| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rootkit und vermutlich TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.10.2016, 22:25
| #1 |
 |  Rootkit und vermutlich Trojaner Habe mich mal auf anweisung(http://www.trojaner-board.de/182318-...ten-orten.html) wieder hierher begeben. Hatte meinen thread ursprünglich hier erstellt wurde aber offensichtlich missverstanden.Es geht hierbei keineswegs um ein Problem mit meinem Handy als vielmehr um ein Problem befindlich auf meinem Pc (Das Handy war nur deas unbekannte Gerät über welches sich eingeloggt wurde).Dachte das es schon richtig sein wird , wurde aber mit meinen logs wieder hierhergelotst ^^. Hier die Logs: Malwarebytes anti Rootkit: Hat als Antwort ausgegeben das es nichts gefunden hat und sich darauf hin komischerweise aufgehängt :/ Gmer: [CODE] GMER Logfile: Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-10-16 22:46:15
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 WDC_WD30EZRX-00AZ6B0 rev.80.00A80 2794,52GB
Running: gmer-2.2.19882.exe; Driver: C:\Users\Philip\AppData\Local\Temp\kfadyfow.sys
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\svchost.exe [440:1920] 00007ffab80c41f0
Thread C:\WINDOWS\system32\svchost.exe [440:2016] 00007ffab7c541f0
Thread C:\WINDOWS\system32\svchost.exe [440:2020] 00007ffab7c595d0
Thread C:\WINDOWS\system32\svchost.exe [440:2296] 00007ffab01739b0
Thread C:\WINDOWS\system32\svchost.exe [440:2928] 00007ffab0131a50
Thread C:\WINDOWS\system32\svchost.exe [440:4048] 00007ffab0301040
Thread C:\WINDOWS\system32\svchost.exe [440:4052] 00007ffab03248e0
Thread C:\WINDOWS\system32\svchost.exe [440:4056] 00007ffab03248e0
Thread C:\WINDOWS\system32\svchost.exe [440:6440] 00007ffab97830f0
Thread C:\WINDOWS\system32\svchost.exe [440:8844] 00007ffab80c41f0
Thread C:\WINDOWS\system32\svchost.exe [440:612] 00007ffaa3f3eb70
Thread C:\WINDOWS\system32\svchost.exe [440:3796] 00007ffaa3d51730
Thread C:\WINDOWS\system32\svchost.exe [440:8456] 00007ffab0007ac0
Thread C:\WINDOWS\System32\svchost.exe [500:1752] 00007ffab9d1c030
Thread C:\WINDOWS\System32\svchost.exe [500:1760] 00007ffab9c9f050
Thread C:\WINDOWS\System32\svchost.exe [500:1768] 00007ffab9d17000
Thread C:\WINDOWS\System32\svchost.exe [500:1772] 00007ffab9d18370
Thread C:\WINDOWS\System32\svchost.exe [500:1776] 00007ffab9d1ad30
Thread C:\WINDOWS\System32\svchost.exe [500:1972] 00007ffab7ce87e0
Thread C:\WINDOWS\System32\svchost.exe [500:4380] 00007ffab97830f0
Thread C:\WINDOWS\System32\svchost.exe [500:8052] 00007ffab3c2c820
Thread C:\WINDOWS\System32\svchost.exe [500:8544] 00007ffab3c2c820
Thread C:\WINDOWS\System32\svchost.exe [500:6308] 00007ffab9d1c830
Thread C:\Windows\System32\WUDFHost.exe [1096:1332] 00007ffabb924a20
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4508] 00007ffaa32b5bc0
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4516] 00007ffaa2f82740
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4532] 00007ffaab4e1180
Thread C:\WINDOWS\system32\svchost.exe [5692:4624] 00007ffab323b180
Thread C:\WINDOWS\system32\svchost.exe [5692:4852] 00007ffab323f5f0
Thread C:\WINDOWS\system32\svchost.exe [5692:4136] 00007ffab7f4e0b0
Thread C:\WINDOWS\system32\svchost.exe [5692:7184] 00007ffab7f4e0b0
Thread C:\WINDOWS\system32\csrss.exe [8872:9144] ffff8be125b96c20
Thread C:\WINDOWS\system32\csrss.exe [8872:6152] ffff8be125b96c20
Thread C:\WINDOWS\system32\svchost.exe [4684:7896] 00007ffab3c2c820
Thread C:\WINDOWS\system32\svchost.exe [4684:5640] 00007ffab3c2c820
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6732] 00007ffabf4b59c0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6340] 00007ffaa9372bc0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8208] 00007ffab7b348e0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:1624] 00007ffaa62552f0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4948] 00007ffabf4b70d0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3284] 00007ffabef4a1e0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4220] 00007ffabd6011a0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3220] 00007ffab6cde010
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3816] 00007ffaa14af900
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8132] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8300] 00007ffaa14e71c0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6320] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4708] 00007ffaa1531da0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6508] 00007ffabf5825b0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6400] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8008] 00007ffaa9238ff0
---- Services - GMER 2.2 ----
Service C:\WINDOWS\system32\drivers\WdBoot.sys (*** hidden *** ) [MANUAL] WdBoot <-- ROOTKIT !!!
