Tweet
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (31-01-2017 20:10:35)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-01-31 20:11:38)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
================================================== ========
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (31-01-2017 20:10:35)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-01-31 20:11:38)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
================================================== ========
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz “Hidden” können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
4K Video Downloader 3.5 (HKLM-x32...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32...{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32...{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32...{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32...{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32...{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32...{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32...\Steam App 730) (Version: - Valve)
CPU Miner (HKLM...\cpuminer) (Version: 1.1 - Open Source)
Cry of Fear (HKLM-x32...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Driver Booster 3.4 (HKLM-x32...\Driver Booster_is1) (Version: 3.4 - IObit)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32...{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey’s New Eyes (HKLM-x32...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FormatFactory 3.3.4.0 (HKLM-x32...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free M4a to MP3 Converter 8.0 (HKLM-x32...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GameSpy Arcade (HKLM-x32...\GameSpy Arcade) (Version: - )
Golf With Your Friends (HKLM...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32...{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IObit Apps Toolbar v10.3 (HKLM-x32...{9192EBE9-2C4E-4C69-8ED8-CC0CCBFDBB62}) (Version: 10.3 - Spigot, Inc.) <==== ACHTUNG
Java 8 Update 111 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32...{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32...{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32...{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32...{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32...{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM...{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
qone8 uninstaller (HKLM-x32...\qone8 uninstaller) (Version: - qone8) <==== ACHTUNG
Razer Cortex (HKLM-x32...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32...{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32...{90140000-003D-0000-0000-0000000FF1CE}Office14.SingleImage{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Smite (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32...{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32...{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32...\Uplay) (Version: 7.1 - Ubisoft)
VLC media player (HKLM...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo Search Set (HKLM-x32...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb ox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 → C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb oxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
15-01-2017 18:45:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
15-01-2017 18:45:24 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyb oardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a “C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe” -d “C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare”
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundete ctor => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {6220FCAE-162D-4042-AB17-6973161CECC9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers \ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a “C:\Program Files (x86)\Steam\bin\steamservice.exe” -d “C:\Program Files (x86)\Steam” -c /installscript “C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf” 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9645015F-A137-47D1-9CBA-B0531A2EE4AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers \ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A61D7A33-8B39-49F9-B558-12B1D500CA5F} - System32\Tasks\WinTOOL => C:\ProgramData\wintools\WintoolUprI.exe
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_ex e => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F9E2A5FE-F6DF-4836-8D73-D2FCAB12E35D} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Serious Bit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798 c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ () C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcec acher.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert “AlternateShell” wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Hamachi2Svc => “”=“Service”
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\008i.com → 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\008k.com → 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\00hq.com → 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\0190-dialers.com → 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\01i.info → 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\02pmnzy5eo29bfk4.com → 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\05p.com → 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\07ic5do2myz3vzpk.com → 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\08nigbmwk43i01y6.com → 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\093qpeuqpmz6ebfa.com → 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\0calories.net → 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\0cj.net → 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\0scan.com → 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\1-britney-spears-nude.com → 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\1-domains-registrations.com → 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\1-se.com → 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\1001movie.com → 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\1001night.biz → 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\100gal.net → 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\100sexlinks.com → 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\Wallpaper → C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => “C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe” --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher .exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher .exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.e xe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.e xe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.e xe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.e xe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin’s Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfa re\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfa re\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb ox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropb ox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.e xe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.e xe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfa re\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfa re\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfa re\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfa re\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.e xe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.e xe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent .2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.e xe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent .2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.e xe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.e xe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.e xe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent .exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent .exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4. 1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4. 1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.e xe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.e xe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.e xe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.e xe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.e xe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.e xe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.e xe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.e xe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.e xe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.e xe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rus t.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rus t.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rus t.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rus t.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.1 4\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.e xe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.e xe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.e xe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.e xe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.e xe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.e xe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spot ify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.e xe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spot ify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.e xe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.e xe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.e xe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey’s New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey’s New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey’s New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey’s New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydayli ght-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydayli ght-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydayli ght-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydayli ght-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfa re\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfa re\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
[HEADING=1]Applikationsfehler:[/HEADING]
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des “OnIdentity()”-Aufrufobjekts “System Writer”.
