Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (31-01-2017 20:10:35)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-01-31 20:11:38)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IObit Apps Toolbar v10.3 (HKLM-x32\...\{9192EBE9-2C4E-4C69-8ED8-CC0CCBFDBB62}) (Version: 10.3 - Spigot, Inc.) <==== ACHTUNG
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8) <==== ACHTUNG
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
15-01-2017 18:45:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
15-01-2017 18:45:24 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {6220FCAE-162D-4042-AB17-6973161CECC9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9645015F-A137-47D1-9CBA-B0531A2EE4AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A61D7A33-8B39-49F9-B558-12B1D500CA5F} - System32\Tasks\WinTOOL => C:\ProgramData\wintools\WintoolUprI.exe
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F9E2A5FE-F6DF-4836-8D73-D2FCAB12E35D} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ () C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ed2k idle service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Archer since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 04:22:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.23418 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1004
Startzeit: 01d27bd33e2865b4
Endzeit: 14
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 16f7683f-e7c9-11e6-88b7-e8113241327d
Error: (01/31/2017 04:03:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 04:03:46 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 03:12:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 03:12:13 AM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Systemfehler:
=============
Error: (01/31/2017 08:00:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Gubed_WMI" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/31/2017 06:04:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Service(FirefoxU)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/31/2017 06:01:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ZAM Controller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 06:01:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Archer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GubedZL" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update Service(FirefoxU)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/31/2017 05:59:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iThemes5" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 04:05:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ed2k idle service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/31/2017 04:04:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 84%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 956.45 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 7675.21 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.49 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:105.95 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ================================================ Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
() C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
URLSearchHook: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 - (Kein Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-19] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-19] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: nice
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF Extension: xRocket Toolbar - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17]
FF Extension: Firefox Hotfix - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2014-09-04]
FF Extension: Search and New Tab by Yahoo - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: Video DownloadHelper - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
Chrome:
=======
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg"
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-15]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-15]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-15]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-15]
CHR Extension: (https://www.facebook.com/) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2014-11-16]
CHR Extension: (Adblock Plus) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-11]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-15]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-07]
CHR Extension: (Video Download Helper) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-15]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S2 FirefoxU; "C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe" [X]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:10 - 2017-01-31 20:11 - 00032316 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-01-31 20:01 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-01-31 20:00 - 2017-01-31 20:00 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (2).exe
2017-01-31 20:00 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64 (1).exe
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 18:15 - 2017-01-31 18:15 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
2017-01-31 18:06 - 2017-01-31 18:06 - 00014634 _____ C:\Users\Philipp\Desktop\JRT.txt
2017-01-31 17:59 - 2017-01-31 18:00 - 01663040 _____ (Malwarebytes) C:\Users\Philipp\Downloads\JRT.exe
2017-01-31 16:21 - 2017-01-31 20:10 - 03201458 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-01-31 20:10 - 00556716 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setup.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 03:10 - 00000000 ____D C:\Users\Philipp\Desktop\mbar
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-31 01:45 - 2017-01-31 01:48 - 00090910 _____ C:\Users\Philipp\Downloads\Addition.txt
2017-01-31 01:44 - 2017-01-31 20:10 - 00000000 ____D C:\FRST
2017-01-31 01:44 - 2017-01-31 01:48 - 00051518 _____ C:\Users\Philipp\Downloads\FRST.txt
2017-01-31 01:43 - 2017-01-31 01:43 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 ____H C:\Users\Philipp\Desktop\~WRL1563.tmp
2017-01-28 00:29 - 2017-01-28 00:29 - 00000633 _____ C:\Users\Philipp\Documents\Uninstall STAR WARS The Old Republic.log
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017_ Erinnerung_ IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-22 15:09 - 2017-01-31 17:59 - 00000000 ____D C:\Program Files (x86)\MIO
2017-01-22 15:09 - 2017-01-22 15:09 - 00003576 _____ C:\Windows\System32\Tasks\Milimili
2017-01-21 14:35 - 2017-01-31 16:03 - 00000728 _____ C:\Windows\setupact.log
2017-01-21 14:35 - 2017-01-21 14:35 - 00000000 _____ C:\Windows\setuperr.log
2017-01-21 14:34 - 2017-01-31 16:03 - 00005464 _____ C:\Windows\PFRO.log
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 15:00 - 2017-01-25 15:24 - 00003644 _____ C:\Windows\System32\Tasks\WinTOOL
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-31 19:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 18:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2017-01-31 18:15 - 2015-01-19 15:45 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:59 - 2014-04-07 18:11 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2017-01-31 17:20 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 16:59 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 16:22 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:19 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 16:08 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 16:08 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 16:08 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 16:06 - 2013-08-18 15:36 - 01876617 _____ C:\Windows\WindowsUpdate.log
2017-01-31 16:04 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 16:03 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 16:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:29 - 2013-08-27 16:29 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\IObit
2017-01-28 00:28 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 17:16 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-16 19:45 - 2016-11-22 21:58 - 00001139 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002573 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-16 19:45 - 2016-11-10 23:33 - 00002503 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-14 12:53 - 2013-08-27 16:29 - 00000000 ____D C:\ProgramData\IObit
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Einige Dateien in TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Solved Laptop very slow
- Thread starter siq
- Start date
-
Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.
Why not Click Here To Sign Up and start enjoying great FREE Tech Support.
This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
- Status
Please remove all of these programs below with Geek Uninstaller, if something will not remove then use Force Mode.
µTorrent (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
IObit Apps Toolbar v10.3 (HKLM-x32\...\{9192EBE9-2C4E-4C69-8ED8-CC0CCBFDBB62}) (Version: 10.3 - Spigot, Inc.) <==== ACHTUNG
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8) <==== ACHTUNG
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Security Check Scan.
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Hit Ok.
Hit next make sure to leave all items checked, for removal.
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
After the above scans lets check for remaining malware.
I'd like to have these logs in English please.
Right Click on FRST64 and rename the FRST file to frst64english.exe
Please then re-run the scan and post the FRST and Addition.txt logs.
Make sure and still run the program as Administrator.
µTorrent (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
IObit Apps Toolbar v10.3 (HKLM-x32\...\{9192EBE9-2C4E-4C69-8ED8-CC0CCBFDBB62}) (Version: 10.3 - Spigot, Inc.) <==== ACHTUNG
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8) <==== ACHTUNG
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Security Check Scan.
- Download Security Check to your desktop.
- Right click it run as administrator.
- When the program completes, the tool will automatically open a log file.
- Please post that log here in your next post.
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on adwcleaner.exe to run the tool.
- Click on Scan button.
- When the scan has finished click on Clean button.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the contents of that logfile with your next reply.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Hit Ok.
Hit next make sure to leave all items checked, for removal.
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
After the above scans lets check for remaining malware.
I'd like to have these logs in English please.
Right Click on FRST64 and rename the FRST file to frst64english.exe
Please then re-run the scan and post the FRST and Addition.txt logs.
Make sure and still run the program as Administrator.
Couldn't delete: qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8) <==== ACHTUNG
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
because they weren't in the list.
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 31.01.2017 22:01:11
Path starting: C:\Users\Philipp\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Philipp
VersionXML: 3.87is-31.01.2017
___________________________________________________________________________
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: German(0407)
Installation date OS: 18.08.2013 14:36:22
LicenseStatus: Windows(R) 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Cuppat\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [232.8 Gb] Used: [199.4 Gb] Free: [33.4 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 9.0.8112.16421 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Never check for updates
Date install updates: 2016-07-05 16:07:57
Windows Update (wuauserv) - The service is running
Sicherheitscenter (wscsvc) - The service is running
Remoteregistrierung (RemoteRegistry) - The service has stopped
SSDP-Suche (SSDPSRV) - The service is running
Remotedesktopdienste (TermService) - The service has stopped
Windows-Remoteverwaltung (WS-Verwaltung) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2003 v.11.0.8173.0
Microsoft Office 2010 x86 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
avast! Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows-Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
avast! Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.10.3.2225
-------------------------- [ SecurityUtilities ] --------------------------
Zemana AntiMalware v.2.70.591
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.1.5 Warning! Download Update
WinRAR 5.01 (64-bit) v.5.01.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.30 v.7.30.105 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.3.40298 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 111 v.8.0.1110.14 Warning! Download Update
Uninstall old version and install new one (jre-8u121-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 24 NPAPI v.24.0.0.194
Adobe Acrobat Reader DC - Deutsch v.15.023.20056
------------------------------- [ Browser ] -------------------------------
Google Chrome v.55.0.2883.87 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Cuppat\Application\chrome.exe v.54.0.2840.71
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.55.0.2883.87
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.10.3.2225.1172
C:\Program Files\AVAST Software\Avast\avastui.exe v.10.3.2225.1189
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Driver Booster 3.4 v.3.4 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
IObit Apps Toolbar v10.3 v.10.3 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
because they weren't in the list.
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 31.01.2017 22:01:11
Path starting: C:\Users\Philipp\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Philipp
VersionXML: 3.87is-31.01.2017
___________________________________________________________________________
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: German(0407)
Installation date OS: 18.08.2013 14:36:22
LicenseStatus: Windows(R) 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Cuppat\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [232.8 Gb] Used: [199.4 Gb] Free: [33.4 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 9.0.8112.16421 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Never check for updates
Date install updates: 2016-07-05 16:07:57
Windows Update (wuauserv) - The service is running
Sicherheitscenter (wscsvc) - The service is running
Remoteregistrierung (RemoteRegistry) - The service has stopped
SSDP-Suche (SSDPSRV) - The service is running
Remotedesktopdienste (TermService) - The service has stopped
Windows-Remoteverwaltung (WS-Verwaltung) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2003 v.11.0.8173.0
Microsoft Office 2010 x86 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
avast! Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows-Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
avast! Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.10.3.2225
-------------------------- [ SecurityUtilities ] --------------------------
Zemana AntiMalware v.2.70.591
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.1.5 Warning! Download Update
WinRAR 5.01 (64-bit) v.5.01.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.30 v.7.30.105 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.3.40298 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 111 v.8.0.1110.14 Warning! Download Update
Uninstall old version and install new one (jre-8u121-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 24 NPAPI v.24.0.0.194
Adobe Acrobat Reader DC - Deutsch v.15.023.20056
------------------------------- [ Browser ] -------------------------------
Google Chrome v.55.0.2883.87 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Cuppat\Application\chrome.exe v.54.0.2840.71
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.55.0.2883.87
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.10.3.2225.1172
C:\Program Files\AVAST Software\Avast\avastui.exe v.10.3.2225.1189
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Driver Booster 3.4 v.3.4 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
IObit Apps Toolbar v10.3 v.10.3 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Adware Removal Tool 5.1
Time: 2017_01_31_22_04_29
OS: Windows 7 Home Premium - x64 Bit
Account Name: Philipp
Adware Definition: 01272017
Elapsed time: 40:43
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\LocalLow\Microsoft\Internet Explorer\DOMStore\RZPESETU\start.qone8[1].xml
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
[-] Deleted ->> File ->> C:\Windows\Temp\upc8A57.tmp\ArcherBox.exe
[-] Deleted ->> File ->> C:\Windows\Temp\upc8A57.tmp\Archerupdate.ini
[-] Deleted ->> File ->> C:\Windows\Installer\SourceHash{19539992-061C-4E8B-9053-07B175303AF4}
[-] Deleted ->> Folder ->> C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\4jffxtbr@RadioRage_4j.com
[-] Deleted ->> Folder ->> C:\Users\Philipp\Appdata\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3
[-] Deleted ->> Folder ->> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Deleted ->> Folder ->> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\prefs.js
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\prefs.js
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\search-metadata.json
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Preferences
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\AnchorFree
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\Software\WOW6432Node\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\anchorfree.us
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\anchorfree.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\anchorfree.us
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\taphss6
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\taphss6
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\taphss6
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Adware Removal Tool 5.1
Time: 2017_01_31_22_04_29
OS: Windows 7 Home Premium - x64 Bit
Account Name: Philipp
Adware Definition: 01272017
Elapsed time: 40:43
Scan Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
File Found : PUS.Funnysearching.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage
File Found : PUS.Funnysearching.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage-journal
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
File Found : Adware.Search.sosodesktop.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage
File Found : Adware.Search.sosodesktop.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage-journal
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
File Found : Adware.Nicesearches.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage
File Found : Adware.Nicesearches.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage-journal
File Found : Adware.Qone8 : C:\Users\Philipp\Appdata\LocalLow\Microsoft\Internet Explorer\DOMStore\RZPESETU\start.qone8[1].xml
File Found : PUP.RadioRage : C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
File Found : Adware.Amisites uninstall : C:\Windows\Temp\upc8A57.tmp\ArcherBox.exe
File Found : Adware.Amisites uninstall : C:\Windows\Temp\upc8A57.tmp\Archerupdate.ini
File Found : Adware.Amisites : C:\Windows\Installer\SourceHash{19539992-061C-4E8B-9053-07B175303AF4}
Folder Found : PUP.RadioRage : C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\4jffxtbr@RadioRage_4j.com
Folder Found : Adware.Web-start.org : C:\Users\Philipp\Appdata\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3
Folder Found : PUP.Amisites : C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Folder Found : PUP.Amisites : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\ <RegKey:> AnchorFree
Registry Key Found : PUP.RadioRage : HKEY_CURRENT_USER\SOFTWARE\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_LOCAL_MACHINE\SOFTWARE\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_LOCAL_MACHINE\Software\WOW6432Node\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_CURRENT_USER\Software\AppDataLow\Software\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ <RegKey:> anchorfree.us
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ <RegKey:> anchorfree.com
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ <RegKey:> anchorfree.us
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ <RegKey:> taphss6
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ <RegKey:> taphss6
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ <RegKey:> taphss6
Browser: Firefox Found : PUP.RadioRage : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\prefs.js
Browser: Firefox Found : Adware.Nicesearches.com : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\prefs.js
Browser: Firefox Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\search-metadata.json
Browser: Chrome Found : Adware.adnetworkperformance.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Preferences
Browser: Chrome Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Browser: Chrome Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
Adware Removal Tool 5.1
Time: 2017_01_31_22_04_29
OS: Windows 7 Home Premium - x64 Bit
Account Name: Philipp
Adware Definition: 01272017
Elapsed time: 40:43
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\LocalLow\Microsoft\Internet Explorer\DOMStore\RZPESETU\start.qone8[1].xml
[-] Deleted ->> File ->> C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
[-] Deleted ->> File ->> C:\Windows\Temp\upc8A57.tmp\ArcherBox.exe
[-] Deleted ->> File ->> C:\Windows\Temp\upc8A57.tmp\Archerupdate.ini
[-] Deleted ->> File ->> C:\Windows\Installer\SourceHash{19539992-061C-4E8B-9053-07B175303AF4}
[-] Deleted ->> Folder ->> C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\4jffxtbr@RadioRage_4j.com
[-] Deleted ->> Folder ->> C:\Users\Philipp\Appdata\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3
[-] Deleted ->> Folder ->> C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Deleted ->> Folder ->> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\prefs.js
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\prefs.js
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\search-metadata.json
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Preferences
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
[-] Repaired ->> File ->> C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\AnchorFree
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\Software\WOW6432Node\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\RadioRage_4j
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\anchorfree.us
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\anchorfree.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\anchorfree.us
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\taphss6
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\taphss6
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\taphss6
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Adware Removal Tool 5.1
Time: 2017_01_31_22_04_29
OS: Windows 7 Home Premium - x64 Bit
Account Name: Philipp
Adware Definition: 01272017
Elapsed time: 40:43
Scan Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
File Found : PUS.Funnysearching.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage
File Found : PUS.Funnysearching.com : C:\Users\Philipp\Appdata\Local\Cuppat\User Data\Default\Local Storage\http_www.funnysearching.com_0.localstorage-journal
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage
File Found : Adware.inspsearch.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal
File Found : Adware.Search.sosodesktop.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage
File Found : Adware.Search.sosodesktop.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sosodesktop.com_0.localstorage-journal
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage
File Found : Adware.Amisites.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.amisites.com_0.localstorage-journal