Service C:\WINDOWS\system32\drivers\WdFilter.sys (*** hidden *** ) [MANUAL] WdFilter <-- ROOTKIT !!!
Service C:\Program Files (x86)\Windows Defender\MsMpEng.exe (*** hidden *** ) [MANUAL] WinDefend <-- ROOTKIT !!!
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E819262C-0654-4B11-9C26-21B509F2456F}\Connection@Name isatap.Speedport_W_724V_Typ_A_05011603_00_009
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 36305019
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{E819262C-0654-4B11-9C26-21B509F2456F}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{E819262C-0654-4B11-9C26-21B509F2456F}@DefunctTimestamp 0x03 0x30 0x03 0x58 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3004
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 443
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{F9AEFAA6-4604-4E82-9D83-49ACD840F3DC} v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=128:*|App=System|Name=@IpHlpSvc.dll,-502|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{A95A419B-1AE6-4CFE-8031-A09263E1DB0F} v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=128:*|Name=@IpHlpSvc.dll,-503|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x06 0x60 0x86 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x06 0xC8 0x4A 0x8F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x06 0xF8 0xC1 0xCB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Group _Early-Launch
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@ImagePath \SystemRoot\system32\drivers\WdBoot.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath \SystemRoot\system32\drivers\WdFilter.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search@JumpListChangedAppIds {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe?
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe 0x07 0xEC 0x32 0x42 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance@MessageTime 0xF0 0x2D 0x09 0x8A ...
---- EOF - GMER 2.2 ----
FRST : [CODE] GMER Logfile: GMER Logfile: Code:
ATTFilter GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-10-16 22:46:15
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 WDC_WD30EZRX-00AZ6B0 rev.80.00A80 2794,52GB
Running: gmer-2.2.19882.exe; Driver: C:\Users\Philip\AppData\Local\Temp\kfadyfow.sys
---- Threads - GMER 2.2 ----
Thread C:\WINDOWS\system32\svchost.exe [440:1920] 00007ffab80c41f0
Thread C:\WINDOWS\system32\svchost.exe [440:2016] 00007ffab7c541f0
Thread C:\WINDOWS\system32\svchost.exe [440:2020] 00007ffab7c595d0
Thread C:\WINDOWS\system32\svchost.exe [440:2296] 00007ffab01739b0
Thread C:\WINDOWS\system32\svchost.exe [440:2928] 00007ffab0131a50
Thread C:\WINDOWS\system32\svchost.exe [440:4048] 00007ffab0301040
Thread C:\WINDOWS\system32\svchost.exe [440:4052] 00007ffab03248e0
Thread C:\WINDOWS\system32\svchost.exe [440:4056] 00007ffab03248e0
Thread C:\WINDOWS\system32\svchost.exe [440:6440] 00007ffab97830f0
Thread C:\WINDOWS\system32\svchost.exe [440:8844] 00007ffab80c41f0
Thread C:\WINDOWS\system32\svchost.exe [440:612] 00007ffaa3f3eb70
Thread C:\WINDOWS\system32\svchost.exe [440:3796] 00007ffaa3d51730
Thread C:\WINDOWS\system32\svchost.exe [440:8456] 00007ffab0007ac0
Thread C:\WINDOWS\System32\svchost.exe [500:1752] 00007ffab9d1c030
Thread C:\WINDOWS\System32\svchost.exe [500:1760] 00007ffab9c9f050
Thread C:\WINDOWS\System32\svchost.exe [500:1768] 00007ffab9d17000
Thread C:\WINDOWS\System32\svchost.exe [500:1772] 00007ffab9d18370
Thread C:\WINDOWS\System32\svchost.exe [500:1776] 00007ffab9d1ad30
Thread C:\WINDOWS\System32\svchost.exe [500:1972] 00007ffab7ce87e0
Thread C:\WINDOWS\System32\svchost.exe [500:4380] 00007ffab97830f0
Thread C:\WINDOWS\System32\svchost.exe [500:8052] 00007ffab3c2c820
Thread C:\WINDOWS\System32\svchost.exe [500:8544] 00007ffab3c2c820
Thread C:\WINDOWS\System32\svchost.exe [500:6308] 00007ffab9d1c830
Thread C:\Windows\System32\WUDFHost.exe [1096:1332] 00007ffabb924a20
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4508] 00007ffaa32b5bc0
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4516] 00007ffaa2f82740
Thread C:\WINDOWS\System32\spoolsv.exe [1172:4532] 00007ffaab4e1180
Thread C:\WINDOWS\system32\svchost.exe [5692:4624] 00007ffab323b180
Thread C:\WINDOWS\system32\svchost.exe [5692:4852] 00007ffab323f5f0
Thread C:\WINDOWS\system32\svchost.exe [5692:4136] 00007ffab7f4e0b0
Thread C:\WINDOWS\system32\svchost.exe [5692:7184] 00007ffab7f4e0b0
Thread C:\WINDOWS\system32\csrss.exe [8872:9144] ffff8be125b96c20
Thread C:\WINDOWS\system32\csrss.exe [8872:6152] ffff8be125b96c20
Thread C:\WINDOWS\system32\svchost.exe [4684:7896] 00007ffab3c2c820
Thread C:\WINDOWS\system32\svchost.exe [4684:5640] 00007ffab3c2c820
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6732] 00007ffabf4b59c0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6340] 00007ffaa9372bc0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8208] 00007ffab7b348e0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:1624] 00007ffaa62552f0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4948] 00007ffabf4b70d0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3284] 00007ffabef4a1e0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4220] 00007ffabd6011a0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3220] 00007ffab6cde010
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:3816] 00007ffaa14af900
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8132] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8300] 00007ffaa14e71c0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6320] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:4708] 00007ffaa1531da0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6508] 00007ffabf5825b0
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:6400] 00007ffaa152a040
Thread C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [4884:8008] 00007ffaa9238ff0
---- Services - GMER 2.2 ----
Service C:\WINDOWS\system32\drivers\WdBoot.sys (*** hidden *** ) [MANUAL] WdBoot <-- ROOTKIT !!!