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des “OnIdentity()”-Aufrufobjekts “System Writer”.
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des “OnIdentity()”-Aufrufobjekts “System Writer”.
Details:
AddWin32ServiceFiles: Unable to back up image of service ed2k idle service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des “OnIdentity()”-Aufrufobjekts “System Writer”.
Details:
AddWin32ServiceFiles: Unable to back up image of service Archer since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 04:22:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.23418 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1004
Startzeit: 01d27bd33e2865b4
Endzeit: 14
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 16f7683f-e7c9-11e6-88b7-e8113241327d
Error: (01/31/2017 04:03:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 04:03:46 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 03:12:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 03:12:13 AM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
[HEADING=1]Systemfehler:[/HEADING]
Error: (01/31/2017 08:00:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst “Gubed_WMI” wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/31/2017 06:04:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst “Update Service(FirefoxU)” wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/31/2017 06:01:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst “ZAM Controller Service” wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 06:01:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst “NVIDIA Display Driver Service” wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst “Archer” wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst “GubedZL” wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst “Update Service(FirefoxU)” wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst “iThemes5” wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 04:05:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst “ed2k idle service” wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/31/2017 04:04:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\amd64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab69 7e502a956\appid.sys” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\amd64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab69 7e502a956\appid.sys” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\amd64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab69 7e502a956\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\amd64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab69 7e502a956\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei “\Device\HarddiskVolume4\Windows\winsxs\wow64_micr osoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60e a19636b51\appidapi.dll” konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core™ i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 84%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 956.45 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 7675.21 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.49 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:105.95 GB) NTFS
==================== MBR & Partitionstabelle ==================
================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
================================================== ======
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.e xe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
() C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
HKLM...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32...\Run: =>
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWe bHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.e xe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18...\Run: [Advanced SystemCare 8] => “C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe” /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip..\Interfaces{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip..\Interfaces{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
URLSearchHook: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 - (Kein Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Keine Datei
SearchScopes: HKLM → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU.DEFAULT → DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsu ngxssdx840xseries_s19mnsad653469e&z=2786be88f055d5 8044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU.DEFAULT → {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsu ngxssdx840xseries_s19mnsad653469e&z=2786be88f055d5 8044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-19] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-19] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: nice
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_ 194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 → C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 → C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE → disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_ 194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 → C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 → C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 → C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1 .dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 → C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: Ubisoft | Welcome to the official Ubisoft website → C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF Extension: xRocket Toolbar - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17]
FF Extension: Firefox Hotfix - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2014-09-04]
FF Extension: Search and New Tab by Yahoo - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: Video DownloadHelper - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF HKLM-x32...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]
FF HKLM-x32...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\extensions\arthurj8283@gmail.com
[HEADING=1]Chrome:[/HEADING]
CHR HomePage: Default → hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
CHR StartupUrls: Default → “hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg”
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2014-11-15]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2014-11-15]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2014-11-15]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2014-11-15]
CHR Extension: ( https://www.facebook.com/ ) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciig nkeokb [2014-11-16]
CHR Extension: (Adblock Plus) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2015-08-11]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2014-11-15]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2014-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegiea cbdmki [2015-04-07]
CHR Extension: (Video Download Helper) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodn heapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2014-11-15]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2014-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2016-10-30]