File Found : Adware.Nicesearches.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage
File Found : Adware.Nicesearches.com : C:\Users\Philipp\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_www.nicesearches.com_0.localstorage-journal
File Found : Adware.Qone8 : C:\Users\Philipp\Appdata\LocalLow\Microsoft\Internet Explorer\DOMStore\RZPESETU\start.qone8[1].xml
File Found : PUP.RadioRage : C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
File Found : Adware.Amisites uninstall : C:\Windows\Temp\upc8A57.tmp\ArcherBox.exe
File Found : Adware.Amisites uninstall : C:\Windows\Temp\upc8A57.tmp\Archerupdate.ini
File Found : Adware.Amisites : C:\Windows\Installer\SourceHash{19539992-061C-4E8B-9053-07B175303AF4}
Folder Found : PUP.RadioRage : C:\Users\Philipp\Appdata\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\4jffxtbr@RadioRage_4j.com
Folder Found : Adware.Web-start.org : C:\Users\Philipp\Appdata\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3
Folder Found : PUP.Amisites : C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Folder Found : PUP.Amisites : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\ <RegKey:> AnchorFree
Registry Key Found : PUP.RadioRage : HKEY_CURRENT_USER\SOFTWARE\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_LOCAL_MACHINE\SOFTWARE\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_LOCAL_MACHINE\Software\WOW6432Node\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.RadioRage : HKEY_CURRENT_USER\Software\AppDataLow\Software\ <RegKey:> RadioRage_4j
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ <RegKey:> anchorfree.us
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ <RegKey:> anchorfree.com
Registry Key Found : PUP.anchorfree : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ <RegKey:> anchorfree.us
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ <RegKey:> taphss6
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ <RegKey:> taphss6
Registry Key Found : PUP.anchorfree : HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ <RegKey:> taphss6
Browser: Firefox Found : PUP.RadioRage : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\prefs.js
Browser: Firefox Found : Adware.Nicesearches.com : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\prefs.js
Browser: Firefox Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\search-metadata.json
Browser: Chrome Found : Adware.adnetworkperformance.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Preferences
Browser: Chrome Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Browser: Chrome Found : Adware.Amisites.com : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
The FRST log had only 1 sentence in it:
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-02-01 00:19:36)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007)C:\Windows\Minidump\013117-11481-01.dmp013117-11481-01
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1788.91 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 7313.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.81 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-02-01 00:19:36)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007)C:\Windows\Minidump\013117-11481-01.dmp013117-11481-01
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1788.91 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 7313.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.81 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (01-02-2017 01:22:52)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FSPro Labs) H:\Program Files\My Lockbox\mylbx.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF Extension: xRocket Toolbar - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17]
FF Extension: Ultimate Shopping Search - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\@ultimateshoppingsearch.xpi [2017-01-25]
FF Extension: Firefox Hotfix - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2014-09-04]
FF Extension: Video DownloadHelper - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\@ultimateshoppingsearch.xpi
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT
CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com
CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-15]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-15]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-15]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-31]
CHR Extension: (ultimateshoppingsearch) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-01-31]
CHR Extension: (Avast SafePrice) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-31]
CHR Extension: (Yahoo Partner) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2017-01-31]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-15]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-07]
CHR Extension: (Kein Name) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-15]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:22 - 2017-02-01 01:23 - 00028661 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:04 - 2017-01-31 22:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-01-31 22:04 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-01-31 22:03 - 2017-01-31 22:04 - 00752296 _____ C:\Users\Philipp\Downloads\Adware Removal Tool by TSA.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 06960664 _____ (Geek Unіnstaller) C:\Users\Philipp\Downloads\geek.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00537152 _____ C:\Users\Philipp\Downloads\geek_CB-DL-Manager.exe
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\SecurityCheck
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-01-31 22:00 - 2017-01-31 22:01 - 00512440 _____ (glax24 (safezone.cc)) C:\Users\Philipp\Downloads\SecurityCheck.exe
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek.zip
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek (1).zip
2017-01-31 20:58 - 2017-01-31 20:58 - 05200384 _____ (AVAST Software) C:\Users\Philipp\Downloads\aswmbr.exe
2017-01-31 20:17 - 2017-01-31 20:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ProductData
2017-01-31 20:01 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-01-31 20:00 - 2017-01-31 20:00 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (2).exe
2017-01-31 20:00 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64 (1).exe
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 18:15 - 2017-01-31 18:15 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
2017-01-31 17:59 - 2017-01-31 18:00 - 01663040 _____ (Malwarebytes) C:\Users\Philipp\Downloads\JRT.exe
2017-01-31 16:21 - 2017-02-01 01:22 - 02204014 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-02-01 01:22 - 00124894 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setup.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 03:10 - 00000000 ____D C:\Users\Philipp\Desktop\mbar
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-31 01:45 - 2017-01-31 01:48 - 00090910 _____ C:\Users\Philipp\Downloads\Addition.txt
2017-01-31 01:44 - 2017-02-01 01:22 - 00000000 ____D C:\FRST
2017-01-31 01:43 - 2017-01-31 01:43 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 ____H C:\Users\Philipp\Desktop\~WRL1563.tmp
2017-01-28 00:29 - 2017-01-28 00:29 - 00000633 _____ C:\Users\Philipp\Documents\Uninstall STAR WARS The Old Republic.log
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017_ Erinnerung_ IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-21 14:35 - 2017-01-31 21:14 - 00000840 _____ C:\Windows\setupact.log
2017-01-21 14:35 - 2017-01-21 14:35 - 00000000 _____ C:\Windows\setuperr.log
2017-01-21 14:34 - 2017-01-31 20:16 - 00006364 _____ C:\Windows\PFRO.log
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:18 - 2013-08-18 15:36 - 01887324 _____ C:\Windows\WindowsUpdate.log
2017-02-01 00:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:17 - 2013-08-27 15:50 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 22:09 - 2014-10-21 17:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 21:21 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 21:21 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 21:21 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 21:16 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 21:15 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 21:15 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 21:15 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 21:15 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 21:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2016-11-22 21:58 - 00001026 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 20:14 - 2015-01-19 15:45 - 00000000 ____D C:\AdwCleaner
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-02-01 01:23:21)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007)C:\Windows\Minidump\013117-11481-01.dmp013117-11481-01
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1371.07 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 6897.03 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.79 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
2017-01-31 18:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Einige Dateien in TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Philipp\AppData\Local\Temp\geek64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (01-02-2017 01:22:52)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FSPro Labs) H:\Program Files\My Lockbox\mylbx.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll Keine Datei
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF Extension: xRocket Toolbar - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17]
FF Extension: Ultimate Shopping Search - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\@ultimateshoppingsearch.xpi [2017-01-25]
FF Extension: Firefox Hotfix - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2014-09-04]
FF Extension: Video DownloadHelper - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\@ultimateshoppingsearch.xpi
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT
CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com
CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-15]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-15]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-15]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-31]
CHR Extension: (ultimateshoppingsearch) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-01-31]
CHR Extension: (Avast SafePrice) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-31]
CHR Extension: (Yahoo Partner) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2017-01-31]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-15]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-07]
CHR Extension: (Kein Name) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-15]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:22 - 2017-02-01 01:23 - 00028661 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:04 - 2017-01-31 22:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-01-31 22:04 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-01-31 22:03 - 2017-01-31 22:04 - 00752296 _____ C:\Users\Philipp\Downloads\Adware Removal Tool by TSA.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 06960664 _____ (Geek Unіnstaller) C:\Users\Philipp\Downloads\geek.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00537152 _____ C:\Users\Philipp\Downloads\geek_CB-DL-Manager.exe
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\SecurityCheck
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-01-31 22:00 - 2017-01-31 22:01 - 00512440 _____ (glax24 (safezone.cc)) C:\Users\Philipp\Downloads\SecurityCheck.exe
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek.zip
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek (1).zip
2017-01-31 20:58 - 2017-01-31 20:58 - 05200384 _____ (AVAST Software) C:\Users\Philipp\Downloads\aswmbr.exe
2017-01-31 20:17 - 2017-01-31 20:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ProductData
2017-01-31 20:01 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-01-31 20:00 - 2017-01-31 20:00 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (2).exe
2017-01-31 20:00 - 2017-01-31 20:00 - 02193920 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64 (1).exe
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 18:15 - 2017-01-31 18:15 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
2017-01-31 17:59 - 2017-01-31 18:00 - 01663040 _____ (Malwarebytes) C:\Users\Philipp\Downloads\JRT.exe
2017-01-31 16:21 - 2017-02-01 01:22 - 02204014 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-02-01 01:22 - 00124894 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setup.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 03:10 - 00000000 ____D C:\Users\Philipp\Desktop\mbar
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:47 - 2017-01-31 01:47 - 04015056 _____ C:\Users\Philipp\Downloads\adwcleaner_6.043.exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-31 01:45 - 2017-01-31 01:48 - 00090910 _____ C:\Users\Philipp\Downloads\Addition.txt
2017-01-31 01:44 - 2017-02-01 01:22 - 00000000 ____D C:\FRST
2017-01-31 01:43 - 2017-01-31 01:43 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 ____H C:\Users\Philipp\Desktop\~WRL1563.tmp
2017-01-28 00:29 - 2017-01-28 00:29 - 00000633 _____ C:\Users\Philipp\Documents\Uninstall STAR WARS The Old Republic.log
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017_ Erinnerung_ IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-21 14:35 - 2017-01-31 21:14 - 00000840 _____ C:\Windows\setupact.log
2017-01-21 14:35 - 2017-01-21 14:35 - 00000000 _____ C:\Windows\setuperr.log
2017-01-21 14:34 - 2017-01-31 20:16 - 00006364 _____ C:\Windows\PFRO.log
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:18 - 2013-08-18 15:36 - 01887324 _____ C:\Windows\WindowsUpdate.log
2017-02-01 00:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:17 - 2013-08-27 15:50 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 22:09 - 2014-10-21 17:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 21:21 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 21:21 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 21:21 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 21:16 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 21:15 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 21:15 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 21:15 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 21:15 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 21:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2016-11-22 21:58 - 00001026 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 20:14 - 2015-01-19 15:45 - 00000000 ____D C:\AdwCleaner
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Philipp (2017-02-01 01:23:21)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => (Allow) F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => (Allow) C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => (Allow) E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => (Allow) E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => (Allow) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => (Block) C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => (Allow) F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => (Allow) C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => (Allow) C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => (Allow) H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => (Allow) H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => (Allow) H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => (Allow) LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => (Allow) LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => (Allow) LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => (Allow) LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => (Block) F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => (Allow) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => (Block) H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => (Allow) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => (Block) H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => (Allow) F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => (Allow) H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => (Allow) C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => (Allow) H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"1".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007)C:\Windows\Minidump\013117-11481-01.dmp013117-11481-01
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1371.07 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 6897.03 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.79 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
2017-01-31 18:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Einige Dateien in TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Philipp\AppData\Local\Temp\geek64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
You are still using an outdated version of FRST.... Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Please delete all copies you have by doing this.
Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:
Remove disinfection tools
Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt
Then grab a new copy of FRST from here.
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
Please delete all copies you have by doing this.
Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:
Remove disinfection tools
Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt
Then grab a new copy of FRST from here.
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (01-02-2017 01:43:33)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: "C:\Program Files (x86)\Cuppat\Application\chrome.exe" "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FSPro Labs) H:\Program Files\My Lockbox\mylbx.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default [2017-01-31]
FF Extension: (Ultimate Shopping Search) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\@ultimateshoppingsearch.xpi [2017-01-25]
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17] [ist nicht signiert]
FF Extension: (Firefox Hotfix) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\@ultimateshoppingsearch.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT
CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com
CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-31]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-31]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-31]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-31]
CHR Extension: (ultimateshoppingsearch) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-01-31]
CHR Extension: (Avast SafePrice) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-31]
CHR Extension: (Yahoo Partner) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2017-01-31]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-31]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-31]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-31]
CHR Extension: () - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2017-01-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-31]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:42 - 2017-02-01 01:43 - 00028966 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-02-01 01:39 - 2017-02-01 01:43 - 00000000 ____D C:\FRST
2017-02-01 01:39 - 2017-02-01 01:37 - 02420736 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-02-01 01:37 - 2017-02-01 01:37 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-02-01 01:36 - 2017-02-01 01:36 - 00001160 _____ C:\DelFix.txt
2017-02-01 01:35 - 2017-02-01 01:36 - 00797760 _____ C:\Users\Philipp\Downloads\delfix_1.013.exe
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:04 - 2017-01-31 22:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-01-31 22:04 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-01-31 22:03 - 2017-01-31 22:10 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Geek Uninstaller
2017-01-31 22:03 - 2017-01-31 22:04 - 00752296 _____ C:\Users\Philipp\Downloads\Adware Removal Tool by TSA.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 06960664 _____ (Geek Unіnstaller) C:\Users\Philipp\Downloads\geek.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00537152 _____ C:\Users\Philipp\Downloads\geek_CB-DL-Manager.exe
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek.zip
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek (1).zip
2017-01-31 20:17 - 2017-01-31 20:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ProductData
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 16:21 - 2017-02-01 01:43 - 02395803 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-02-01 01:43 - 00139017 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setup.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 ____H C:\Users\Philipp\Desktop\~WRL1563.tmp
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-26 04:39 - 2017-01-26 04:39 - 00184899 _____ C:\Users\Philipp\Downloads\Mathe 2016-2 (1).pdf
2017-01-26 04:29 - 2017-01-26 04:29 - 00069916 _____ C:\Users\Philipp\Desktop\Detailansicht.pdf
2017-01-26 01:09 - 2017-01-26 01:09 - 00114273 _____ C:\Users\Philipp\Desktop\Arabesk.pdf
2017-01-25 22:04 - 2017-01-25 22:04 - 00137693 _____ C:\Users\Philipp\Downloads\Einf VL 1617 Croissant 1. Termin.pdf
2017-01-25 22:03 - 2017-01-25 22:03 - 00126742 _____ C:\Users\Philipp\Downloads\Einf S 1617 Giersdorf 1. Termin.pdf
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017_ Erinnerung_ IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-23 03:07 - 2017-01-23 03:07 - 00072070 _____ C:\Users\Philipp\Downloads\myLecturesbd591452-0f7b-498a-a1b4-94404c41b45f.pdf
2017-01-23 03:04 - 2017-01-23 03:04 - 00072070 _____ C:\Users\Philipp\Downloads\myLectures9ef007c7-4303-4a20-96c7-4148656a23f5.pdf
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 19:33 - 2017-01-17 19:33 - 00085724 _____ C:\Users\Philipp\Downloads\Mini-Hausarbeit_06.01.2017_Arda ARIKAN_Kommentare.pdf
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-16 22:06 - 2017-01-16 22:06 - 00184899 _____ C:\Users\Philipp\Downloads\Mathe 2016-2.pdf
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:17 - 2013-08-27 15:50 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 22:09 - 2014-10-21 17:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 21:21 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 21:21 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 21:21 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 21:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-31 21:16 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 21:15 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 21:15 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 21:15 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 21:15 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 21:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2016-11-22 21:58 - 00001026 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-13 15:01 - 2013-08-27 17:18 - 00000000 ____D C:\Users\Philipp\AppData\Local\ElevatedDiagnostics
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Einige Dateien in TEMP:
====================
2017-01-31 18:16 - 2016-04-09 07:59 - 1732864 _____ (Microsoft Corporation) C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
2017-01-31 22:03 - 2017-01-31 22:03 - 3957784 _____ (Geek Unіnstaller) C:\Users\Philipp\AppData\Local\Temp\geek64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von Philipp (01-02-2017 01:44:04)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\ChromeHTML: -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Temp\AvgSetup\a6a5e221-de0b-47cf-a976-395874a5db8e\install\fmw\avgrdsttestx.exe".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Temp\AvgSetup\a6a5e221-de0b-47cf-a976-395874a5db8e\install\fmw\avgrdsttesta.exe".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007). Ein volles Abbild wurde gespeichert in: C:\Windows\Minidump\013117-11481-01.dmp. Berichts-ID: 013117-11481-01.
