCE36ED7-E983-4DB8-AAE7-152941AAB4CE}] => (Allow) C:\Users\Dom\AppData\Local\Temp\svchost.exe
FirewallRules: [{70D0A59E-9DA6-412E-9ECA-0957CF05B4F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{35863319-1D4E-419E-9B53-789D46FA59E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{67084401-CCF4-4B73-8811-DB40DFEE4EEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2CFF0CFE-D34C-485D-A29D-2EAADC86E27D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{F8706435-B45D-4A24-B4EF-84B1E4C65C3E}C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe] => (Block) C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe
FirewallRules: [UDP Query User{4B5ED74E-2BD0-41B4-8749-06BBA09075E5}C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe] => (Block) C:\program files (x86)\delight software gmbh\speed limiter\speedlimiter.exe
FirewallRules: [TCP Query User{17E24206-6748-46DC-9A39-1A4FDC5D765A}C:\users\dom\desktop\u1504.exe] => (Allow) C:\users\dom\desktop\u1504.exe
FirewallRules: [UDP Query User{74410425-4441-4DA4-A309-769C182C8C95}C:\users\dom\desktop\u1504.exe] => (Allow) C:\users\dom\desktop\u1504.exe
FirewallRules: [{13EB0C5E-4645-43D9-9DDA-9A418514AA89}] => (Block) C:\users\dom\desktop\u1504.exe
FirewallRules: [{3D7555D5-97F0-49C6-9286-E4F677046899}] => (Block) C:\users\dom\desktop\u1504.exe
FirewallRules: [{9A72F65E-5A0F-4DB3-8451-7F0129B6EF25}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{8A872420-5A93-4511-861A-4A7B8CE27BD3}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{34EAA603-CA52-4C66-9E8D-97B7BA350BB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{6E3EB179-240E-4FD1-B016-0CFB74AFF5AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{35B64F57-711A-4E82-9370-B4F500D0990D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{5708DF3F-2620-400B-B6BF-850ADC9E1435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0D6817FF-0FA1-468D-8DE9-9147C0883C3B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{70FC74C4-19E4-432E-8A89-5174333680C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{326B77B3-4C69-4CEF-9476-8E672A1B98C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{DCD8EF4C-D282-4107-B572-4F34B5555BDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E3C27FA3-AD49-488F-B493-FC2A6FBB0B50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{98832BFC-8197-44C1-9F30-CA2499D34EF3}C:\program files (x86)\prompt downloader\promptdownloader.exe] => (Allow) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [UDP Query User{F50DC459-AA33-4585-A499-2F665B14DB18}C:\program files (x86)\prompt downloader\promptdownloader.exe] => (Allow) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{EA3A9784-70CF-4201-AEA0-3CF6C8C9E053}] => (Block) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{393E217F-C2E6-4B5C-A921-233950F8BF2F}] => (Block) C:\program files (x86)\prompt downloader\promptdownloader.exe
FirewallRules: [{3652284C-5E66-4E1A-871A-9750BA314027}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{E7A3D930-C326-466D-93DD-0162A1BD6571}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{86422A76-AC0B-4164-AD10-D2767106B329}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{47446EC6-C8F2-468D-A350-F01EFA7E21E1}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{878ACE18-A2F7-4F66-A3A3-B47D679133CF}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe

==================== Wiederherstellungspunkte =========================

08-02-2016 05:08:58 Wiederherstellungsvorgang
08-02-2016 05:23:16 Removed Microsoft Silverlight
08-02-2016 10:51:39 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 11:36:13 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 12:15:45 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 12:55:51 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 13:37:03 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 14:21:17 Malwarebytes Anti-Rootkit Restore Point
08-02-2016 16:00:48 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/09/2016 11:17:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 10:03:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 09:42:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 08:57:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0x80070005
Teil-Pkey=X9Y3P
ACID=?
Genauer Fehler[?]