CHR HKLM...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijk igpfjh.crx [2015-01-19]
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
CHR HKLM-x32...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijk igpfjh.crx [2015-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceC acher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.e xe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S2 FirefoxU; “C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe”
S3 rpcapd; “%ProgramFiles(x86)%\WinPcap\rpcapd.exe” -d -f “%ProgramFiles(x86)%\WinPcap\rpcapd.ini”
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX™)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; ??\C:\Windows\system32\drivers\aswHdsKe.sys
S3 BRDriver64_1_3_3_E02B25FC; ??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC \BRDriver64.sys
S3 EagleX64; ??\C:\Windows\system32\drivers\EagleX64.sys
S3 vpnva; system32\DRIVERS\vpnva64-6.sys
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:10 - 2017-01-31 20:11 - 00032316 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-01-31 20:01 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-01-31 20:00 - 2017-01-31 20:00 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (2).exe
2017-01-31 20:00 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64 (1).exe
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 18:15 - 2017-01-31 18:15 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
2017-01-31 18:06 - 2017-01-31 18:06 - 00014634 _____ C:\Users\Philipp\Desktop\JRT.txt
2017-01-31 17:59 - 2017-01-31 18:00 - 01663040 _____ (Malwarebytes) C:\Users\Philipp\Downloads\JRT.exe
2017-01-31 16:21 - 2017-01-31 20:10 - 03201458 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-01-31 20:10 - 00556716 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setu p.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes’ Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 03:10 - 00000000 ____D C:\Users\Philipp\Desktop\mbar
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-31 01:45 - 2017-01-31 01:48 - 00090910 _____ C:\Users\Philipp\Downloads\Addition.txt
2017-01-31 01:44 - 2017-01-31 20:10 - 00000000 ____D C:\FRST
2017-01-31 01:44 - 2017-01-31 01:48 - 00051518 _____ C:\Users\Philipp\Downloads\FRST.txt
2017-01-31 01:43 - 2017-01-31 01:43 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 __H C:\Users\Philipp\Desktop~WRL1563.tmp
2017-01-28 00:29 - 2017-01-28 00:29 - 00000633 _____ C:\Users\Philipp\Documents\Uninstall STAR WARS The Old Republic.log
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017 Erinnerung IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-22 15:09 - 2017-01-31 17:59 - 00000000 ____D C:\Program Files (x86)\MIO
2017-01-22 15:09 - 2017-01-22 15:09 - 00003576 _____ C:\Windows\System32\Tasks\Milimili
2017-01-21 14:35 - 2017-01-31 16:03 - 00000728 _____ C:\Windows\setupact.log
2017-01-21 14:35 - 2017-01-21 14:35 - 00000000 _____ C:\Windows\setuperr.log
2017-01-21 14:34 - 2017-01-31 16:03 - 00005464 _____ C:\Windows\PFRO.log
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 15:00 - 2017-01-25 15:24 - 00003644 _____ C:\Windows\System32\Tasks\WinTOOL
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-31 19:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 18:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2017-01-31 18:15 - 2015-01-19 15:45 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:59 - 2014-04-07 18:11 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\FormatFactory
2017-01-31 17:20 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 16:59 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 16:22 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:08 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 16:08 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 16:08 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 16:06 - 2013-08-18 15:36 - 01876617 _____ C:\Windows\WindowsUpdate.log
2017-01-31 16:04 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 16:03 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 16:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:29 - 2013-08-27 16:29 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\IObit
2017-01-28 00:28 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 17:16 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-16 19:45 - 2016-11-22 21:58 - 00001139 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Start Tor Browser.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002573 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002503 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-14 12:53 - 2013-08-27 16:29 - 00000000 ____D C:\ProgramData\IObit
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
[HEADING=1]Dateien, die verschoben oder gelöscht werden sollten:[/HEADING]
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
[HEADING=1]Einige Dateien in TEMP:[/HEADING]
C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.e xe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
() C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
HKLM...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32...\Run: =>
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWe bHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.e xe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18...\Run: [Advanced SystemCare 8] => “C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe” /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] → {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip..\Interfaces{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip..\Interfaces{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..\Interfaces{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid= samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec4 54393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E
URLSearchHook: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 - (Kein Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Keine Datei
SearchScopes: HKLM → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU.DEFAULT → DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsu ngxssdx840xseries_s19mnsad653469e&z=2786be88f055d5 8044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU.DEFAULT → {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsu ngxssdx840xseries_s19mnsad653469e&z=2786be88f055d5 8044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gd z3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX 840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-19] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-19] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: nice
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_ 194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 → C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 → C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE → disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_ 194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 → C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 → C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 → C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1 .dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 → C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: Ubisoft | Welcome to the official Ubisoft website → C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF Extension: xRocket Toolbar - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17]