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 79%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1221.6 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 6728.88 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.66 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
durchgeführt von Philipp (Administrator) auf PHILIPP-PC (01-02-2017 01:43:33)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: "C:\Program Files (x86)\Cuppat\Application\chrome.exe" "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SeriousBit) F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FSPro Labs) H:\Program Files\My Lockbox\mylbx.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Cuppat\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => H:\Program Files\My Lockbox\mylbx.exe [2289952 2013-10-28] (FSPro Labs)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2016-06-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Amazon Music] => C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [NetBalancer] => F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1803112 2015-04-30] (SeriousBit)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [7163504 2017-01-27] (Spotify Ltd)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Run: [ZPNConnect] => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-07] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default [2017-01-31]
FF Extension: (Ultimate Shopping Search) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\@ultimateshoppingsearch.xpi [2017-01-25]
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17] [ist nicht signiert]
FF Extension: (Firefox Hotfix) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\google-avast.xml [2015-05-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\@ultimateshoppingsearch.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT
CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com
CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-31]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-31]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-31]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-31]
CHR Extension: (ultimateshoppingsearch) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-01-31]
CHR Extension: (Avast SafePrice) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-31]
CHR Extension: (Yahoo Partner) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2017-01-31]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-31]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-31]
CHR Extension: (Avast Online Security) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-31]
CHR Extension: () - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2017-01-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-31]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-07] (Avast Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-18] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [352768 2016-11-09] () [Datei ist nicht signiert]
R2 NetBalancerService; F:\Program Files (x86)\NetBalancer\SeriousBit.NetBalancer.Service.exe [129896 2015-04-30] (SeriousBit)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-04-13] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-11-02] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14188272 2017-01-23] (Zemana Ltd.)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2016-06-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2016-06-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-07] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-10-11] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-07] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-11-02] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-11-02] ()
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-02-05] (SeriousBit)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-07] (AVAST Software)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-04-13] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-31] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-07] (Avast Software)
S3 WinRing0_1_2_0; kein ImagePath
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-01-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-01-31] (Zemana Ltd.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:42 - 2017-02-01 01:43 - 00028966 _____ C:\Users\Philipp\Desktop\FRST.txt
2017-02-01 01:39 - 2017-02-01 01:43 - 00000000 ____D C:\FRST
2017-02-01 01:39 - 2017-02-01 01:37 - 02420736 _____ (Farbar) C:\Users\Philipp\Desktop\frst64english.exe.exe
2017-02-01 01:37 - 2017-02-01 01:37 - 02420736 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-02-01 01:36 - 2017-02-01 01:36 - 00001160 _____ C:\DelFix.txt
2017-02-01 01:35 - 2017-02-01 01:36 - 00797760 _____ C:\Users\Philipp\Downloads\delfix_1.013.exe
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:04 - 2017-01-31 22:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-01-31 22:04 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-01-31 22:03 - 2017-01-31 22:10 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Geek Uninstaller
2017-01-31 22:03 - 2017-01-31 22:04 - 00752296 _____ C:\Users\Philipp\Downloads\Adware Removal Tool by TSA.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 06960664 _____ (Geek Unіnstaller) C:\Users\Philipp\Downloads\geek.exe
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00537152 _____ C:\Users\Philipp\Downloads\geek_CB-DL-Manager.exe
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek.zip
2017-01-31 21:59 - 2017-01-31 21:59 - 02793495 _____ C:\Users\Philipp\Downloads\geek (1).zip
2017-01-31 20:17 - 2017-01-31 20:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ProductData
2017-01-31 18:17 - 2017-01-31 18:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-31 18:16 - 2017-01-31 20:08 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-31 18:16 - 2017-01-31 18:16 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-31 18:15 - 2017-01-31 18:15 - 34821984 _____ (Adlice Software ) C:\Users\Philipp\Downloads\setup (1).exe
2017-01-31 16:21 - 2017-02-01 01:43 - 02395803 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-01-31 16:21 - 2017-02-01 01:43 - 00139017 _____ C:\Windows\ZAM.krnl.trace
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-31 16:21 - 2017-01-31 16:21 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-31 16:20 - 2017-01-31 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Local\Zemana
2017-01-31 16:19 - 2017-01-31 16:19 - 05510592 _____ ( ) C:\Users\Philipp\Downloads\Zemana.AntiMalware.Setup.exe
2017-01-31 01:54 - 2017-01-31 16:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-31 01:54 - 2017-01-31 01:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-31 01:54 - 2017-01-31 01:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-31 01:50 - 2017-01-31 01:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-31 01:47 - 2017-01-31 01:48 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001 (1).exe
2017-01-31 01:46 - 2017-01-31 01:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philipp\Downloads\mbar-1.09.3.1001.exe
2017-01-28 01:38 - 2017-01-29 02:08 - 00016116 ____H C:\Users\Philipp\Desktop\~WRL1563.tmp
2017-01-27 05:30 - 2017-01-27 05:30 - 00000772 _____ C:\Windows\SysWOW64\ping.cfg
2017-01-26 04:39 - 2017-01-26 04:39 - 00184899 _____ C:\Users\Philipp\Downloads\Mathe 2016-2 (1).pdf
2017-01-26 04:29 - 2017-01-26 04:29 - 00069916 _____ C:\Users\Philipp\Desktop\Detailansicht.pdf
2017-01-26 01:09 - 2017-01-26 01:09 - 00114273 _____ C:\Users\Philipp\Desktop\Arabesk.pdf
2017-01-25 22:04 - 2017-01-25 22:04 - 00137693 _____ C:\Users\Philipp\Downloads\Einf VL 1617 Croissant 1. Termin.pdf
2017-01-25 22:03 - 2017-01-25 22:03 - 00126742 _____ C:\Users\Philipp\Downloads\Einf S 1617 Giersdorf 1. Termin.pdf
2017-01-25 21:56 - 2017-01-25 21:56 - 00001507 _____ C:\Users\Philipp\Downloads\POL_P1 Einf__hrung in die Politische Wissenschaft 2016_2017_ Erinnerung_ IPW Klausuranmeldung 1. Termin bis zum 28.01.2017 noch m__glich.zip
2017-01-23 03:07 - 2017-01-23 03:07 - 00072070 _____ C:\Users\Philipp\Downloads\myLecturesbd591452-0f7b-498a-a1b4-94404c41b45f.pdf
2017-01-23 03:04 - 2017-01-23 03:04 - 00072070 _____ C:\Users\Philipp\Downloads\myLectures9ef007c7-4303-4a20-96c7-4148656a23f5.pdf
2017-01-18 18:37 - 2017-01-29 00:14 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Mozilla
2017-01-18 18:30 - 2017-01-18 18:30 - 00000017 _____ C:\Users\Public\Documents\cfg.ini
2017-01-17 19:33 - 2017-01-17 19:33 - 00085724 _____ C:\Users\Philipp\Downloads\Mini-Hausarbeit_06.01.2017_Arda ARIKAN_Kommentare.pdf
2017-01-17 14:50 - 2017-01-19 19:14 - 00000019 _____ C:\Users\Public\Documents\cc.ini
2017-01-16 22:06 - 2017-01-16 22:06 - 00184899 _____ C:\Users\Philipp\Downloads\Mathe 2016-2.pdf
2017-01-13 20:39 - 2017-01-13 20:39 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Berserk Games
2017-01-13 19:45 - 2017-01-13 19:45 - 00000222 _____ C:\Users\Philipp\Desktop\Tabletop Simulator.url
2017-01-13 18:32 - 2017-01-13 18:32 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Blacklight Interactive
2017-01-13 17:27 - 2017-01-13 17:27 - 00000222 _____ C:\Users\Philipp\Desktop\Golf With Your Friends.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 01:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:17 - 2013-08-27 15:50 - 00000000 ____D C:\ProgramData\Skype
2017-01-31 22:09 - 2014-10-21 17:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-31 22:06 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-31 21:21 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2017-01-31 21:21 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2017-01-31 21:21 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 21:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-31 21:16 - 2013-08-18 15:36 - 00000000 ____D C:\Users\Philipp
2017-01-31 21:15 - 2016-11-10 23:32 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-01-31 21:15 - 2015-03-15 11:19 - 00000000 ____D C:\Users\Philipp\AppData\Local\Spotify
2017-01-31 21:15 - 2015-03-15 11:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Spotify
2017-01-31 21:15 - 2013-10-11 19:38 - 00000000 ____D C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
2017-01-31 21:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2016-11-22 21:58 - 00001026 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-31 20:14 - 2016-11-10 23:33 - 00001169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-31 17:16 - 2016-11-10 23:33 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-01-31 02:56 - 2013-08-27 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2017-01-31 01:20 - 2013-08-21 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-28 18:56 - 2014-04-01 19:52 - 03706368 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2017-01-28 00:33 - 2014-09-13 11:08 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
2017-01-28 00:32 - 2016-11-01 15:15 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-28 00:32 - 2014-01-18 20:57 - 00000000 ____D C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client
2017-01-28 00:29 - 2016-11-26 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 00:29 - 2014-03-20 18:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-28 00:29 - 2014-03-06 14:30 - 00000000 ____D C:\ProgramData\Freemake
2017-01-28 00:19 - 2016-06-13 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-28 00:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-26 06:24 - 2016-11-13 23:19 - 00000000 ____D C:\Users\Philipp\Desktop\Arda
2017-01-22 14:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-21 21:55 - 2015-06-02 17:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-15 18:45 - 2013-09-13 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:07 - 2014-12-26 20:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-14 16:42 - 2014-02-23 11:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-14 16:42 - 2014-02-23 11:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-14 16:42 - 2014-02-23 11:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-14 16:42 - 2014-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-13 20:39 - 2013-08-21 19:04 - 00000000 ____D C:\Users\Philipp\Documents\My Games
2017-01-13 15:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-13 15:01 - 2013-08-27 17:18 - 00000000 ____D C:\Users\Philipp\AppData\Local\ElevatedDiagnostics
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Einige Dateien in TEMP:
====================
2017-01-31 18:16 - 2016-04-09 07:59 - 1732864 _____ (Microsoft Corporation) C:\Users\Philipp\AppData\Local\Temp\dllnt_dump.dll
2017-01-31 22:03 - 2017-01-31 22:03 - 3957784 _____ (Geek Unіnstaller) C:\Users\Philipp\AppData\Local\Temp\geek64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 22:33
==================== Ende von FRST.txt ============================
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von Philipp (01-02-2017 01:44:04)
Gestartet von C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-18 14:36:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3041798318-2634963116-1215314133-500 - Administrator - Disabled)
Gast (S-1-5-21-3041798318-2634963116-1215314133-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3041798318-2634963116-1215314133-1002 - Limited - Enabled)
Philipp (S-1-5-21-3041798318-2634963116-1215314133-1000 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Amazon Amazon Music) (Version: 3.10.0.924 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
AutoSensitivity (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Brother MFL-Pro Suite MFC-9320CW (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{5713D2DD-01F2-40D0-827D-917A88E7637A}_is1) (Version: CLICK & LEARN DiDi 360° 5.2 DVD - DEGENER)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version: - Daedalic Entertainment)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Lockbox 3.0.5 (HKLM\...\My Lockbox_is1) (Version: 3.0.5 - )
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.5.0) (Version: 4.0.5.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.5.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version: - Berserk Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.591 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\ChromeHTML: -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02261E59-DCE8-496A-BB04-F4AF99A91189} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0AB570FA-847C-4FB2-9C8C-82067DFA95B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {67928E07-523E-411F-A980-D440E2B4FD2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (AVAST Software)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8CE2EA77-D7B1-4BC3-B2C1-599DD6DA6212} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {DFBAA4C3-EF76-49C3-9AA5-6D5543BDA370} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Cuppat\Application\chrome.exe (Google Inc.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 10:07 - 2015-08-18 01:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-23 16:27 - 2015-04-30 09:46 - 00115712 _____ () F:\Program Files (x86)\NetBalancer\Events.dll
2015-08-23 16:28 - 2015-08-23 16:28 - 00217960 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-08-23 16:27 - 2015-04-30 09:47 - 00031744 _____ () F:\Program Files (x86)\NetBalancer\BugReporting.dll
2013-09-04 19:10 - 2014-07-06 19:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-07 18:49 - 2005-04-22 12:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-01-31 16:21 - 2017-01-31 16:21 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-18 22:56 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Philipp\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-12-15 00:30 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:30 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-07 13:03 - 2015-08-07 13:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 23:33 - 2016-11-09 03:43 - 00352768 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2015-04-01 09:31 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-07 16:25 - 2015-04-07 16:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-01-31 22:02 - 2017-01-31 22:02 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-15 00:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{21ED757D-71F7-4E93-8A26-4F3F192F63A7}] => H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9259FB8-214D-4B63-AB8C-E1D572E16617}] => H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7346F99C-B07F-48D3-96D6-B27E7FC60958}F:\program files (x86)\skype\phone\skype.exe] => F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEF7523A-F2C8-4CF3-BD0F-3E085673C453}F:\program files (x86)\skype\phone\skype.exe] => F:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A1352E9-B58C-418B-A8AB-1B9E9F8B4EF3}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{12C3E11E-C2A2-493A-894F-875FC0641820}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DCCE3E4E-5C81-47E3-B426-FD776034C9D2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF79556-E335-461B-A099-55292F6CE2EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCF489CB-1187-44A6-BC76-281656F962CF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53AF07D-4477-41FC-9A49-88A7D81D0168}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8AD8195A-9FD1-453F-B60F-DF66DA1EE869}] => C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{D459E9D6-7724-4A66-82C9-761919306E36}] => C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{38F9BC97-2F6A-4385-8ABA-657C1421CB2F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B895F8-18AE-4D6E-BCC6-1ED18DC2308D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{92A63FD0-9C6C-4855-97B7-07306985B5AA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87C2F982-B124-493B-A6CC-833F14CA99D8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DEEE23E-F414-4B4C-B08F-6C2C6993C57A}] => C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{58252888-1755-4991-A0F9-EBB3F022D3D5}] => C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{D3B7CDE1-024A-432D-960C-4343B74A0739}] => LPort=54925
FirewallRules: [TCP Query User{50E89D94-505B-44BA-B992-804CC020944B}C:\program files (x86)\steam\steam.exe] => C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{37B9E4DF-DDAA-448A-8C35-0EF9DEC79DA0}C:\program files (x86)\steam\steam.exe] => C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{607E2054-58F9-477E-8BC6-BA568D821CC2}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{86032D63-9007-4D0E-AB79-60F1FB5EB7F1}C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{76712770-6A7F-4C1E-82B4-24CFD1B7F000}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{7A1BC0BA-B098-4B00-93FD-88F1ED21C27A}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [TCP Query User{145AEDF9-2ECC-43DB-AC67-1E6E09E2ABCC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [UDP Query User{D0EC03A1-37CD-4E8A-9DE9-9217F66A522C}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe] => C:\program files (x86)\the creative assembly\rome - total war\rometw.exe