Error: (02/08/2016 08:11:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 07:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 07:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 04:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 03:54:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/08/2016 02:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000004830fd8
ID des fehlerhaften Prozesses: 0xd8c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


Systemfehler:
=============
Error: (02/09/2016 11:17:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (02/09/2016 11:16:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "REACHit" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdate" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Labtech" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 11:16:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Advanced SystemCare Service 9" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/09/2016 10:55:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5

Error: (02/09/2016 10:55:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DHCP-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:55:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:54:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (02/09/2016 10:54:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DHCP-Client" wurde mit folgendem Fehler beendet:
%%5


CodeIntegrity:
===================================
  Date: 2016-02-08 10:25:48.928
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.881
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.855
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.831
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-u.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.733
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.710
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-02-08 10:25:48.662
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Malwarebytes' Anti-Malware (portable)\MPCKpt.sys-k.mbam" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8143.18 MB
Verfügbarer physikalischer RAM: 5925.65 MB
Summe virtueller Speicher: 16284.57 MB
Verfügbarer virtueller Speicher: 14017.26 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:333.39 GB) NTFS
Drive i: () (Removable) (Total:3.74 GB) (Free:3.37 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F8C768AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 09.02.2016 11:53
Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Speed9001 09.02.2016 16:31
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 09.02.2016
Suchlaufzeit: 11:56:54
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.02.0.1024
Malware-Datenbank: v2016.02.09.01
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Dom

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 389152
Abgelaufene Zeit: 12 Min., 30 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 10
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [ecb9312dfc9d3df951d6422d2cd6f50b],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [cdd861fd5742ae88d7f005fb45bf2cd4],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\mtdlohn, In Quarantäne, [4461da84a2f7fc3a743d400d11f345bb],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\mtLabtech, In Quarantäne, [7f2647176e2b2b0b24ae4011ea1a8e72],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Labtech.exe, In Quarantäne, [2f763a2466332d09ab26ea67f3114fb1],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, In Quarantäne, [b6ef0856a4f51a1cc559727be51db24e],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LABTECH, In Quarantäne, [c1e479e56a2f53e36a18cb891de79070],
PUP.Optional.Komodia, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\INSTALLPATH\STATUS, In Quarantäne, [9b0a4a1468311e1859103f0c1ee6a15f],