Service C:\WINDOWS\system32\drivers\WdFilter.sys (*** hidden *** ) [MANUAL] WdFilter <-- ROOTKIT !!!
Service C:\Program Files (x86)\Windows Defender\MsMpEng.exe (*** hidden *** ) [MANUAL] WinDefend <-- ROOTKIT !!!
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E819262C-0654-4B11-9C26-21B509F2456F}\Connection@Name isatap.Speedport_W_724V_Typ_A_05011603_00_009
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 36305019
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{E819262C-0654-4B11-9C26-21B509F2456F}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{E819262C-0654-4B11-9C26-21B509F2456F}@DefunctTimestamp 0x03 0x30 0x03 0x58 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3004
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 443
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{F9AEFAA6-4604-4E82-9D83-49ACD840F3DC} v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=128:*|App=System|Name=@IpHlpSvc.dll,-502|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{A95A419B-1AE6-4CFE-8031-A09263E1DB0F} v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=128:*|Name=@IpHlpSvc.dll,-503|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x06 0x60 0x86 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x06 0xC8 0x4A 0x8F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x06 0xF8 0xC1 0xCB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Group _Early-Launch
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@ImagePath \SystemRoot\system32\drivers\WdBoot.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdBoot
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath \SystemRoot\system32\drivers\WdFilter.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WdFilter
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\WinDefend
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search@JumpListChangedAppIds {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe?
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe 0x07 0xEC 0x32 0x42 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance@MessageTime 0xF0 0x2D 0x09 0x8A ...
---- EOF - GMER 2.2 ----
--- --- --- und die Frst Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-10-2016
durchgeführt von Philip (16-10-2016 22:50:20)
Gestartet von C:\Users\Philip\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-20 03:23:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3590540074-1526890384-2677090714-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3590540074-1526890384-2677090714-503 - Limited - Disabled)
Gast (S-1-5-21-3590540074-1526890384-2677090714-501 - Limited - Disabled)
Philip (S-1-5-21-3590540074-1526890384-2677090714-1001 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Disabled - Out of date) {D1196F3E-3487-585D-3681-0661BD157EC3}
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {6A788EDA-12BD-57D3-0C31-3D13C692347E}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A3Launcher version 0.1.2.9 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.2.9 - Maca134)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.22.54 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
BioShock (HKLM\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version: - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version: - Irrational Games)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
CCGLauncher version 0.1.2.9 (HKLM-x32\...\{1E299AE2-6B17-4CD8-74C8-A86E0EDD3C42}_is1) (Version: 0.1.2.9 - Maca134)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CRYENGINE Launcher (HKLM-x32\...\{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}) (Version: 1.0.0 - Crytek GmbH)
Curse Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Curse Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Darksiders (HKLM\...\Steam App 50620) (Version: - Vigil Games)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.10 - Emsisoft Ltd.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios)
F.E.A.R. 3 (HKLM\...\Steam App 21100) (Version: - Day 1 Studios)
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks)
FINAL FANTASY VII (HKLM\...\Steam App 39140) (Version: - Square Enix)
FINAL FANTASY XIV: A Realm Reborn (HKLM\...\Steam App 39210) (Version: - SQUARE ENIX)
Gameforge Live 2.0.11 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.11 - Gameforge)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Golf With Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grey Goo (HKLM\...\Steam App 290790) (Version: - Petroglyph)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hatoful Boyfriend (HKLM\...\Steam App 310080) (Version: - Mediatonic)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Blood Money (HKLM\...\Steam App 6860) (Version: - IO Interactive)
HuniePop (HKLM\...\Steam App 339800) (Version: - HuniePot)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League Client alpha pbe (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\League Client alpha pbe 1.0) (Version: 1.0 - Riot Games, Inc)
League Client alpha pbe (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\League Client alpha pbe 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.1.1) (Version: 4.1.1 - Riot Games)
League of Legends (x32 Version: 4.1.1 - Riot Games) Hidden
Life is Feudal: Forest Village (HKLM\...\Steam App 496460) (Version: - Mindillusion)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version: - SQUARE ENIX)
Magic Duels (HKLM\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magicka 2 (HKLM\...\Steam App 238370) (Version: - Pieces Interactive)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Napoleon: Total War (HKLM\...\Steam App 34030) (Version: - The Creative Assembly)
NEKOPARA Vol. 1 (HKLM\...\Steam App 333600) (Version: - NEKO WORKs)
Nether (HKLM\...\Steam App 247730) (Version: - Phosphor Games Studio)
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
One Troll Army (HKLM\...\Steam App 438680) (Version: - FlyAnvil)
One Way Heroics (HKLM\...\Steam App 266210) (Version: - Smoking WOLF)
Opera Stable 40.0.2308.81 (HKLM-x32\...\Opera 40.0.2308.81) (Version: 40.0.2308.81 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.0.2.33129 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Poker Night 2 (HKLM\...\Steam App 234710) (Version: - Telltale Games)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Sanctum 2 (HKLM\...\Steam App 210770) (Version: - Coffee Stain Studios)