FirewallRules: [TCP Query User{3BCBC79D-A10C-4FE5-9A7F-DCC782F40156}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{77C491EF-9CAD-4753-A9B5-78AA0EAA3C16}C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\philipp\desktop\ph\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{4B2D6E05-483D-49F1-A66B-E23EE778AD00}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{D805F393-DF9F-42DB-8BD8-A10435FFD59E}] => C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF}] => C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{8F2757CB-3F12-42C6-9F8A-4774ADD31DD2}E:\starcraft ii\versions\base26490\sc2.exe] => E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{0BDDFDAC-B2ED-4B98-BC26-FE4BE17023BD}E:\starcraft ii\versions\base26490\sc2.exe] => E:\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{918FBB9D-A167-4373-AFAD-10F9F13A5B47}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{CE44343A-18FD-4F5C-AFB9-72A6DE6E2F89}H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{C125BEAE-F4EB-4F10-8C94-50D566986ADF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{A6C9568F-B66F-4D81-86DE-7DED4BA4EEEF}H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{44198A79-F80C-4668-8DEC-61C6B449FC42}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{43205FE2-158D-4CEB-BDA1-7CDEAAEEA89B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{C68EB3E0-2F52-4C5D-BC6A-1BD447B7A1CA}E:\firefly studios\stronghold 2\stronghold2.exe] => E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{F7072C7B-26A3-44F0-B587-2EAAE1D78C2B}E:\firefly studios\stronghold 2\stronghold2.exe] => E:\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{0809DA3A-658F-4F47-8916-84CBF04DFFE7}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{B1686F91-DCB7-4851-A600-A045D357F223}F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{69FCA70B-56DD-44A4-937D-27978BED7C64}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{3993D2EA-9020-44A0-AE27-CA7EBF9E6EA1}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{5E0C1963-7723-431A-A0FF-5559FE5B4FCC}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A1E85A62-4480-42D6-BEF6-3B104DFBA6A9}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{A9BF2868-E436-4AAC-A5B6-6E9F44E3E6D1}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A27B1A23-6AE9-4069-AD9C-2AB64D9CFB22}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B017E2C6-3F10-4969-99DA-02E8842CB380}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{F2F35591-A26D-4679-A37D-8FA745ABE448}] => C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{6FA6AF87-096C-4148-BBE8-8A29CE7BFC03}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8A589767-2A22-4BA8-9F2E-25708DBB99B1}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{CDBEA086-EEF8-478B-BD30-ED34E603EDE4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C3D27A7-E5B8-4ED7-B97E-BFE531FF8F99}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{56D56AD2-BFC4-415B-A804-0DF50091F5E6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44EFA5C1-2C54-432F-821F-D10FDD7BD46E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40804B2A-9569-4303-804A-3DE8AFD4C459}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B3EE1A97-B0F0-4AA4-9F14-AACD324EBCFF}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{87E39D11-917A-4ACA-A172-B9DB9FD99CED}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5368821C-622D-4CE6-868E-B4B92CAE6AEC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD1CC07-47F7-4EBC-B28F-331D6B01812B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{10DBE06C-21C5-40DE-AB47-2839EAA361A2}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{72584B12-0B71-40A1-8FD5-4EF1B8FAE240}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{62F24C45-274B-4324-84D9-EEDC1C2FFA63}] => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38E63D60-2B6A-4570-B5E7-0334F1B28753}] => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1F8EFC10-91D2-4DEF-9300-AA828DE18B26}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{8D083110-0487-4200-BD21-3E6205B824E4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [UDP Query User{B9933272-DB9A-419D-A1FC-C376F14A8A5A}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe] => C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\udk.exe
FirewallRules: [{120C8A28-FA3D-4D5F-8F88-6983D85BB69C}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3D2372B4-DE98-4586-8A3D-F083A3D3E4C7}] => C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{44A5645F-EF67-4694-BF0C-45FCBABC1815}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{109FF8B2-1B6E-4A45-AB5C-0CB97EA71BA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E333BEFF-AFE8-44D0-8E6D-1E6684278E53}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{BDC3DE48-88BB-4952-BDF9-A667D17544F3}H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{C918B3BB-2D89-49EC-A5F3-59764544A681}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{A3578BEB-246F-4B68-9BB1-4E70D3867E6A}C:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{4B90B806-D737-421F-A259-86B4B6EBE2D4}] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{C142FBE6-7660-4D57-91EB-6F28DF0C53EF}] => C:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{65D1CA79-73C8-4C1C-A396-55114CC5C61C}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{2E300A00-EF29-4879-AD3F-8C035C177F2F}] => C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{3FC2C324-EE95-4C8C-A26E-EE7AB4D14AD7}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FDC2297-746E-4E22-8C84-B9F9349E4D89}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90C98BC3-B0B9-4CAC-ADCA-E2EAA208143E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB1FB9E-E96A-48D9-A09E-280C1F709B39}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C564E886-162A-48EE-A823-A6A3CD950300}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F539564B-0389-4020-BE90-B3A2E3A3D28F}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{760F1162-0054-44F4-A5D6-7F1F803CA314}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe] => C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{A2901DA7-2CF9-447A-8578-1EF26AD9EB25}] => F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [{9D169BCF-E400-428F-8825-1FDA28D85D4A}] => F:\Program Files (x86)\Origin Games\Battlefield 1942\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{9D5327F1-4C82-4AB4-9675-32920B9A5A14}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{3ADEFCDF-1F60-49BB-B0CC-E38073CF5B97}F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe] => F:\program files (x86)\origin games\battlefield 1942\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{7962898C-564D-4F4D-8199-3DFBE683A858}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{7CE33FEF-633B-484E-926F-28959FBE7A6E}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{59B4E854-C94F-4DAE-911E-4E2CD4C668B9}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2FED403-E1B3-46AD-A838-C1917B27FD50}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{07A267BF-9BD3-4856-88D1-A924CF38EFBC}] => C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{04756382-6EB7-495C-85E9-516EED38F5FF}] => C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [TCP Query User{9CA5DE4A-9B21-404E-A471-E1D4FCBDB5D8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{46EA1D4C-732E-4080-BDAE-C7E04C2AAEE8}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B207A236-B040-4C95-A84E-30FF650F233F}] => C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BEDFF67-BEB9-437C-8BDE-57FD8AD18762}] => C:\Users\Philipp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ED86D4BE-5034-46D4-A275-D0D0D158DC32}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [UDP Query User{00D3324E-F60E-4815-9389-22AFEF3C3848}C:\users\philipp\desktop\utorrent3.4.1_30888.exe] => C:\users\philipp\desktop\utorrent3.4.1_30888.exe
FirewallRules: [TCP Query User{D8B96E37-4E7C-401D-9974-6423F3566ACB}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{FE178129-19B7-4D3C-A611-FF8661E15371}C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => C:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{1630330C-FC81-4E8E-A74B-D30CCB7637D9}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{69C4D2F1-5E35-4324-A7C7-21A1841D7FB6}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB289EE0-A061-499C-A260-45816D2DB290}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4AC641E7-FC1D-4089-BDF8-C1C6C461F508}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E01B4C60-3CC7-4862-96F8-A240FF5DBF8A}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E155F5FE-3408-4083-9DE8-10F9A4EDC456}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C0143FF0-242F-4B84-A070-F77D6C898FE3}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E3C733F0-C093-4EAD-B3D9-6A758B7CAB80}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{C41E6AE9-3ECA-4D3B-8892-6EEB5B8F822B}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E70C6C19-B5DB-4C21-A6AC-7DAFA0D942E2}H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwaw.exe
FirewallRules: [{32C48089-640E-4154-8F9F-FD34D67820E7}] => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{ABF9B047-DBDD-40F0-8310-4096C07A1D54}] => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3363AF0F-0FAE-4932-9BDC-F768D750CD20}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF75CEDC-9CF5-481D-9063-269F7C9A3EEB}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FBF504C5-7660-4CA0-9461-EE1588F6F15D}] => C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9B3BB61E-72AA-4C6A-9524-F08E717DB6BB}] => C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{4B8F48EB-61A7-463A-9CFF-3F443435A262}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BC13CB58-34B2-423E-81E9-F0681A534A12}H:\program files (x86)\battlefield bad company 2\bfbc2game.exe] => H:\program files (x86)\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{FDD44B81-B42F-4882-B2A2-2E57B5A37E22}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{FDD1DC3F-5716-40C2-96A2-2C53635789B6}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{115A852F-F8A4-47B2-ADDC-124127385ECA}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{DC81A4C5-6983-4E10-88C2-B1BE2007E20A}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{2BA43725-5873-4C4B-B214-D17575BED6C1}] => C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9BE1D182-5C1A-4012-8196-D78F15784A37}] => C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C5343D04-4C9B-4307-A77C-075B8B2C9E8F}] => C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B29A6550-56A1-491E-BB46-A0863A286D3F}] => C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{A6839289-220D-4430-AB8B-F35AE2467491}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [UDP Query User{FFD48200-6659-4D3F-B489-D0D672A604CB}C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe] => C:\program files (x86)\origin games\battlefield 1942\bf1942_w32ded.exe
FirewallRules: [{8FCE413C-7C8F-49D2-97AB-12AF69EBBE36}] => C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6D6C39D8-B4DC-471E-AD24-04DB637E2F52}] => C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EAB8C967-DA03-47A1-82E0-2B7953613624}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08AAB84F-CA39-4873-BA9F-0BF1B0BFD6BD}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F0334A4E-6660-4A29-85A3-91F9D2A08148}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0CBB6BE2-C2DC-42EF-9283-98CE12A3156B}H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => H:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{7DE20AE2-DB27-4C65-99EE-A3A8C2C0141A}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1221F58B-7252-4BBA-81F5-73DB9BA73765}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{745BCB12-AD0D-47D6-B6AA-B8E6552BA321}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{04E69D41-E088-48EE-B661-146576D2F4E2}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{838E6DD1-7E16-4467-9DD7-B08494056500}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{9560A1CC-F03A-4ED7-8F9F-628879A48BD1}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D8DC3995-78FB-4F91-B0E6-0EA20B8D0B47}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{82FC90AF-A279-4FE8-929A-00FCBB85AE88}] => H:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{33FDEC31-0752-437B-8B40-816F7DA64FD1}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{42A94929-CE71-45D6-82BF-D969413DA4BF}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{53DF5A34-AAEB-4C77-8AAB-9BC5C1FC7B0F}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CACF8BB-8612-462A-91D9-4AE3354FEDFD}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{85B72C11-7DC6-49E6-A5E7-0D20FF0540A4}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{FB4D9EF1-D86D-4256-8AE5-AB0372E26A1E}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{FF359D40-BC43-41F9-A748-265960862C7F}H:\program files (x86)\anno1701.exe] => H:\program files (x86)\anno1701.exe
FirewallRules: [UDP Query User{20AAC5E0-E43B-491B-A775-B99DD7898E96}H:\program files (x86)\anno1701.exe] => H:\program files (x86)\anno1701.exe
FirewallRules: [TCP Query User{0C3093E0-C804-4C2C-B240-64A3E0F4EA3E}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{4FAA22AA-FD48-4BAC-B1F0-0E1792B3B93F}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{48694631-51A4-4BD0-ACE6-47E620E1E7CF}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{2AAC6F09-9F21-4E3B-BDB3-8D96349EB24C}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DA0FF709-FCA2-49E4-A49D-C52F94A33C39}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3809CCA4-6534-4D78-AEB6-370B66A68D58}H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => H:\program files (x86)\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{6B079631-4440-4D03-A37A-5644A17FAEF9}] => C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF03333A-3897-48EF-B54D-56094C23D489}] => C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D746C5F2-5646-488A-AA6A-9EFCB544C556}] => C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ECACD096-AD74-4AA4-A843-FDFB10ED1EE7}] => C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B57AD082-017F-4128-AF5E-A02D6F3AE087}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{07A18F29-12BC-4AAB-A245-B4291010C345}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E98D26EB-6723-4507-B967-151A5FC8D219}] => C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{90E6D116-0BB7-4559-85E0-24C8F80E4EBD}] => C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{98CFEB0B-2567-4974-AD58-360ED70FB0BB}] => C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D3C6F70D-7E00-41A4-9628-1D22289A2534}] => C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{39C3B977-7B8E-4058-BA43-22270D728ACD}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65EAF7AA-5109-48D9-B895-9FBFA7579572}] => LPort=2869
FirewallRules: [{1461D1B9-4C92-412B-99E7-BCC4A26EA5F5}] => LPort=1900
FirewallRules: [{B17041C2-3DD4-4225-8B9D-5FA96BAE885F}] => C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{285EB98B-6D92-4549-8710-3EEE16688C5D}] => C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{4095A852-5A84-4932-A234-FBB2F70DA4E4}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{5ADC40C5-B7E7-4262-9D67-7438E0946454}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8C44C964-4AA3-47E4-92ED-F3A222D0E532}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C6A13823-BD82-4DC7-AC17-04ECE6460C20}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CA2CF6F4-3D92-485F-87CF-1D4FE65F9552}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{F76BB649-4842-492C-8CD6-6C86FC6449F4}] => C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{3A8FE08D-E9EA-4675-8E18-BDD201C7E22C}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB041934-E078-4519-85E4-4B9C2F2D16E4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C27E94F-9B54-4A90-9F4C-FBF097292328}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C07014D5-340A-473A-8A73-C045C7E3989F}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{6463FE23-B967-4206-A257-A93F489B761E}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9D9EBD29-3591-410F-A642-DBF8DDABB5B4}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{27F67820-C035-4F34-94E0-67D63DC096F6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1C3918B6-EB75-4A47-901F-502980DE752B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9079E56A-E830-4A4C-B496-2F7CEDB05975}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2CE4262B-CFDC-4AEE-8B06-7805A0C3589A}] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{68F148F7-0F0E-48C0-ADA1-9DA8B3982E14}] => C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5023DC5D-1BA7-43A1-80A3-C69DD4495C69}] => %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C606DE97-F79B-4D9B-86F0-57D5C7A655B6}] => LPort=32976
FirewallRules: [{CC3B7A6D-97D4-43ED-B9F1-556FFBCEE186}] => LPort=25565
FirewallRules: [{A72E3139-85F1-46C0-8B48-6D653CDA7B09}] => LPort=25565
FirewallRules: [TCP Query User{5CB17E6E-4CD0-4C42-89EF-D84CE339BAFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{BE4FFE99-1BA5-4A6D-859F-CDA851972532}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{B257C971-02AD-4C35-9324-291D897CDB7B}] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E3CC2757-CB2A-4FA1-A4EC-10438D6B5B68}] => C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{83EC0370-4A56-4F9E-A8D7-C53C1F7DF5C8}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{462D3BB6-41BD-4140-AD26-5881F42070A3}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E4A6E6C-63B9-4F2D-A464-D536F18FF445}] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{29ACF394-43F0-4864-889E-5D46E5D3F87E}] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{F03899D2-D3B2-462A-A001-E67AE4B36673}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E3F48574-B4DF-4810-A566-97F9E532B730}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D81B412B-FFC6-49A5-9790-9F1DD0CE42FD}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68EAD43C-3085-4279-A3D5-473DE008DB23}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{445E9A2B-6187-442F-A3DC-8F07B60E5BF7}] => C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{DCA567F4-2ABC-4AC8-BCCB-333CC8DCAC57}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B4FFC0C-2B5B-48F3-A996-4FE3F228166A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD912131-48B7-4E6C-B09E-E6359DF7BCCA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F219D37-9624-4F30-87B1-D37DC4066A96}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DD9A30-5E45-4066-8DDE-FE93E1850C30}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BDEC72B2-CB1A-474E-9ED6-A84810625FC8}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{F5E1EBB0-9961-4CE9-BD8A-65B6B46F2E17}F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => F:\program files (x86)\ubisoft game launcher\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{768CC022-3055-4BD4-8E80-31818E9BEAE7}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BAAED63C-A5E5-4EB7-AB3A-45FCFFD77678}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{304844EF-7019-4BCF-A4FE-0383F544F183}] => C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A3A2DFF-F9AB-4F5D-94F3-3787C176BDD5}] => C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{F979DE64-FC1E-459B-8EDD-ED109EF48ECD}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{7852709D-8D0D-4F92-B043-C8FBE4099221}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{6D6ABC91-928D-4280-9DBF-41D01A431D4A}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [UDP Query User{37C5D000-7F70-40F4-9FF9-C9221496DC42}H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{B27ABAA2-C82B-44F4-A30A-AD5E91C4EB32}] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [{67DDF624-A2E5-4D33-A95F-90ABF5682A0B}] => H:\program files (x86)\star wars battlefront\gamedata\battlefront.exe