FF Extension: Firefox Hotfix - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2014-09-04]
FF Extension: Search and New Tab by Yahoo - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: Video DownloadHelper - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\Extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF HKLM-x32...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]
FF HKLM-x32...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\P rofiles\q87ndktt.default\extensions\arthurj8283@gmail.com
[HEADING=1]Chrome:[/HEADING]
CHR HomePage: Default → hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
CHR StartupUrls: Default → “hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e 881114&uid=samsungxssdx840xseries_s19mnsad653469e& z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg”
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2014-11-15]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2014-11-15]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2014-11-15]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2014-11-15]
CHR Extension: ( https://www.facebook.com/ ) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciig nkeokb [2014-11-16]
CHR Extension: (Adblock Plus) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb [2015-08-11]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2014-11-15]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2014-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegiea cbdmki [2015-04-07]
CHR Extension: (Video Download Helper) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodn heapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2014-11-15]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2014-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2016-10-30]
CHR HKLM...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijk igpfjh.crx [2015-01-19]
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
CHR HKLM-x32...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijk igpfjh.crx [2015-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceC acher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.e xe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S2 FirefoxU; “C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe”
S3 rpcapd; “%ProgramFiles(x86)%\WinPcap\rpcapd.exe” -d -f “%ProgramFiles(x86)%\WinPcap\rpcapd.ini”
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX™)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; ??\C:\Windows\system32\drivers\aswHdsKe.sys
S3 BRDriver64_1_3_3_E02B25FC; ??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC \BRDriver64.sys
S3 EagleX64; ??\C:\Windows\system32\drivers\EagleX64.sys
S3 vpnva; system32\DRIVERS\vpnva64-6.sys
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:10 - 2017-01-31 20:11 - 00032316 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-01-31 20:01 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-01-31 20:00 - 2017-01-31 20:00 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (2).exe
2017-01-31 20:00 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64 (1).exe
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 18:15 - 2017-01-31 18:15 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
2017-01-31 18:06 - 2017-01-31 18:06 - 00014634 _____ C:\Users\Philipp\Desktop\JRT.txt
2017-01-31 17:59 - 2017-01-31 18:00 - 01663040 _____ (Malwarebytes) C:\Users\Philipp\Downloads\JRT.exe
2017-01-31 16:21 - 2017-01-31 20:10 - 03201458 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-01-31 20:10 - 00556716 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setu p.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes’ Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 03:10 - 00000000 ____D C:\Users\Philipp\Desktop\mbar
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-31 01:45 - 2017-01-31 01:48 - 00090910 _____ C:\Users\Philipp\Downloads\Addition.txt
2017-01-31 01:44 - 2017-01-31 20:10 - 00000000 ____D C:\FRST
2017-01-31 01:44 - 2017-01-31 01:48 - 00051518 _____ C:\Users\Philipp\Downloads\FRST.txt
2017-01-31 01:43 - 2017-01-31 01:43 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 __H C:\Users\Philipp\Desktop~WRL1563.tmp
2017-01-28 00:29 - 2017-01-28 00:29 - 00000633 _____ C:\Users\Philipp\Documents\Uninstall STAR WARS The Old Republic.log
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017 Erinnerung IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-22 15:09 - 2017-01-31 17:59 - 00000000 ____D C:\Program Files (x86)\MIO
2017-01-22 15:09 - 2017-01-22 15:09 - 00003576 _____ C:\Windows\System32\Tasks\Milimili
2017-01-21 14:35 - 2017-01-31 16:03 - 00000728 _____ C:\Windows\setupact.log
2017-01-21 14:35 - 2017-01-21 14:35 - 00000000 _____ C:\Windows\setuperr.log
2017-01-21 14:34 - 2017-01-31 16:03 - 00005464 _____ C:\Windows\PFRO.log
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 15:00 - 2017-01-25 15:24 - 00003644 _____ C:\Windows\System32\Tasks\WinTOOL
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-31 19:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 18:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2017-01-31 18:15 - 2015-01-19 15:45 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:59 - 2014-04-07 18:11 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\FormatFactory
2017-01-31 17:20 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 16:59 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 16:22 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:08 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 16:08 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 16:08 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 16:06 - 2013-08-18 15:36 - 01876617 _____ C:\Windows\WindowsUpdate.log
2017-01-31 16:04 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 16:03 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 16:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:29 - 2013-08-27 16:29 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\IObit
2017-01-28 00:28 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 17:16 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-16 19:45 - 2016-11-22 21:58 - 00001139 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Start Tor Browser.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002573 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002503 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-14 12:53 - 2013-08-27 16:29 - 00000000 ____D C:\ProgramData\IObit
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
[HEADING=1]Dateien, die verschoben oder gelöscht werden sollten:[/HEADING]
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
[HEADING=1]Einige Dateien in TEMP:[/HEADING]
C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Comment