Shadowrun: Dragonfall - Director's Cut (HKLM\...\Steam App 300550) (Version: - Harebrained Schemes)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spotify (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM\...\Steam App 310950) (Version: - Capcom)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
Warmachine Tactics (HKLM\...\Steam App 253510) (Version: - WhiteMoon Dreams)
Warsow 2.1 (HKLM-x32\...\{24508D50-EC8F-4FE6-B69D-E5035D8745EB}_is1) (Version: 2.1 - Warsow.gg)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3590540074-1526890384-2677090714-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13090CBD-D313-4211-80AF-D501268BF01E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {29FE4EFD-E5A5-426A-AF72-2EA89DEE2390} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {99D7B6BF-AE9E-427C-A8B7-EFDDD7F4E638} - System32\Tasks\Opera scheduled Autoupdate 1458768815 => C:\Program Files (x86)\Opera\launcher.exe [2016-10-03] (Opera Software)
Task: {D9C2572A-E592-47E0-889E-2390DC3EBD47} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-07] (Advanced Micro Devices, Inc.)
Task: {E1AB3362-2174-43F0-93C3-23EDBE03D695} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {E200B93A-4EFE-456B-8255-26605B652123} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Hotspot Shield Free VPN Proxy – Unblock Sites.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=heajfgnegopeedndeahkdjedjkjcmnpb
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 08:28 - 2016-08-25 08:28 - 01864384 _____ () C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-16 14:25 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 17:52 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-28 13:47 - 2016-09-28 13:49 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 13:47 - 2016-09-28 13:49 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 13:47 - 2016-09-28 14:10 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-03-10 21:39 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-03-10 21:39 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-10 21:39 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 21:39 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-06 06:51 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-03-10 21:39 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-10-04 06:39 - 2016-09-25 05:47 - 01805416 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-04 06:39 - 2016-09-25 05:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{259a2093-8359-4eb8-b1cd-edbd8f984ef2}.jpg
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{259a2093-8359-4eb8-b1cd-edbd8f984ef2}.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{A0B8E1D5-3AB1-4460-A086-148A8FBD732B}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{096C0A4C-04C9-4D2E-872B-817F9340EF2C}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{57F84CCC-09EE-409D-806C-9976DFD2FB65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3E26471D-D0A5-44C0-A360-CDF66F9CAF28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9C7E9892-86A1-482B-84C8-FA895B601ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{953AD51B-C88D-4955-BEBF-D103F89A0ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{EBBCE164-918F-4AC0-AA20-96927220E4B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DB9B184B-F7BF-4B63-BF0B-08DC1B97E764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [UDP Query User{FB1CC01D-B4C9-4E13-B843-82030329FA2C}C:\program files (x86)\warsow 2.1\warsow_x64.exe] => (Allow) C:\program files (x86)\warsow 2.1\warsow_x64.exe
FirewallRules: [TCP Query User{A7C1250B-C5D6-477E-BA62-532BA3A21019}C:\program files (x86)\warsow 2.1\warsow_x64.exe] => (Allow) C:\program files (x86)\warsow 2.1\warsow_x64.exe
FirewallRules: [{763A71F7-8D38-41F6-91D1-22B53AD1580B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{86C1E00D-63F7-45AF-AAF6-9D17CEA6D5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{2ECE42CC-DDF7-4D41-8677-3E5B1B5F666D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{6B949957-A9C9-48E6-B091-D9F1332CB41D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{1EE109BF-BAD8-4F51-8B3A-9080D4322766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{A5226051-E8D0-4991-B22B-3A6979853D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{6F34D78A-B573-41E1-9CCD-29D6E06CD539}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{31999F45-EEEB-47FE-96B8-F349F78F3CBC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{D7CE0B85-4933-49A4-9D2F-2E4A26576E0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{3BB35981-6829-4360-83E6-E4A1C0B67A79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{99D3554F-2FF2-4A81-A9C1-5ABA9E4A3C5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{4FF124FB-7092-44F4-B22D-9AF999A15ED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{CDC077C0-5E9F-4008-A056-132ECC191A28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{FF4687B0-4B41-4349-AC82-3CC29E02249E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{872FCC8A-71DA-453A-9D8A-55417006AB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{22F32EF9-2B49-4F2E-99B6-2F42C39D2083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{EC27CBBA-D777-451D-A079-02DA90D8464E}] => (Allow) C:\Users\Philip\Desktop\BlackDesert_Downloader.exe
FirewallRules: [{BACA1A96-5986-4533-8912-8C1E942C2CED}] => (Allow) C:\Users\Philip\Desktop\BlackDesert_Launcher.exe
FirewallRules: [{0C80E395-540A-44D3-92BD-F3FA5133B2E3}] => (Allow) C:\Users\Philip\Desktop\bin64\BlackDesert64.exe
FirewallRules: [{C1DFC9BA-666D-46EF-8610-54709CDD8E07}] => (Allow) C:\Users\Philip\Desktop\bin\BlackDesert32.exe