FirewallRules: [TCP Query User{7BC2C177-D11F-4D08-B3DE-C7F58A1CF9DD}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [UDP Query User{9DF02414-F9FC-4036-B227-959FE7ACC17E}H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{228436F4-E76C-4BEA-B241-E2C08B3C5797}] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{63CCD24A-9DE9-486E-9928-D528E431701F}] => H:\program files (x86)\battlefield 1942 1.61 crack\bf1942.exe
FirewallRules: [{858E1EA8-EB9E-4E44-B451-3B6DFC3F985F}] => C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C9CA1E65-0601-4D1B-8D5A-3C757AB596E5}] => C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{AFBD3180-D569-4A48-9C70-090808A3B765}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{4568192C-D1BA-46B3-8307-055C03D5B4CB}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{AA086928-71C2-4E9D-9EE7-DA834804DB70}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{CAC8CED3-1C01-471A-8AFC-CCDE5E61B46F}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{0481A2E1-32DD-4D79-9522-136262E18EFD}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{5751333F-1F56-48C8-9335-521D845BA824}] => F:\Program Files (x86)\Steam Games\steamapps\common\Edna & Harvey The Breakout\Edna.exe
FirewallRules: [{16C6AC44-879C-4FC3-9E2B-7E6B7FBBA341}] => F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F734F823-F300-454C-8A84-63EB6A303F4D}] => F:\Program Files (x86)\Steam Games\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{01A42E9E-220D-49B9-940A-1AAC5051E9A4}] => F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{CA2B1C86-1455-47B6-9A1B-AF4221454CF1}] => F:\Program Files (x86)\Steam Games\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{96832A8D-F388-4EAE-BD92-9458649456F6}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{241BD5E1-3D24-4DBC-83D5-750B9D32E39E}H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe] => H:\program files (x86)\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{CF2A8203-0EE6-4858-B69A-EB76C6D9F4BE}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{561BC56C-D11F-4759-B02B-18B214505678}H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe] => H:\program files (x86)\world at war\call of duty - world at war\codwawmp.exe
FirewallRules: [{95A263BF-2864-4081-AFB5-3620647A4BFD}] => C:\Program Files (x86)\Cuppat\Application\chrome.exe
FirewallRules: [TCP Query User{7EF83D24-ABC4-4BE1-B269-E97F571709A4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5799A902-DD95-4DCB-B14A-953392704D71}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AC47DEED-56B1-443F-83F3-8A0E45439D95}] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C43AE569-728A-4635-966B-A0D7497AC12E}] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0733329D-7CAA-43CD-8D94-D5DDD4068021}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B1FFE5A-9575-4978-A910-FC331CAB3E85}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD4441E1-9E17-4D09-81DE-23FC004CF163}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51D36651-267C-4534-819C-0C867AAEB47B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{2DE8A6E7-501A-4106-814E-41F93EA96BCD}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{0FDDC06B-F260-4E3E-AA72-1E8BCCD791C2}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C11F5C2A-461F-424E-B15C-FCCB19462744}] => C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{34FBA65F-A6AE-4D03-914E-A461C7E795B2}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{674235E8-E3D0-4C45-8F4D-E73DBF86CB65}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{8741BFD0-D5ED-43FB-8FF3-A0ABBD9FB6A5}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0B2C9047-0B17-4A2E-B628-9FAC90D6E6A8}] => H:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BC2A59B9-EEAE-4117-94F3-66A4078B5375}] => C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{610154B7-0E65-493B-8D24-7BA16F0E7DC6}] => C:\Program Files (x86)\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{468267DE-E9B1-4B8A-AEC7-E046AD38463A}] => C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{83724DD1-04CF-46BC-B4F0-9E03A4DBC88F}] => C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{05E61BB9-15E2-4964-ABBD-67110BF469F1}] => C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{52F974BB-5934-4D2F-A4D9-CDD1DB7042F7}] => C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 22:40:19 Geplanter Prüfpunkt
28-01-2017 00:16:51 Wiederherstellungsvorgang
28-01-2017 00:27:36 Removed amuleC
31-01-2017 03:10:37 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 18:00:48 JRT Pre-Junkware Removal
31-01-2017 22:08:48 Removed Java 8 Update 111
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 12:18:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm frst64english.exe.exe, Version 4.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19f8
Startzeit: 01d27c184eb5db84
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\frst64english.exe.exe
Berichts-ID:
Error: (01/31/2017 10:02:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Temp\AvgSetup\a6a5e221-de0b-47cf-a976-395874a5db8e\install\fmw\avgrdsttestx.exe".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 10:02:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Temp\AvgSetup\a6a5e221-de0b-47cf-a976-395874a5db8e\install\fmw\avgrdsttesta.exe".
Die abhängige Assemblierung "AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/31/2017 09:16:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (01/31/2017 09:15:02 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (01/31/2017 08:16:27 PM) (Source: NetBalancerService) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.
Error: (01/31/2017 06:18:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_6.043 (1).exe, Version 6.0.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b00
Startzeit: 01d27be5a3ca2f6e
Endzeit: 4
Anwendungspfad: C:\Users\Philipp\Downloads\adwcleaner_6.043 (1).exe
Berichts-ID:
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service iThemes5 since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/31/2017 06:00:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GubedZL since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Systemfehler:
=============
Error: (01/31/2017 09:16:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/31/2017 09:15:06 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 09:15:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000101 (0x0000000000000019, 0x0000000000000000, 0xfffff88003186180, 0x0000000000000007). Ein volles Abbild wurde gespeichert in: C:\Windows\Minidump\013117-11481-01.dmp. Berichts-ID: 013117-11481-01.
Error: (01/31/2017 09:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.01.2017 um 21:12:16 unerwartet heruntergefahren.
Error: (01/31/2017 08:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/31/2017 08:16:31 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (01/31/2017 08:15:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/31/2017 08:14:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/31/2017 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-31 19:19:11.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:11.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.871
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 19:19:10.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-31 18:22:41.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:26.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-10 22:23:25.625
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 79%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 1221.6 MB
Summe virtueller Speicher: 12151 MB
Verfügbarer virtueller Speicher: 6728.88 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:33.66 GB) NTFS
Drive f: () (Fixed) (Total:231 GB) (Free:52.23 GB) NTFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: () (Fixed) (Total:344.27 GB) (Free:106.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 21133B35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 9054A324)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20.8 GB) - (Type=27)
==================== Ende von Addition.txt ============================
Ok, I'd like you to Re-run Rogue Killer for me, make sure and delete everything found.
Rogue Killer Scan.
Download RogueKiller from one of the following links and save it to your Desktop:
Link 1
Link 2
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
2. Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.
Clean up temp files and reduce startup load with CCleaner.
Rogue Killer Scan.
Download RogueKiller from one of the following links and save it to your Desktop:
Link 1
Link 2
- Close all the running programs
- Double click on downloaded setup.exe file to install the program.
- Click on Start Scan button.
- Click on another Start Scan button.
- Wait until the Status box shows Scan Finished
- Click on Delete.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
2. Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.
Clean up temp files and reduce startup load with CCleaner.
- Download CCleaner from here.
- After install Click Options.
- Go to monitoring.
- Uncheck All Monitoring items.
- Go to advanced -- Click close program after cleaning.
- Go to settings -- click run ccleaner when the computer starts.
- Now that you have ccleaner installed and set-up:
- Open the program.
- Go to Tools
- Go to Startup
- Now double click each item. To Disable.
- Leave only your antivirus enabled.
- Then disable All items in your scheduled task as well.
- Unless they are related to windows defender.Or your antivirus.
- Reboot the machine.
FRST Fix.
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Remove these from your machine. AVG will trash your machine worse than some malware will.
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Remove these from your machine. AVG will trash your machine worse than some malware will.
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
~ ZHPCleaner v2017.2.2.22 by Nicolas Coolman (2017/02/02)
~ Run by Philipp (Administrator) (03/02/2017 00:09:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparatur
~ Report : C:\Users\Philipp\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Philipp\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Dienst. (0)
~ Alle bösartigen oder unnötige Element gefunden.
---\\ Browser. (3)
ERSETZT Google Chrome Preferences: "https://d31qbv1cthcecs.cloudfront.net/" =>.Superfluous.CloudfrontNet
ERSETZT Google Chrome Preferences: "https://d5nxst8fruw4z.cloudfront.net/" =>.Superfluous.CloudfrontNet
GEFUNDEN PARAMS: ProxyServer [46.165.193.67:5056] (User.Validation)
---\\ Datei Host. (1)
~ die Hostdatei ist legitim. (21)
---\\ Geplante Tasks (0)
~ Alle bösartigen oder unnötige Element gefunden.
---\\ Explorer (Ordner, Dateien). (45)
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\securityProtection.sqlite =>PUP.Optional.SecurityProtection
VERSCHIEBEN Datei: C:\Windows\Installer\wix{3D310F56-A7CA-441F-993E-35BF9CE0B021}.SchedServiceConfig.rmi =>.Superfluous.Empty
VERSCHIEBEN Datei: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi =>.Superfluous.Empty
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal =>.Superfluous.AkamaiHD
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage =>PUP.Optional.BestPriceNinja
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal =>PUP.Optional.BestPriceNinja
VERSCHIEBEN Ordner: C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
VERSCHIEBEN Ordner: C:\Windows\System32\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
VERSCHIEBEN Ordner: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
VERSCHIEBEN Ordner: C:\ProgramData\Microsoft\Blend =>Adware.Suspect
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI2210.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI24B4.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI30F6.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI3639.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI4A51.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI501E.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI518A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5265.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5341.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI54A9.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5AC2.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI646A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI65B3.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI672A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI6854.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI699D.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIC3AB.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSID0A9.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSID204.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE72D.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE846.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE931.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEA6A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEB36.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEC37.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_1324_16614 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_3992_292 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_5740_4189 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6184_9886 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6236_13073 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6668_13230 =>.Superfluous.Empty
---\\ Registrierung (Schlüssel, Werte, Daten). (17)
GELOSCHT key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net [618] =>.Superfluous.AkamaiHD
GELOSCHT key*: [X64] HKLM\Software\Classes\Installer\Products\9EBE2919E4C296C4E88DCCC0BCDFBB26 [IObit Apps Toolbar v10.3] =>PUP.Optional.Dealio
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\000DA0531C0A02BBDA95A383EC792D1A [C:\Program Files (x86)\amuleC1\locale\ru\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00623D37DEAF5767B144505CEFBB5103 [C:\Program Files (x86)\amuleC1\locale\ca\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D9FBBBB68EA72B35B7FFFB2B3CB4F1 [C:\Program Files (x86)\amuleC1\skins\kde4.zip (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\091417CD589D17BFFE41F439404564A2 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\logfile (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16C0F30491F3E7610D9FF0694E9EBD90 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\cryptkey.dat (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B56275EDF932276BE64060476D7D110 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\ipfilter.dat (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C9168A5C6CAEAE7C543635C6820C01C [C:\Program Files (x86)\amuleC1\docs\README.txt (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EB0D09D105CABCB19CAA60EF650CDF2 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\clients.met (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\20EFE94027E6469E91A40ACD76EF2C03 [C:\Program Files (x86)\amuleC1\docs\EC_Protocol.txt (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\21CC5D812FF58B918B34EFAD8E6173A4 [C:\Program Files (x86)\amuleC1\locale\ja\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26639C04B5A8C83570A8BD92ECD74F1E [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\known2_64.met (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27461519052532BA6B1D383FC215D076 [C:\Program Files (x86)\amuleC1\locale\zh_TW\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\290BF94EF31CDA936538AB92D7F144BC [C:\Program Files (x86)\amuleC1\locale\it_CH\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
GELOSCHT key*: [X64] HKLM\Software\Classes\Installer\Features\9EBE2919E4C296C4E88DCCC0BCDFBB26 [Flexera Software LLC] =>PUP.Optional.Dealio
---\\ Zusammenfassung der Elemente gefunden auf Ihrer workstation (12)
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.Superfluous.CloudfrontNet
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SecurityProtection
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BestPriceNinja
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>Adware.Suspect
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/pup-dealio/ =>PUP.Optional.Dealio
https://www.anti-malware.top/2016/10/11/superfluous-amulecustom/ =>.Superfluous.aMULEcustom
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
---\\ Ein anderes löschen. (68)
~ Registersleutel Tracing Geloscht (68)
~ Entfernen die alten Berichte ZHPCleaner. (0)
---\\Reparieren Check
~ Reparatur erfolgreich abgeschlossen.
~ dieser Browser fehlt (Mozilla Firefox)
~ dieser Browser fehlt (Opera Software)
---\\Statistiken
~ Elemente gescannt : 384
~ Einträge gefunden : 1
~ Elemente abgesagt : 0
~ Elemente repariert : 64
~ End of clean in 00h00mn34s
~====================
ZHPCleaner-[R]-03022017-00_10_14.txt
ZHPCleaner--03022017-00_07_58.txt
~ Run by Philipp (Administrator) (03/02/2017 00:09:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparatur
~ Report : C:\Users\Philipp\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Philipp\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Dienst. (0)
~ Alle bösartigen oder unnötige Element gefunden.
---\\ Browser. (3)
ERSETZT Google Chrome Preferences: "https://d31qbv1cthcecs.cloudfront.net/" =>.Superfluous.CloudfrontNet
ERSETZT Google Chrome Preferences: "https://d5nxst8fruw4z.cloudfront.net/" =>.Superfluous.CloudfrontNet
GEFUNDEN PARAMS: ProxyServer [46.165.193.67:5056] (User.Validation)
---\\ Datei Host. (1)
~ die Hostdatei ist legitim. (21)
---\\ Geplante Tasks (0)
~ Alle bösartigen oder unnötige Element gefunden.