Registrierungswerte: 11
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130992196231709222, In Quarantäne, [cdd861fd5742ae88d7f005fb45bf2cd4]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LABTECH|ImagePath, C:\ProgramData\\Labtech\\Labtech.exe shuz -f "C:\ProgramData\\Labtech\\Labtech.dat" -l -a, In Quarantäne, [c1e479e56a2f53e36a18cb891de79070]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3652284C-5E66-4E1A-871A-9750BA314027}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [aafbce901b7e78bed1567dc04db7aa56]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7A3D930-C326-466D-93DD-0162A1BD6571}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [e8bdabb338613df9cf58310c64a0ee12]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{86422A76-AC0B-4164-AD10-D2767106B329}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [c1e45b03f4a53600f235a6976b99f709]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{47446EC6-C8F2-468D-A350-F01EFA7E21E1}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe|Name=rlvknlg.exe|, In Quarantäne, [d0d5abb32f6a61d56fb8f44908fcc23e]
PUP.Optional.MaxDriverUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{878ACE18-A2F7-4F66-A3A3-B47D679133CF}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Max Driver Updater\maxdu.exe|Name=MaxDriverUpdater|, In Quarantäne, [1e87c29c4f4a290da96db9876f953ac6]
PUP.Optional.Linkury, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\ENVIRONMENT|SNF, C:\ProgramData\dlohns\snp.sc, In Quarantäne, [aef77ae42673360033bc8a5a867d4ab6]
PUP.Optional.Linkury, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\ENVIRONMENT|SNP, hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=DE&userid=2ef6e4b4-bc45-f7d3-9fea-e14931b1077e&searchtype=sc&installDate=07.02.2016&barcodeid=50045888&channelid=888&av=avira, In Quarantäne, [eeb71f3fb4e5171f519f8e56649fe51b]
PUP.Optional.Komodia, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, P, In Quarantäne, [9b0a4a1468311e1859103f0c1ee6a15f]
PUP.Optional.DeskBar, HKU\S-1-5-21-1235700998-711781633-2637323769-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DeskBar.exe, 8888, In Quarantäne, [cbda194556435bdb59780c3cc93bb14f]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 6
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-k.mbam, In Quarantäne, [4c599dc11c7db77f45661ae4828254ac],
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-r.mbam, In Quarantäne, [8520d787128772c4703b906e1aea4fb1],
PUP.Optional.Cherimoya, C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cherimoya.sys-u.mbam, In Quarantäne, [eabb59058e0bc67093188b735ea6d729],
PUP.Optional.Elex, C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$R2V361E\ihpmServer.exe, In Quarantäne, [dfc6ec720b8e290d18b2229a9170be42],
PUP.Optional.Elex, C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$R2V361E\Raydld.exe, In Quarantäne, [802517479009d165c30a3b81a061d42c],
PUP.Optional.Linkury.ShrtCln, C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\b30g5a7z.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "C:\\ProgramData\\dlohns\\ff.HP), Ersetzt,[376e9ac475242a0cd79e80891de822de]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# end=init
# utc_time=2016-02-09 11:24:13
# local_time=2016-02-09 12:24:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28042
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# end=updated
# utc_time=2016-02-09 11:28:28
# local_time=2016-02-09 12:28:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=abe955d44d5e274f9fde3877df6c90a6
# engine=28042
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-09 01:03:51
# local_time=2016-02-09 02:03:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6022267 206652881 0 0
# scanned=377797
# found=8
# cleaned=0
# scan_time=5723
sh=6673BD9A1B2A1594E9DC61B9E70805C208FBABBA ft=1 fh=a70b5efdab44dd52 vn="Mehrere Bedrohungen" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1235700998-711781633-2637323769-1000\$RVTWRAV\Uninstall_PCSpeedUp.exe"
sh=6BE0CB83D2A56A3BC4F7F802131F9358DC4EC012 ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\task.vbs.vir"
sh=BCC5BB1F889EA9BE95E7F44C994F21FDEBAF02A7 ft=1 fh=d9865bc30cd837fb vn="Variante von Win32/RiskWare.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\poz.exe.vir"
sh=FBFE3294CC95A338FE68A7F79A57630DBB33CF4C ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Dom\AppData\Local\Temp\task.vbs.vir"
sh=40F29CFF3A1127228DF08C722F42B1B77D2DEF15 ft=1 fh=d2e5c051dc8cb44a vn="Variante von Win32/Adware.Hicosmea.J Anwendung" ac=I fn="C:\Config.Msi\a20eb.rbf"
sh=DF7E881BBFD3523DBF2792A553101FAD11F07C4C ft=1 fh=a816dea73d4b7715 vn="Variante von Win64/Adware.Hicosmea.I Anwendung" ac=I fn="C:\Config.Msi\a20ec.rbf"
sh=812D5993E2870376E2F10BFBC40F9578818B419D ft=1 fh=bd05769236fe2510 vn="Variante von Win32/AdWare.RK.AR Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\rlls64.dll.xBAD"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
Code:
Results of screen317's Security Check version 1.009 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 71 
 Java version 32-bit out of Date!
 Adobe Flash Player 20.0.0.286 
 Mozilla Firefox (44.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

cosinus 09.02.2016 16:32
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Config.Msi\a20eb.rbf
C:\Config.Msi\a20ec.rbf
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 09.02.2016 16:37
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Dom (2016-02-09 16:34:00) Run:6
Gestartet von C:\Users\Dom\Desktop
Geladene Profile: Dom (Verfügbare Profile: Dom)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Config.Msi\a20eb.rbf
C:\Config.Msi\a20ec.rbf
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu
emptytemp:
       
*****************

C:\Config.Msi\a20eb.rbf => erfolgreich verschoben
C:\Config.Msi\a20ec.rbf => erfolgreich verschoben
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu => erfolgreich verschoben
EmptyTemp: => 40.9 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:34:00 ====

cosinus 09.02.2016 16:40
Sieht soweit ok aus :daumenhoc

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:01 Uhr.
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19