FirewallRules: [{CAAEDB00-3A62-45BF-AD8D-97FD35761EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{44D0859B-DB40-4717-B51C-2631E97B25C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{6E14073C-CE2E-430D-935F-2FFE261F5905}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{A51F2194-C3AB-44BE-9EA5-4CD9306BAF08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{5A9AA723-849E-417E-9573-79625C8F751A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{D9619252-53D8-45E0-A042-B02C36A13A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{402C1DC1-E587-4800-9A73-8A183BC3E65E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{940CDFFD-9A1A-4A87-B86B-4CE015C3ED3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [UDP Query User{B3EADBAC-BEA9-42EF-B169-A424CB2B5D6D}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{AD900E9E-0154-4F46-97C1-27C05C6F2AD7}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{33C5FD07-3CE1-451E-B359-D0F62299EFE5}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{223B8573-DEA9-442C-867A-C855C2340712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D3827B3D-123C-4546-98E5-04CB11C36B42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [UDP Query User{D2C5E7A5-C46E-4383-AD69-A6C1D3BC44BB}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [TCP Query User{45BDD88E-0EA7-4DC1-B05A-3C6282A3F0F7}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [UDP Query User{7AC1DF58-22B9-4B33-BA7F-42F06F32F004}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [TCP Query User{46FC5290-B08B-4D38-9591-FA728130F93E}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{EF83BC77-6FC0-4F10-9099-91E71D30E550}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{BFAFBEEC-103F-483A-8341-E03798ECC9C6}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{967C844C-545A-44D0-8FE4-61213235E5F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{99E11439-07CC-4626-984D-F14224229F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{882F3B20-943A-47BA-902E-2A194B6D4D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{41A2A962-FAAD-4751-93E2-D37390840D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{68689867-3493-4F3A-9055-54F873858AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{9CA9760B-FA97-4476-9DE9-F9A446CD44F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2A8834E6-5B49-4459-82EF-A4360AB17C16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{6E9CFD5C-F9A9-471E-A7A5-B16E324FB29D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [UDP Query User{670F692E-A0B6-4D0D-925B-DF59E0A35D25}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{C1494E49-9E65-4DAD-A378-C4EF6001AC9D}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{694B614D-AA72-4ECC-B262-3F3640569B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A0CF82E1-B97C-4465-9A57-090293CFC7C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{3D3D18E1-2B22-41DA-B25D-7AEDA02DDD45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [{E2B38888-6ADE-4E74-84BD-3B3E6B302111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [UDP Query User{B53424B5-C1F0-4D1F-BD0F-7308C15BA93C}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{2446E9DD-82D5-40FB-A33B-2B3BC1609FE9}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{50134A4E-FF61-40CF-88A2-E187FFCBBCD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{5DFEF060-CB21-4CE8-9227-FC4838AB3BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [UDP Query User{3E50CB2C-EDB0-48BA-B28A-60CE7D7D31D0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{BC1C1067-7576-4B07-BBA8-1EBC55EFC112}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7CC96EAA-E46E-47C0-8737-8BAD457467FF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{89F86010-374F-49A2-9185-955A8A951568}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{FEB3CCE6-B9C5-4142-85A0-8016DB77D9A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{12209FEC-CD96-47C8-B6FE-8272A3A70AD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B3A9105-97ED-448E-AEB9-D5BF49DD2C8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7D92B4E2-0DE4-4D95-BCA0-5547C8FCA303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{BCB197A7-CF3F-4368-B8BF-51F46C6D56E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{B3A1F28B-059F-4D2E-BC95-F5FCFEC61586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7D20CFD4-F2BB-47C2-B121-D9E924C545FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [UDP Query User{EF44C445-D452-4737-B339-8044B9F359A6}C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E2A1CD0D-6CA0-4F31-90E0-8AA563E16A46}C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{8CF5D64D-C257-4545-B661-82D037F0E68A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1CE159B5-CD9D-4018-84B2-D7193880A248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [UDP Query User{9CBB822B-179C-4FED-80A5-850223F8CAC4}C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe
FirewallRules: [TCP Query User{EE236296-B8CC-42F7-A3C4-0A78DFD43CC8}C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe
FirewallRules: [{3DDF0319-9BAE-43D0-88D3-2734BFB4588D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2C3E8CF0-F837-49FE-949F-7D18DC357367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B0C9A161-3861-458E-8011-034372D3B1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{B8025DC2-6589-4322-96AB-112E495DEC5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5C22EB1A-0C26-4F38-A72F-3B858DE47CA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{E711495C-2A30-4C95-9759-164FFCAA3F7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{0EE7D5F8-5773-496A-B016-80B10EF2ED79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E8D74261-5BB1-4F1C-9D5F-DF65BBFF949E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3ADEE78A-46FA-4EC1-B65A-09FC429C17AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{FAFA4FD0-C62E-4D56-858F-F889846039C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [UDP Query User{FB758731-C316-4591-ABD3-3E9DE7A28049}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [TCP Query User{564853CD-76F6-4369-BF3D-E12CF4D0393D}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{36A25DDC-1E51-4418-81AB-8F3844CB3F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{9767EF47-3A34-4301-85B6-201C474BB62B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [UDP Query User{7BF7FD5A-C772-4DDE-A109-152432B62EFE}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E360B7EE-D480-4D56-BA8F-E0FDAF024F7C}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A5C3963D-8EFC-4129-8563-929A28F59F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{E0822839-55E4-4B24-8AF5-FFCB5C21C73E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{0EEFD267-BC2C-46F2-986B-218248E310BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BFE70A07-D692-4534-966F-45D54E3E006B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{F2F48C9A-E752-46BE-BAD8-4F264A8D9228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AA156A3E-7E9C-42D4-8F41-DAB139A8A979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{94058914-692B-4E16-BCD8-A685530EBB74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{8F6EACDA-9F49-4DE2-A4F3-C3FCCAB542F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [UDP Query User{F760EC2C-202A-46AF-A058-BF8E681E49B8}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{13DE575B-3339-450A-B286-25895FE0C45A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{F74236FD-D217-4497-8973-A706BF35D9E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