---\\ Explorer (Ordner, Dateien). (45)
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\securityProtection.sqlite =>PUP.Optional.SecurityProtection
VERSCHIEBEN Datei: C:\Windows\Installer\wix{3D310F56-A7CA-441F-993E-35BF9CE0B021}.SchedServiceConfig.rmi =>.Superfluous.Empty
VERSCHIEBEN Datei: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi =>.Superfluous.Empty
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal =>.Superfluous.AkamaiHD
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage =>PUP.Optional.BestPriceNinja
VERSCHIEBEN Datei: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal =>PUP.Optional.BestPriceNinja
VERSCHIEBEN Ordner: C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
VERSCHIEBEN Ordner: C:\Windows\System32\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
VERSCHIEBEN Ordner: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
VERSCHIEBEN Ordner: C:\ProgramData\Microsoft\Blend =>Adware.Suspect
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI2210.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI24B4.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI30F6.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI3639.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI4A51.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI501E.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI518A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5265.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5341.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI54A9.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI5AC2.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI646A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI65B3.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI672A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI6854.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSI699D.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIC3AB.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSID0A9.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSID204.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE72D.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE846.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIE931.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEA6A.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEB36.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Windows\Installer\MSIEC37.tmp- =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_1324_16614 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_3992_292 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_5740_4189 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6184_9886 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6236_13073 =>.Superfluous.Empty
VERSCHIEBEN Ordner: C:\Users\Philipp\AppData\Local\Temp\chrome_BITS_6668_13230 =>.Superfluous.Empty
---\\ Registrierung (Schlüssel, Werte, Daten). (17)
GELOSCHT key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net [618] =>.Superfluous.AkamaiHD
GELOSCHT key*: [X64] HKLM\Software\Classes\Installer\Products\9EBE2919E4C296C4E88DCCC0BCDFBB26 [IObit Apps Toolbar v10.3] =>PUP.Optional.Dealio
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\000DA0531C0A02BBDA95A383EC792D1A [C:\Program Files (x86)\amuleC1\locale\ru\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00623D37DEAF5767B144505CEFBB5103 [C:\Program Files (x86)\amuleC1\locale\ca\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D9FBBBB68EA72B35B7FFFB2B3CB4F1 [C:\Program Files (x86)\amuleC1\skins\kde4.zip (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\091417CD589D17BFFE41F439404564A2 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\logfile (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16C0F30491F3E7610D9FF0694E9EBD90 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\cryptkey.dat (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B56275EDF932276BE64060476D7D110 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\ipfilter.dat (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C9168A5C6CAEAE7C543635C6820C01C [C:\Program Files (x86)\amuleC1\docs\README.txt (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EB0D09D105CABCB19CAA60EF650CDF2 [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\clients.met (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\20EFE94027E6469E91A40ACD76EF2C03 [C:\Program Files (x86)\amuleC1\docs\EC_Protocol.txt (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\21CC5D812FF58B918B34EFAD8E6173A4 [C:\Program Files (x86)\amuleC1\locale\ja\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26639C04B5A8C83570A8BD92ECD74F1E [C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\aMule\known2_64.met (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27461519052532BA6B1D383FC215D076 [C:\Program Files (x86)\amuleC1\locale\zh_TW\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\290BF94EF31CDA936538AB92D7F144BC [C:\Program Files (x86)\amuleC1\locale\it_CH\amule.mo (Not File)] =>.Superfluous.aMULEcustom
GELOSCHT key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
GELOSCHT key*: [X64] HKLM\Software\Classes\Installer\Features\9EBE2919E4C296C4E88DCCC0BCDFBB26 [Flexera Software LLC] =>PUP.Optional.Dealio
---\\ Zusammenfassung der Elemente gefunden auf Ihrer workstation (12)
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.Superfluous.CloudfrontNet
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SecurityProtection
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BestPriceNinja
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.CrashReports
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>Adware.Suspect
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://www.nicolascoolman.com/fr/pup-dealio/ =>PUP.Optional.Dealio
https://www.anti-malware.top/2016/10/11/superfluous-amulecustom/ =>.Superfluous.aMULEcustom
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
---\\ Ein anderes löschen. (68)
~ Registersleutel Tracing Geloscht (68)
~ Entfernen die alten Berichte ZHPCleaner. (0)
---\\Reparieren Check
~ Reparatur erfolgreich abgeschlossen.
~ dieser Browser fehlt (Mozilla Firefox)
~ dieser Browser fehlt (Opera Software)
---\\Statistiken
~ Elemente gescannt : 384
~ Einträge gefunden : 1
~ Elemente abgesagt : 0
~ Elemente repariert : 64
~ End of clean in 00h00mn34s
~====================
ZHPCleaner-[R]-03022017-00_10_14.txt
ZHPCleaner-
After you have posted the FRST fix.
Disable your Antivirus & Anti spyware applications!!
Download Autologger to your desktop.
Create a new folder on desktop.
Unzip it there.
Right click Autologger and run as admin.
AVZ4 will open and scan your machine, allow this to complete.
Upload Collectionlog.zip to your next reply.
Disable your Antivirus & Anti spyware applications!!
Download Autologger to your desktop.
Create a new folder on desktop.
Unzip it there.
Right click Autologger and run as admin.
AVZ4 will open and scan your machine, allow this to complete.
Upload Collectionlog.zip to your next reply.
RogueKiller V12.9.6.0 (x64) [Jan 30 2017] (Ücretsiz) by Adlice Software
mail : http://www.adlice.com/contact/
Geribildirim : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Bolg : http://www.adlice.com
İşletim Sistemi : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
-de başlatıldı : Normal mod
Kullanıcı : Philipp [Yönetici]
-den başlatıldı : C:\Program Files\RogueKiller\RogueKiller64.exe
Mod : Sil -- Tarih : 02/03/2017 00:23:59 (Süreç : 00:36:14)
¤¤¤ İşlemler : 1 ¤¤¤
[Adw.DNSUnlocker] ZAM.exe(2744) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe[7] -> Öldürüldü [TermThr]
¤¤¤ Kayıt : 145 ¤¤¤
[PUP.Ghokswa] (X86) HKEY_LOCAL_MACHINE\Software\Firefox -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDownload -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_Toolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCore -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDownload -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_Toolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCore -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Toolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Toolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\searchqutoolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\YTD -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\searchqutoolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\YTD -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\Application Updater ("C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe") -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\Application Updater ("C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe") -> Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 46.165.193.67:5056 -> Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 46.165.193.67:5056 -> Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr?clid=1818323 -> Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr?clid=1818323 -> Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm...=SAMSUNG_HM641JI_S26XJ9BB201965&ts=1350857397 -> Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm...=SAMSUNG_HM641JI_S26XJ9BB201965&ts=1350857397 -> Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) -> Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Philipp\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Philipp\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Seçilmedi
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Seçilmedi
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [x] -> Seçilmedi
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [x] -> Seçilmedi
¤¤¤ Görevler : 0 ¤¤¤
¤¤¤ Dosyalar : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Host Dosyaları : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Yüklendi) ¤¤¤
¤¤¤ Web tarayıcıları : 1 ¤¤¤
[PUP.Gen2][Firefox:Addon] q87ndktt.default : Search and New Tab by Yahoo [jid1-16aeif9OQIRKxA@jetpack] -> Seçilmedi
¤¤¤ MBR Kontrol : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 Series ATA Device +++++
--- User ---
[MBR] c394a36c7930a9924d682575f61ab5cc
[BSP] 851432715c4a2eb607f3604d5060c77b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: SAMSUNG HM641JI ATA Device +++++
--- User ---
[MBR] 5460c99fa12c0c8e521f96d5f92dff68
[BSP] 10ee15797d2d9e4ad56c0324fc70ab9a : Kiwi MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236544 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 484648960 | Size: 352537 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1206644736 | Size: 21296 MB
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Geribildirim : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Bolg : http://www.adlice.com
İşletim Sistemi : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
-de başlatıldı : Normal mod
Kullanıcı : Philipp [Yönetici]
-den başlatıldı : C:\Program Files\RogueKiller\RogueKiller64.exe
Mod : Sil -- Tarih : 02/03/2017 00:23:59 (Süreç : 00:36:14)
¤¤¤ İşlemler : 1 ¤¤¤
[Adw.DNSUnlocker] ZAM.exe(2744) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe[7] -> Öldürüldü [TermThr]
¤¤¤ Kayıt : 145 ¤¤¤
[PUP.Ghokswa] (X86) HKEY_LOCAL_MACHINE\Software\Firefox -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDownload -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_Toolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCore -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\1ClickDownload -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\APN PIP -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\DataMngr_Toolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\InstallCore -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Softonic -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\SweetIM -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Systweak -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\YTD -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\OCS -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Toolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Toolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\searchqutoolbar -> Seçilmedi
[PUP.Gen1] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\YTD -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\Search Settings -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\searchqutoolbar -> Seçilmedi
[PUP.Gen1] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\AppDataLow\Software\YTD -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\Application Updater ("C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe") -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\Application Updater ("C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe") -> Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Seçilmedi
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 46.165.193.67:5056 -> Seçilmedi
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 46.165.193.67:5056 -> Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr?clid=1818323 -> Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr?clid=1818323 -> Seçilmedi
[PUM.HomePage] (X64) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm...=SAMSUNG_HM641JI_S26XJ9BB201965&ts=1350857397 -> Seçilmedi
[PUM.HomePage] (X86) HKEY_USERS\RK_Philipp_ON_F_1F6A\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?utm_source=b&utm...=SAMSUNG_HM641JI_S26XJ9BB201965&ts=1350857397 -> Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) -> Seçilmedi
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF} | NameServer : 8.8.8.8,1.1.1.1 ([-][AU]) -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Philipp\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {154E50E9-CF46-4D5A-BADF-8FC96D69EA96} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A6284518-2AE7-4761-91DC-626726E5A8EA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\World of Warcraft\Temp\wow-4.2.0.2552-enUS-tools-downloader.exe|Name=Blizzard Downloader| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A9983C15-8D44-4140-B48E-3EB68FC61B72}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{9893247F-591F-411A-A5A0-6D1D5E2A9585}C:\users\philipp\appdata\local\temp\gw2.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\philipp\appdata\local\temp\gw2.exe|Name=Guild Wars 2 Game Client|Desc=Guild Wars 2 Game Client|Defer=User| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C59BE5A2-C54D-4576-A0CD-AE620B030618} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1EBF8FCA-8695-4942-93B1-6390A4F75E23} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe|Name=Blizzard Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BC543B4-45C4-4810-9109-911D926AEEE6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7A8EF53F-3314-4268-8BA3-12D39F61E7F4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBBE1C86-2809-4AA7-AA3B-0D5C299D7942} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {271CEEBD-7901-494F-9FE7-96C9810A94DC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {12AA3395-A2A6-4B67-8B7C-CD00E14F7365} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8DE6E3E3-18FA-4CE3-87CA-B09BA90906B5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {09BB82F7-18E0-405D-8642-6E4AA7CEE361} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F93E54A2-C3FE-4F80-83DC-C434D5242BE4} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DBE3F464-04DC-470E-A92C-274B34722CB9} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Philipp\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AD41DB8E-80E7-431A-AE68-4050D1F40387} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_F_29C0\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D1FC718B-D72D-4EF5-96ED-E90A0B1C6A0E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4B2D6E05-483D-49F1-A66B-E23EE778AD00} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98D741DB-0D81-4D75-93F9-AA7BCE9ED5DA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D805F393-DF9F-42DB-8BD8-A10435FFD59E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7CF97D17-A8A2-4D7E-9BEC-6243047FB5BF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CBA6CFE4-87DA-4C0B-9DD5-CB24264D153C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1F8EFC10-91D2-4DEF-9300-AA828DE18B26} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65D1CA79-73C8-4C1C-A396-55114CC5C61C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E300A00-EF29-4879-AD3F-8C035C177F2F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{C6D4FEE5-DA5E-4896-BBC1-4C31C77A28FE}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{F9912598-2E9B-4960-B43A-8E1CFC69772C}C:\programdata\battle.net\agent\agent.2689\agent.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\battle.net\agent\agent.2689\agent.exe|Name=Battle.net Update Agent|Desc=Battle.net Update Agent|Edge=TRUE|Defer=App| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A267BF-9BD3-4856-88D1-A924CF38EFBC} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {04756382-6EB7-495C-85E9-516EED38F5FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3363AF0F-0FAE-4932-9BDC-F768D750CD20} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FF75CEDC-9CF5-481D-9063-269F7C9A3EEB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FBF504C5-7660-4CA0-9461-EE1588F6F15D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9B3BB61E-72AA-4C6A-9524-F08E717DB6BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2BA43725-5873-4C4B-B214-D17575BED6C1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BE1D182-5C1A-4012-8196-D78F15784A37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C5343D04-4C9B-4307-A77C-075B8B2C9E8F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B29A6550-56A1-491E-BB46-A0863A286D3F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8FCE413C-7C8F-49D2-97AB-12AF69EBBE36} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6D6C39D8-B4DC-471E-AD24-04DB637E2F52} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D746C5F2-5646-488A-AA6A-9EFCB544C556} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {ECACD096-AD74-4AA4-A843-FDFB10ED1EE7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B57AD082-017F-4128-AF5E-A02D6F3AE087} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {07A18F29-12BC-4AAB-A245-B4291010C345} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {98CFEB0B-2567-4974-AD58-360ED70FB0BB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D3C6F70D-7E00-41A4-9628-1D22289A2534} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6C27E94F-9B54-4A90-9F4C-FBF097292328} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C07014D5-340A-473A-8A73-C045C7E3989F} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe|Name=Battle.net Update Agent| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {05E61BB9-15E2-4964-ABBD-67110BF469F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe|Name=Update service| [x] -> Seçilmedi
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {52F974BB-5934-4D2F-A4D9-CDD1DB7042F7} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Seçilmedi
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Seçilmedi
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Seçilmedi
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [x] -> Seçilmedi
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_F_1F6C\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [x] -> Seçilmedi
¤¤¤ Görevler : 0 ¤¤¤
¤¤¤ Dosyalar : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Host Dosyaları : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Yüklendi) ¤¤¤
¤¤¤ Web tarayıcıları : 1 ¤¤¤
[PUP.Gen2][Firefox:Addon] q87ndktt.default : Search and New Tab by Yahoo [jid1-16aeif9OQIRKxA@jetpack] -> Seçilmedi
¤¤¤ MBR Kontrol : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 Series ATA Device +++++
--- User ---
[MBR] c394a36c7930a9924d682575f61ab5cc
[BSP] 851432715c4a2eb607f3604d5060c77b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: SAMSUNG HM641JI ATA Device +++++
--- User ---
[MBR] 5460c99fa12c0c8e521f96d5f92dff68
[BSP] 10ee15797d2d9e4ad56c0324fc70ab9a : Kiwi MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236544 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 484648960 | Size: 352537 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1206644736 | Size: 21296 MB
User = LL1 ... OK
User = LL2 ... OK
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Philipp (03-02-2017 01:03:23) Run:1
Running from C:\Users\Philipp\Desktop\Neuer Ordner
Loaded Profiles: Philipp (Available Profiles: Philipp)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Closeprocesses:
CreateRestorePoint:
Emptytemp:
RemoveProxy:
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {6220FCAE-162D-4042-AB17-6973161CECC9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
C:\Windows\system32\GWX
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9645015F-A137-47D1-9CBA-B0531A2EE4AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A61D7A33-8B39-49F9-B558-12B1D500CA5F} - System32\Tasks\WinTOOL => C:\ProgramData\wintools\WintoolUprI.exe
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => Keine Datei
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => Keine Datei
IFEO\MRT.exe: [Debugger] C:\Windows\TEMP\wea99E1.tmp\Gubed.exe -Yrrehs
C:\Program Files (x86)\IObit
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
URLSearchHook: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 - (Kein Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {1F618914-7A35-432E-BE19-45C108B76D6F} URL = hxxp://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&fl=1&vl=lang_tr&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {4C84612E-4AD3-4561-9D1E-D8D077D411AB} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Kein Name -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FF NewTab: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice
FF Homepage: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF Keyword.URL: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17] [ist nicht signiert]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml [2017-01-22]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF user.js: detected! => C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js [2017-01-17]
FF NewTab: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF DefaultSearchUrl: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF Homepage: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.searchinme.com/?type=hp&ts=1484761039475&z=&from=official&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
FF Keyword.URL: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Extension: (FF Adr) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-01-18] [ist nicht signiert]
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-18] [ist nicht signiert]
FF Extension: (Firefox Hotfix) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: (English (US) Language Pack) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-01-18] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml [2017-01-16]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\searchinme.xml [2017-01-18]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg"
CHR Extension: (https://www.facebook.com/) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2014-11-16]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-01]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (Video Download Helper) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx <nicht gefunden>
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [721408 2017-01-22] () [Datei ist nicht signiert]
C:\Program Files (x86)\WinArcher
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [106160 2017-01-18] ()
C:\Program Files (x86)\Firefox
R2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [155136 2017-01-23] () [Datei ist nicht signiert]
R2 Gubed_WMI; C:\Program Files (x86)\Gubed_WMI\Gubed_WMI.exe [109056 2016-12-23] () [Datei ist nicht signiert]
C:\Program Files (x86)\Gubed
R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [566272 2017-01-25] () [Datei ist nicht signiert] <==== ACHTUNG
C:\Program Files (x86)\Common Files\Services\iThemes.dll
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
C:\Program Files (x86)\IObit
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
C:\Program Files (x86)\AVG
C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-02-01 00:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
C:\Program Files (x86)\Cuppat
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
reboot:
end
*****************
Processes closed successfully.
Restore point was successfully created.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key removed successfully
C:\Windows\System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F74156E-5C02-4302-B31E-378AF64F0780} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key removed successfully
C:\Windows\System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AD94776-848A-4574-A0AE-35DD77108857} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD94776-848A-4574-A0AE-35DD77108857} => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6220FCAE-162D-4042-AB17-6973161CECC9} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
C:\Windows\system32\GWX => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key removed successfully
C:\Windows\System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1483BBE9-6C43-420B-BCA7-97229B092656} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key removed successfully
C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85AE1598-1934-4800-88DE-2070662EBA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85AE1598-1934-4800-88DE-2070662EBA52} => key removed successfully
C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_MKC_Logon_Task_itype.exe => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9645015F-A137-47D1-9CBA-B0531A2EE4AD} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key removed successfully
C:\Windows\System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key removed successfully
C:\Windows\System32\Tasks\SUPBackground => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61D7A33-8B39-49F9-B558-12B1D500CA5F} => key not found.
C:\Windows\System32\Tasks\WinTOOL => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTOOL => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B64BD4E4-A656-40D9-871D-7456C350A532} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64BD4E4-A656-40D9-871D-7456C350A532} => key removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key removed successfully
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe => moved successfully
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2265df16-a931-11e3-b156-001bb1fb806a} => key removed successfully
HKCR\CLSID\{2265df16-a931-11e3-b156-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{513fb52a-fbb6-11e3-8c6a-001bb1fb806a} => key removed successfully
HKCR\CLSID\{513fb52a-fbb6-11e3-8c6a-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c844a5e-08c5-11e3-9f11-001bb1fb806a} => key removed successfully
HKCR\CLSID\{5c844a5e-08c5-11e3-9f11-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dff3592-0827-11e3-9da5-f7c11e16234c} => key removed successfully
HKCR\CLSID\{5dff3592-0827-11e3-9da5-f7c11e16234c} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 8 => value removed successfully
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value data not found.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value data not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MRT.exe => key not found.
C:\Program Files (x86)\IObit => moved successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}\\NameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\Wow6432Node\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F618914-7A35-432E-BE19-45C108B76D6F} => key not found.
HKCR\CLSID\{1F618914-7A35-432E-BE19-45C108B76D6F} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C84612E-4AD3-4561-9D1E-D8D077D411AB} => key not found.
HKCR\CLSID\{4C84612E-4AD3-4561-9D1E-D8D077D411AB} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} => key not found.
HKCR\CLSID\{5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => key not found.
HKCR\Wow6432Node\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com => key not found.
HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
FF NewTab: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice => not found
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice => not found
FF Homepage: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF Keyword.URL: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => path removed successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => path removed successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi => moved successfully
"C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml" => not found.
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js => not found.
FF NewTab: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF DefaultSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF DefaultSearchUrl: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF SelectedSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF Homepage: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.searchinme.com/?type=hp&ts=1484761039475&z=&from=official&uid=SamsungXSSDX840XSeries_S19MNSAD653469E => not found
FF Keyword.URL: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\searchinme.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml" => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_start@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\arthurj8283@gmail.com => value removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\MozillaPlugins\ubisoft.com/uplaypc => key removed successfully
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => not found.
Chrome HomePage => not found.
Chrome StartupUrls => not found.
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh => key not found.
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp => key not found.
Archer => service not found.
"C:\Program Files (x86)\WinArcher" => not found.
FirefoxU => service not found.
"C:\Program Files (x86)\Firefox" => not found.
GubedZL => service not found.
Gubed_WMI => service not found.
"C:\Program Files (x86)\Gubed" => not found.
iThemes5 => service not found.
"C:\Program Files (x86)\Common Files\Services\iThemes.dll" => not found.
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => key removed successfully
LiveUpdateSvc => service removed successfully
"C:\Program Files (x86)\IObit" => not found.
avgsvc => service not found.
C:\Program Files (x86)\AVG => moved successfully
"C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll" => not found.
HKLM\System\CurrentControlSet\Services\rpcapd => key removed successfully
rpcapd => service removed successfully
TuneUpUtilitiesDrv => service not found.
HKLM\System\CurrentControlSet\Services\aswHdsKe => key removed successfully
aswHdsKe => service removed successfully
HKLM\System\CurrentControlSet\Services\BRDriver64_1_3_3_E02B25FC => key removed successfully
BRDriver64_1_3_3_E02B25FC => service removed successfully
HKLM\System\CurrentControlSet\Services\EagleX64 => key removed successfully
EagleX64 => service removed successfully
HKLM\System\CurrentControlSet\Services\vpnva => key removed successfully
vpnva => service removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp" => not found.
"C:\Windows\system32\TURegOpt.exe" => not found.
"C:\Windows\system32\authuitu.dll" => not found.
"C:\Windows\SysWOW64\authuitu.dll" => not found.
"C:\Users\Public\Desktop\AVG.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen" => not found.
"C:\Program Files (x86)\AVG" => not found.
"C:\Windows\System32\Tasks\AVG EUpdate Task" => not found.
C:\Users\Philipp\AppData\Local\AvgSetupLog => moved successfully
C:\Users\Philipp\AppData\Local\Avg => moved successfully
C:\ProgramData\Avg => moved successfully
C:\Program Files (x86)\UltimateShoppingSearch => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
"C:\Program Files (x86)\IObit" => not found.
C:\Windows\Minidump\013117-11481-01.dmp => moved successfully
C:\Windows\Minidump => moved successfully
C:\Windows\system32\log => moved successfully
C:\Program Files (x86)\Yahoo! => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key not found.
C:\Windows\System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F74156E-5C02-4302-B31E-378AF64F0780} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} => key not found.
C:\Windows\System32\Tasks\AVG EUpdate Task => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG EUpdate Task => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key not found.
C:\Windows\System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD94776-848A-4574-A0AE-35DD77108857} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key not found.
C:\Windows\System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1483BBE9-6C43-420B-BCA7-97229B092656} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key not found.
C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74CA4679-074A-4E10-8222-FCEC9691901F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74CA4679-074A-4E10-8222-FCEC9691901F} => key removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key not found.
C:\Windows\System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key not found.
C:\Windows\System32\Tasks\SUPBackground => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64BD4E4-A656-40D9-871D-7456C350A532} => key not found.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB2885EB-93BB-43CE-AF9D-8126074614B3} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key not found.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E30865BE-0448-4595-A5C6-CB203265BCD6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E30865BE-0448-4595-A5C6-CB203265BCD6} => key removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => not found.
"c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll" => not found.
"C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll" => not found.
C:\Program Files (x86)\Cuppat\Application\libglesv2.dll => moved successfully
C:\Program Files (x86)\Cuppat\Application\libegl.dll => moved successfully
C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll => moved successfully
C:\Program Files (x86)\Cuppat => moved successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui => key removed successfully
C:\Users\Philipp\AppData\Roaming\Thumbs.db => moved successfully
C:\Users\Philipp\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1} => moved successfully
C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F} => moved successfully
C:\Users\Public\D3DX9_37.dll => moved successfully
C:\Users\Public\xinput1_3.dll => moved successfully
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= netsh advfirewall reset =========
OK.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= End of CMD: =========
========= netsh winsock reset catalog =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= End of CMD: =========
========= netsh int ip reset c:\resetlog.txt =========
Global wird zurckgesetzt, OK!
Schnittstelle wird zurckgesetzt, OK!
Unicastadresse wird zurckgesetzt, OK!
Route wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= ipconfig /release =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf Drahtlosnetzwerkverbindung 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix: www.youtube.de
IPv6-Adresse. . . . . . . . . . . : 2620:9b::191e:9649
Verbindungslokale IPv6-Adresse . : fe80::499e:3325:fea6:3498%21
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::a597:d9e3:f83e:e196%15
Standardgateway . . . . . . . . . :
========= End of CMD: =========
========= ipconfig /renew =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf LAN-Verbindung ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf Drahtlosnetzwerkverbindung 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix: www.youtube.de
IPv6-Adresse. . . . . . . . . . . : 2620:9b::191e:9649
Verbindungslokale IPv6-Adresse . : fe80::499e:3325:fea6:3498%21
IPv4-Adresse . . . . . . . . . . : 25.30.150.73
Subnetzmaske . . . . . . . . . . : 255.0.0.0
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::a597:d9e3:f83e:e196%15
IPv4-Adresse . . . . . . . . . . : 192.168.0.100
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.0.1
========= End of CMD: =========
========= netsh int ipv4 reset =========
Schnittstelle wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Schnittstelle wird zurckgesetzt, OK!
Unicastadresse wird zurckgesetzt, OK!
Route wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {45382896-53DE-4301-9C8E-DB783E57F6C3}.
0 out of 1 jobs canceled.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5001535 B
Java, Flash, Steam htmlcache => 460749227 B
Windows/system/drivers => 64791865 B
Edge => 0 B
Chrome => 338944923 B
Firefox => 135174023 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42320371 B
systemprofile32 => 1473 B
LocalService => 115860 B
NetworkService => 98560 B
Philipp => 1111642348 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 01:05:48 ====
Ran by Philipp (03-02-2017 01:03:23) Run:1
Running from C:\Users\Philipp\Desktop\Neuer Ordner
Loaded Profiles: Philipp (Available Profiles: Philipp)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Closeprocesses:
CreateRestorePoint:
Emptytemp:
RemoveProxy:
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {6220FCAE-162D-4042-AB17-6973161CECC9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
C:\Windows\system32\GWX
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {85AE1598-1934-4800-88DE-2070662EBA52} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9645015F-A137-47D1-9CBA-B0531A2EE4AD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A61D7A33-8B39-49F9-B558-12B1D500CA5F} - System32\Tasks\WinTOOL => C:\ProgramData\wintools\WintoolUprI.exe
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {2265df16-a931-11e3-b156-001bb1fb806a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {513fb52a-fbb6-11e3-8c6a-001bb1fb806a} - E:\autorun.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5c844a5e-08c5-11e3-9f11-001bb1fb806a} - D:\setup.exe
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\MountPoints2: {5dff3592-0827-11e3-9da5-f7c11e16234c} - D:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => Keine Datei
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => Keine Datei
IFEO\MRT.exe: [Debugger] C:\Windows\TEMP\wea99E1.tmp\Gubed.exe -Yrrehs
C:\Program Files (x86)\IObit
ProxyServer: [S-1-5-21-3041798318-2634963116-1215314133-1000] => 46.165.193.67:5056
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}: [NameServer] 8.8.8.8,1.1.1.1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439801536&from=mych123&uid=samsungxssdx840xseries_s19mnsad653469e&z=b2df7eec454393cf996b982gazbc0tbb6e2g3w3ccb
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
URLSearchHook: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 - (Kein Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Keine Datei
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {1F618914-7A35-432E-BE19-45C108B76D6F} URL = hxxp://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&fl=1&vl=lang_tr&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1484592351&z=333dd69f3d02d97ff6c7535gdz3bbzbw3t1occ4wfg&from=archer1028&uid=SamsungXSSDX840XSeries_S19MNSAD653469E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1431342801&from=zzgbkk123&uid=samsungxssdx840xseries_s19mnsad653469e&z=2786be88f055d58044b1affg7zec6g9cbz3o5b5e5o&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {4C84612E-4AD3-4561-9D1E-D8D077D411AB} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} URL =
SearchScopes: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Kein Name -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FF NewTab: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice
FF Homepage: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF Keyword.URL: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-17] [ist nicht signiert]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml [2017-01-22]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF user.js: detected! => C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js [2017-01-17]
FF NewTab: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
FF DefaultSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF DefaultSearchUrl: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck
FF Homepage: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.searchinme.com/?type=hp&ts=1484761039475&z=&from=official&uid=SamsungXSSDX840XSeries_S19MNSAD653469E
FF Keyword.URL: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Extension: (FF Adr) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-01-18] [ist nicht signiert]
FF Extension: (xRocket Toolbar) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com [2017-01-18] [ist nicht signiert]
FF Extension: (Firefox Hotfix) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26]
FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi [2016-11-20]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-19]
FF Extension: (English (US) Language Pack) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-01-18] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml [2017-01-16]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml [2017-01-17]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml [2016-06-21]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\searchinme.xml [2017-01-18]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\57p5pubn.default\extensions\quick_start@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\detgdp@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\extensions\arthurj8283@gmail.com
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3041798318-2634963116-1215314133-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg"
CHR Extension: (https://www.facebook.com/) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2014-11-16]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-01]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (Video Download Helper) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah [2014-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx <nicht gefunden>
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [721408 2017-01-22] () [Datei ist nicht signiert]
C:\Program Files (x86)\WinArcher
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [106160 2017-01-18] ()
C:\Program Files (x86)\Firefox
R2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [155136 2017-01-23] () [Datei ist nicht signiert]
R2 Gubed_WMI; C:\Program Files (x86)\Gubed_WMI\Gubed_WMI.exe [109056 2016-12-23] () [Datei ist nicht signiert]
C:\Program Files (x86)\Gubed
R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [566272 2017-01-25] () [Datei ist nicht signiert] <==== ACHTUNG
C:\Program Files (x86)\Common Files\Services\iThemes.dll
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
C:\Program Files (x86)\IObit
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
C:\Program Files (x86)\AVG
C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
2017-02-01 00:25 - 2017-02-01 00:25 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-01-31 22:05 - 2017-01-31 22:05 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-01-31 22:05 - 2017-01-31 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-01-31 22:05 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-01-31 22:05 - 2017-01-09 16:39 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-01-31 22:05 - 2017-01-09 16:39 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2017-01-31 22:03 - 2017-01-31 22:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-31 22:03 - 2017-01-31 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-31 22:02 - 2017-01-31 22:04 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-31 22:02 - 2017-01-31 22:02 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\AvgSetupLog
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\Users\Philipp\AppData\Local\Avg
2017-01-31 22:01 - 2017-01-31 22:04 - 00000000 ____D C:\ProgramData\Avg
2017-01-31 22:01 - 2017-01-31 22:01 - 00000000 ____D C:\Program Files (x86)\UltimateShoppingSearch
2017-02-01 00:41 - 2014-02-23 11:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 22:07 - 2013-10-08 16:19 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-31 21:14 - 2016-10-30 12:58 - 00302501 ____N C:\Windows\Minidump\013117-11481-01.dmp
2017-01-31 21:14 - 2013-08-18 17:58 - 00000000 ____D C:\Windows\Minidump
2017-01-31 20:14 - 2014-04-25 12:00 - 00000000 ____D C:\Windows\system32\log
2017-01-31 20:02 - 2016-11-19 19:27 - 00000000 ____D C:\Program Files (x86)\Yahoo!