FirewallRules: [{F00CB1BC-95C8-4052-A5EB-AE6997DE8A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
FirewallRules: [{E0B9008C-6327-4991-9A70-16DC994D9427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{11CF0188-C69E-4E92-B5BF-35BF60D6F4ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{FE3B676E-CA7E-4925-A1A2-AC67CBE597A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{AE94A63D-D743-4120-8B11-D896A05B24B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BE00FB8D-47A2-4125-9115-A497A09F887C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{74A4B0C2-BB07-4010-AC70-C111EE7D3476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{B399E3E5-22DC-456A-9E94-467FA4877B03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{8C6F423F-BC2B-4199-8DCC-AE2FEB85704D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{B711A5F0-938F-4C85-8B69-1FD486CB8D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{C1516395-AC30-4E60-833C-A6FB58A10986}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{FD462965-972D-42E8-903D-43FAC5546387}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{DCD5752B-C64B-4473-B6DA-1B940E12644A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{322E4A58-B65F-4A74-A63E-B4E40C23E272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8A2FB0B1-EC1B-4991-BEB5-E832F8AEFBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{758ED23D-365D-4010-887D-F89C45ADA19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{0AA551D3-4EA6-4B3A-BE46-88ABFC286BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{888DC621-204C-420E-A8DE-0A7DF5E56050}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{63475BC0-61B4-4EF3-BEA2-B5F50641E9CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7918B932-26D4-4522-AA76-05094AAC1D1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{F7951422-3FEC-4A4E-BA56-C136D93B8822}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FF2C8A51-4AE8-4BBC-B9A5-5CF2DA5B0FEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{1CC7E20E-1AEB-4181-8A09-D082018775EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [UDP Query User{6312FC27-DE45-49E8-AFF2-762012C052C2}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{94E361C8-5233-443E-A6B6-11E5699C811B}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{074583B8-C6A2-4193-AB47-40F2036D2EB6}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [TCP Query User{047778D6-667F-4F64-8C8D-5C9EAFE6F5B9}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [{C6C48124-B8A0-472B-8DB2-602C954C6080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{548B15C5-C659-4B27-9C15-73325F278E18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{A91226F9-06A5-4CDB-BE29-8E79508DF505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{4569829B-7D40-4C36-AD25-8603103D2FC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{A64DCC50-B5E1-4DD9-8531-9B2554BD8F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{A1BCA4AD-5E20-4C4D-9CB7-139E5DB2A287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{4E397725-E8A6-4764-A093-9C6C844DC872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{6381B0BA-4A28-4F90-AC6E-5C03C5DD63B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{44531A15-231D-49F4-A06C-7A0BB2830FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{A7E5B06D-1721-4327-8DA1-04450D68188D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{60271072-728C-4B4D-8746-C46745B9376A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{9DDFC12D-0A27-45FB-BE74-D22E8282B3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{FF9B4DD1-146E-43CF-8799-19239A5A0241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{573560A5-0695-487B-AE4C-14531D2533A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{AFD3D6B1-8F04-44E8-884F-BFA6A44E7854}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A1426F42-EA92-481A-99B3-8B79813A469D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF016ECC-4BE1-4B3E-AA54-645FA446CB8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5318543F-59B0-45AF-B7FA-6B62694D0E41}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2941CC40-56FB-4D3F-9519-08CEE4F71859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{EFA82635-720D-454E-9861-8007035BC781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{62687A34-07BF-452D-B96F-2D6B9E0A54D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{EF33003C-CD22-489E-A050-0F44A5045798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{78795251-DD94-42BC-B904-94333043C1B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{CBAEE934-B482-4097-8651-37F7630B1DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ED3061E5-1A92-478F-9F52-BF12D29E24EF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{68E2BE6D-EC9C-4EDF-A96F-A6D0972BAC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8146B68A-EF46-4B82-BAFB-AA93E5DE3336}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48D3E2C5-0922-49CC-A914-0E757452F104}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{05D6C05E-5BC8-4AD9-B934-E14079412002}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{1BE2B600-9598-403E-9483-29B1537C15E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1EA0888B-B63C-45A6-A030-CC98517F053C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{BE58270A-E4DE-4003-BB49-93015BE8B198}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{CC50FBF2-A05D-47FE-9622-81054AE37906}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{918A29F7-01DD-4266-B87D-1A80F00A24A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe
FirewallRules: [{AA5E42B7-A6EC-41DA-AE01-344F688EAAAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe
FirewallRules: [{EB86608A-B1DD-48B3-8C7E-7D961E258F21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5D9580D1-A66A-4130-AA6F-CCA722969FE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{D957D83E-34F9-46B3-8C1C-808434D4F943}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{949BCB78-BD1E-4BC8-901F-9B0260053FED}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{0E497E15-D9C7-43AC-A5CE-ACB2E2850D73}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A132B3D7-7F6C-4262-8E89-F92AAFCC795D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B66FEE2D-7F93-43A9-A438-8561B34A16C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1B124755-7F85-4323-BEC5-B9C349FE51D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{471833D2-FA9E-4284-9B45-C3BA00E31BE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{6325F710-92DF-4764-A14C-033ED44BD8A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{FC868114-F20D-42B7-AFE0-87B1EC0FF2A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{C75469AA-AB14-4D39-BA68-19B23E53D41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{F8AEF9BC-DC8C-4782-B892-F25D7777E8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{F228AB9F-5F06-439B-9691-76967DFF8DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{3FC43940-274C-4811-B504-7F23D2D10DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{C2E527C0-64ED-49D9-A414-B5F734D14F98}] => (Allow) LPort=3724
FirewallRules: [{2B9FE349-0B51-4C40-8236-17DDB5D93C9E}] => (Allow) LPort=1119
FirewallRules: [{FEFF21DA-9B4C-44CA-9F7C-496B2D2BF753}] => (Allow) LPort=6113
FirewallRules: [{2ED612BF-516E-4966-8D86-5DA79046B700}] => (Allow) LPort=80
FirewallRules: [{7413C679-495B-4F48-A22F-96DB95CA039E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{F1C46C38-E3DE-4C96-9D27-0804D733D5BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
==================== Wiederherstellungspunkte =========================
|
|
17.10.2016, 05:54
| #2 |
| /// TB-Ausbilder   | Rootkit und vermutlich Trojaner Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Avira bitte über die Systemsteuerung deinstallieren, du hast ja bereits Emsisoft installiert. Woher willst du wissen, dass du mit einem Rootkit infiziert bist? Nur weil GMER das in die Logdatei geschrieben hat? Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
19.10.2016, 16:40
| #3 |
| | Rootkit und vermutlich Trojaner FRST:
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
durchgeführt von Philip (Administrator) auf DESKTOP-R6RHFP9 (19-10-2016 17:35:06)
Gestartet von C:\Users\Philip\Desktop
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5220\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8058\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8058\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8058\Battle.net Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [7536520 2016-09-07] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917584 2016-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-09-24] (Electronic Arts)
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-18] (Spotify Ltd)
Startup: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-08-16] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5616e9b0-4e31-4e73-af1d-7ac2d56c5a35}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5cb6c86e-950f-4de1-a584-7831ad06ac22}: [DhcpNameServer] 192.168.224.1
Tcpip\..\Interfaces\{fc92bc94-c2df-4622-bf05-0da5a0262ae6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3590540074-1526890384-2677090714-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\EyhMxpmq.default [2016-05-15]
FF Extension: (Avira Browser Safety) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\EyhMxpmq.default\Extensions\abs@avira.com [2016-05-15]
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-05-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Extension: (Google Präsentationen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-10]
CHR Extension: (Google Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-10]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-10]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-10]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\heajfgnegopeedndeahkdjedjkjcmnpb [2016-09-25]
CHR Extension: (Hotspot Shield Free VPN Proxy – Entsperrung) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2016-10-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (uMatrix) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2016-09-17]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (History) - C:\Users\Philip\AppData\Roaming\Opera Software\Opera Stable\Extensions\okjmjebinocdgbkpfjipckeokofhjcka [2016-03-23]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9331168 2016-07-26] (Emsisoft Ltd)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1086040 2016-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1489240 2016-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-12] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-03-27] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [281152 2016-10-10] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6556224 2016-10-11] (GOG.com)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-06-09] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-24] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-24] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0306790.inf_amd64_b82087329794b4e0\atikmdag.sys [26551320 2016-09-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0306790.inf_amd64_b82087329794b4e0\atikmpag.sys [510992 2016-09-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [149832 2016-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153392 2016-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [115832 2016-07-21] (Emsisoft Ltd)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36808 2016-08-16] (Wellbia.com Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-19 17:35 - 2016-10-19 17:35 - 00014676 _____ C:\Users\Philip\Desktop\FRST.txt