Task: {1DAFFC61-3EF0-4495-84D1-F1569C723896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} - System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => pcalua.exe -a "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "C:\Users\Philipp\Desktop\Call of Duty 4 - Modern Warfare"
Task: {2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} - System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => C:\Users\Philipp\Desktop\Battlefield 3 cd1\Setup.exe
Task: {5AD94776-848A-4574-A0AE-35DD77108857} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {69796D42-6E7A-400E-ABED-6E89C0747C6A} - System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\steamservice.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\runasadmin.vdf" 34030
Task: {6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\Game Booster 3\AutoUpdate.exe
Task: {74CA4679-074A-4E10-8222-FCEC9691901F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-01-09] (AVG Technologies CZ, s.r.o.)
Task: {958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-06-06] (Microsoft Corporation)
Task: {9CEA9C83-B856-4975-8C0F-FE0D185A205D} - System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => pcalua.exe -a C:\Users\Philipp\Downloads\pulsingcolorsviz.exe -d C:\Users\Philipp\Downloads
Task: {A00325D4-D3C1-430E-B1F6-DCFCF85658C8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {A0173E21-C978-4EA4-A189-7FA5617412B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B64BD4E4-A656-40D9-871D-7456C350A532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BB2885EB-93BB-43CE-AF9D-8126074614B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {D7EC70C1-9A44-4010-93E1-A25B01C49C7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {E30865BE-0448-4595-A5C6-CB203265BCD6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Cuppat\Application\libglesv2.dll
2016-11-10 23:33 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Cuppat\Application\libegl.dll
2017-01-13 20:49 - 2017-01-13 20:49 - 17835096 _____ () C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
C:\Program Files (x86)\Cuppat
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\...\100sexlinks.com -> 100sexlinks.com
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
2013-12-19 13:14 - 2013-12-19 13:14 - 0041984 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2013-12-31 10:53 - 2013-12-31 10:53 - 0001472 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2014-08-01 09:53 - 2014-08-01 09:53 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1}
2016-07-11 09:03 - 2016-07-11 09:03 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F}
C:\Users\Public\D3DX9_37.dll
C:\Users\Public\xinput1_3.dll
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
reboot:
end
*****************
Processes closed successfully.
Restore point was successfully created.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\RK_Philipp_ON_F_1F6A\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key removed successfully
C:\Windows\System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F74156E-5C02-4302-B31E-378AF64F0780} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key removed successfully
C:\Windows\System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AD94776-848A-4574-A0AE-35DD77108857} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD94776-848A-4574-A0AE-35DD77108857} => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6220FCAE-162D-4042-AB17-6973161CECC9} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
C:\Windows\system32\GWX => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key removed successfully
C:\Windows\System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1483BBE9-6C43-420B-BCA7-97229B092656} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key removed successfully
C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85AE1598-1934-4800-88DE-2070662EBA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85AE1598-1934-4800-88DE-2070662EBA52} => key removed successfully
C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_MKC_Logon_Task_itype.exe => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9645015F-A137-47D1-9CBA-B0531A2EE4AD} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key removed successfully
C:\Windows\System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key removed successfully
C:\Windows\System32\Tasks\SUPBackground => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61D7A33-8B39-49F9-B558-12B1D500CA5F} => key not found.
C:\Windows\System32\Tasks\WinTOOL => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTOOL => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B64BD4E4-A656-40D9-871D-7456C350A532} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64BD4E4-A656-40D9-871D-7456C350A532} => key removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key removed successfully
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe => moved successfully
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2265df16-a931-11e3-b156-001bb1fb806a} => key removed successfully
HKCR\CLSID\{2265df16-a931-11e3-b156-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{513fb52a-fbb6-11e3-8c6a-001bb1fb806a} => key removed successfully
HKCR\CLSID\{513fb52a-fbb6-11e3-8c6a-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c844a5e-08c5-11e3-9f11-001bb1fb806a} => key removed successfully
HKCR\CLSID\{5c844a5e-08c5-11e3-9f11-001bb1fb806a} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dff3592-0827-11e3-9da5-f7c11e16234c} => key removed successfully
HKCR\CLSID\{5dff3592-0827-11e3-9da5-f7c11e16234c} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 8 => value removed successfully
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value data not found.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value data not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MRT.exe => key not found.
C:\Program Files (x86)\IObit => moved successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{416F4EA8-7EBE-4A41-BD73-DD7E680B9773}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86E2278C-9D4E-452E-A530-758555FCFA95}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B7ACAEB6-863B-46ED-A180-28629DDF698D}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CAFCA011-AF78-404E-B7ED-C6ECA9CFCAEA}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F1198B90-493F-4495-879E-89672178C3BF}\\NameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\Wow6432Node\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F618914-7A35-432E-BE19-45C108B76D6F} => key not found.
HKCR\CLSID\{1F618914-7A35-432E-BE19-45C108B76D6F} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C84612E-4AD3-4561-9D1E-D8D077D411AB} => key not found.
HKCR\CLSID\{4C84612E-4AD3-4561-9D1E-D8D077D411AB} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} => key not found.
HKCR\CLSID\{5D4E1ED7-9C0F-4634-A78A-569B1ED9EC0C} => key not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => key not found.
HKCR\Wow6432Node\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com => key not found.
HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
FF NewTab: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice => not found
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\q87ndktt.default -> nice => not found
FF Homepage: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF Keyword.URL: Mozilla\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => path removed successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => path removed successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi => moved successfully
"C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml" => not found.
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml => moved successfully
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\user.js => not found.
FF NewTab: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.nicesearches.com?type=hp&ts=1479229082&from=3e881114&uid=samsungxssdx840xseries_s19mnsad653469e&z=0144affb50a92f61e40d0d9gdz4m2t0o8o9t7ebbbg => not found
FF DefaultSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF DefaultSearchUrl: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF SelectedSearchEngine: Firefox\Firefox\Profiles\q87ndktt.default -> luck => not found
FF Homepage: Firefox\Firefox\Profiles\q87ndktt.default -> hxxp://www.searchinme.com/?type=hp&ts=1484761039475&z=&from=official&uid=SamsungXSSDX840XSeries_S19MNSAD653469E => not found
FF Keyword.URL: Firefox\Firefox\Profiles\q87ndktt.default -> hxxps://www.google.com/search/?trackid=sp-006 => not found
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\arthurj8283@gmail.com => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\firefox-hotfix@mozilla.org.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\info@convert2mp3.net.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi => not found.
C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\amisites.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\luck.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\nice-.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\searchinme.xml" => not found.
"C:\Users\Philipp\AppData\Roaming\Firefox\Firefox\Profiles\q87ndktt.default\searchplugins\v9-.xml" => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_start@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\arthurj8283@gmail.com => value removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\MozillaPlugins\ubisoft.com/uplaypc => key removed successfully
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => not found.
Chrome HomePage => not found.
Chrome StartupUrls => not found.
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcccbolclahdbkahlppenfodnheapah => not found
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh => key not found.
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp => key not found.
Archer => service not found.
"C:\Program Files (x86)\WinArcher" => not found.
FirefoxU => service not found.
"C:\Program Files (x86)\Firefox" => not found.
GubedZL => service not found.
Gubed_WMI => service not found.
"C:\Program Files (x86)\Gubed" => not found.
iThemes5 => service not found.
"C:\Program Files (x86)\Common Files\Services\iThemes.dll" => not found.
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => key removed successfully
LiveUpdateSvc => service removed successfully
"C:\Program Files (x86)\IObit" => not found.
avgsvc => service not found.
C:\Program Files (x86)\AVG => moved successfully
"C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll" => not found.
HKLM\System\CurrentControlSet\Services\rpcapd => key removed successfully
rpcapd => service removed successfully
TuneUpUtilitiesDrv => service not found.
HKLM\System\CurrentControlSet\Services\aswHdsKe => key removed successfully
aswHdsKe => service removed successfully
HKLM\System\CurrentControlSet\Services\BRDriver64_1_3_3_E02B25FC => key removed successfully
BRDriver64_1_3_3_E02B25FC => service removed successfully
HKLM\System\CurrentControlSet\Services\EagleX64 => key removed successfully
EagleX64 => service removed successfully
HKLM\System\CurrentControlSet\Services\vpnva => key removed successfully
vpnva => service removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp" => not found.
"C:\Windows\system32\TURegOpt.exe" => not found.
"C:\Windows\system32\authuitu.dll" => not found.
"C:\Windows\SysWOW64\authuitu.dll" => not found.
"C:\Users\Public\Desktop\AVG.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen" => not found.
"C:\Program Files (x86)\AVG" => not found.
"C:\Windows\System32\Tasks\AVG EUpdate Task" => not found.
C:\Users\Philipp\AppData\Local\AvgSetupLog => moved successfully
C:\Users\Philipp\AppData\Local\Avg => moved successfully
C:\ProgramData\Avg => moved successfully
C:\Program Files (x86)\UltimateShoppingSearch => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
"C:\Program Files (x86)\IObit" => not found.
C:\Windows\Minidump\013117-11481-01.dmp => moved successfully
C:\Windows\Minidump => moved successfully
C:\Windows\system32\log => moved successfully
C:\Program Files (x86)\Yahoo! => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DAFFC61-3EF0-4495-84D1-F1569C723896} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E0F572-4BCA-4EEC-A9A5-2D830CFA9E96} => key not found.
C:\Windows\System32\Tasks\{4F74156E-5C02-4302-B31E-378AF64F0780} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F74156E-5C02-4302-B31E-378AF64F0780} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FA7325B-6E8F-41C0-BD24-7A4D8F5E959C} => key not found.
C:\Windows\System32\Tasks\AVG EUpdate Task => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG EUpdate Task => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31D1AFD7-FE73-42F7-8C56-CE56B4EE2076} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{501CE107-2313-4E8F-BDC8-7CA2EDD7EBE6} => key not found.
C:\Windows\System32\Tasks\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5CC848DF-F2F0-4C76-8299-F30E2EC5C77C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD94776-848A-4574-A0AE-35DD77108857} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69796D42-6E7A-400E-ABED-6E89C0747C6A} => key not found.
C:\Windows\System32\Tasks\{1483BBE9-6C43-420B-BCA7-97229B092656} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1483BBE9-6C43-420B-BCA7-97229B092656} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD57B76-ED4E-4186-864B-C3D8A0F1B7B3} => key not found.
C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74CA4679-074A-4E10-8222-FCEC9691901F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74CA4679-074A-4E10-8222-FCEC9691901F} => key removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958C25CA-C68C-47FD-B09B-8BA6D19BA2C7} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CEA9C83-B856-4975-8C0F-FE0D185A205D} => key not found.
C:\Windows\System32\Tasks\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB987285-0C54-468D-BC8C-2D27676CFAF0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00325D4-D3C1-430E-B1F6-DCFCF85658C8} => key not found.
C:\Windows\System32\Tasks\SUPBackground => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0173E21-C978-4EA4-A189-7FA5617412B9} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64BD4E4-A656-40D9-871D-7456C350A532} => key not found.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB2885EB-93BB-43CE-AF9D-8126074614B3} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EC70C1-9A44-4010-93E1-A25B01C49C7D} => key not found.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E30865BE-0448-4595-A5C6-CB203265BCD6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E30865BE-0448-4595-A5C6-CB203265BCD6} => key removed successfully
C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => not found.
"c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll" => not found.
"C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll" => not found.
C:\Program Files (x86)\Cuppat\Application\libglesv2.dll => moved successfully
C:\Program Files (x86)\Cuppat\Application\libegl.dll => moved successfully
C:\Users\Philipp\AppData\Local\Cuppat\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll => moved successfully
C:\Program Files (x86)\Cuppat => moved successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net => key removed successfully
HKU\S-1-5-21-3041798318-2634963116-1215314133-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui => key removed successfully
C:\Users\Philipp\AppData\Roaming\Thumbs.db => moved successfully
C:\Users\Philipp\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Philipp\AppData\Local\{6C70D7F2-E50B-475B-AD48-51E2586180D1} => moved successfully
C:\Users\Philipp\AppData\Local\{82BEEB85-1B4A-4EE7-92A9-DFC693E3988F} => moved successfully
C:\Users\Public\D3DX9_37.dll => moved successfully
C:\Users\Public\xinput1_3.dll => moved successfully
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= netsh advfirewall reset =========
OK.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= End of CMD: =========
========= netsh winsock reset catalog =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= End of CMD: =========
========= netsh int ip reset c:\resetlog.txt =========
Global wird zurckgesetzt, OK!
Schnittstelle wird zurckgesetzt, OK!
Unicastadresse wird zurckgesetzt, OK!
Route wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= ipconfig /release =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf Drahtlosnetzwerkverbindung 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix: www.youtube.de
IPv6-Adresse. . . . . . . . . . . : 2620:9b::191e:9649
Verbindungslokale IPv6-Adresse . : fe80::499e:3325:fea6:3498%21
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::a597:d9e3:f83e:e196%15
Standardgateway . . . . . . . . . :
========= End of CMD: =========
========= ipconfig /renew =========
Windows-IP-Konfiguration
Es kann kein Vorgang auf LAN-Verbindung ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Es kann kein Vorgang auf Drahtlosnetzwerkverbindung 2 ausgefhrt werden, solange dessen Medium nicht
verbunden ist.
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix: www.youtube.de
IPv6-Adresse. . . . . . . . . . . : 2620:9b::191e:9649
Verbindungslokale IPv6-Adresse . : fe80::499e:3325:fea6:3498%21
IPv4-Adresse . . . . . . . . . . : 25.30.150.73
Subnetzmaske . . . . . . . . . . : 255.0.0.0
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Verbindungslokale IPv6-Adresse . : fe80::a597:d9e3:f83e:e196%15
IPv4-Adresse . . . . . . . . . . : 192.168.0.100
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.0.1
========= End of CMD: =========
========= netsh int ipv4 reset =========
Schnittstelle wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Schnittstelle wird zurckgesetzt, OK!
Unicastadresse wird zurckgesetzt, OK!
Route wird zurckgesetzt, OK!
Starten Sie den Computer neu, um die Aktion abzuschlieáen.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {45382896-53DE-4301-9C8E-DB783E57F6C3}.
0 out of 1 jobs canceled.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5001535 B
Java, Flash, Steam htmlcache => 460749227 B
Windows/system/drivers => 64791865 B
Edge => 0 B
Chrome => 338944923 B
Firefox => 135174023 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42320371 B
systemprofile32 => 1473 B
LocalService => 115860 B
NetworkService => 98560 B
Philipp => 1111642348 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 01:05:48 ====
- Status