2016-10-16 22:47 - 2016-10-19 17:35 - 00000000 ____D C:\FRST
2016-10-16 22:47 - 2016-10-19 17:27 - 02407424 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe
2016-10-16 22:47 - 2016-10-16 22:47 - 02406912 _____ (Farbar) C:\Users\Philip\Downloads\FRST64.exe
2016-10-16 22:46 - 2016-10-16 22:46 - 00015077 _____ C:\Users\Philip\Desktop\Gmer.txt
2016-10-16 22:18 - 2016-10-16 22:18 - 00380928 _____ C:\Users\Philip\Downloads\gmer-2.2.19882.exe
2016-10-16 21:53 - 2016-10-16 21:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-16 21:52 - 2016-10-16 22:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-16 21:52 - 2016-10-16 21:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-16 21:52 - 2016-10-16 21:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-16 21:51 - 2016-10-16 21:51 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philip\Downloads\mbar-1.09.3.1001 (1).exe
2016-10-16 21:50 - 2016-10-16 21:50 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philip\Downloads\mbar-1.09.3.1001.exe
2016-10-12 17:53 - 2016-10-05 12:34 - 01051104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 17:53 - 2016-10-05 12:34 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 17:53 - 2016-10-05 12:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 17:53 - 2016-10-05 12:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-12 17:53 - 2016-10-05 12:31 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 17:53 - 2016-10-05 12:31 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 17:53 - 2016-10-05 12:30 - 07812448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 17:53 - 2016-10-05 12:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-12 17:53 - 2016-10-05 12:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 17:53 - 2016-10-05 12:13 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 17:53 - 2016-10-05 12:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-12 17:53 - 2016-10-05 12:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-12 17:53 - 2016-10-05 12:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-12 17:53 - 2016-10-05 12:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-12 17:53 - 2016-10-05 12:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 17:53 - 2016-10-05 12:09 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 17:53 - 2016-10-05 12:09 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-12 17:53 - 2016-10-05 12:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-12 17:53 - 2016-10-05 12:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-12 17:53 - 2016-10-05 12:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-12 17:53 - 2016-10-05 12:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-12 17:53 - 2016-10-05 11:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 17:53 - 2016-10-05 11:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 17:53 - 2016-10-05 11:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-12 17:53 - 2016-10-05 11:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-12 17:53 - 2016-10-05 11:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-12 17:53 - 2016-10-05 11:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-12 17:53 - 2016-10-05 11:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-12 17:53 - 2016-10-05 11:45 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-12 17:53 - 2016-10-05 11:44 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 17:53 - 2016-10-05 11:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-12 17:53 - 2016-10-05 11:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-12 17:53 - 2016-10-05 11:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-12 17:53 - 2016-10-05 11:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 17:53 - 2016-10-05 11:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-12 17:53 - 2016-10-05 11:35 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-12 17:53 - 2016-10-05 11:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-12 17:53 - 2016-10-05 11:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-12 17:53 - 2016-10-05 11:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 17:53 - 2016-10-05 11:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-12 17:53 - 2016-10-05 11:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 17:53 - 2016-10-05 11:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-12 17:53 - 2016-10-05 11:33 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-12 17:53 - 2016-10-05 11:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-12 17:53 - 2016-10-05 11:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-12 17:53 - 2016-10-05 11:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-12 17:53 - 2016-10-05 11:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-12 17:53 - 2016-10-05 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-12 17:53 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 17:53 - 2016-10-05 11:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-12 17:53 - 2016-10-05 11:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-12 17:53 - 2016-10-05 11:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-12 17:53 - 2016-10-05 11:29 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 17:53 - 2016-10-05 11:29 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-12 17:53 - 2016-10-05 11:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-12 17:53 - 2016-10-05 11:29 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-12 17:53 - 2016-10-05 11:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-12 17:53 - 2016-10-05 11:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-12 17:53 - 2016-10-05 11:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-12 17:53 - 2016-10-05 11:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-12 17:53 - 2016-10-05 11:28 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-12 17:53 - 2016-10-05 11:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-12 17:53 - 2016-10-05 11:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-12 17:53 - 2016-10-05 11:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-12 17:53 - 2016-10-05 11:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-12 17:53 - 2016-10-05 11:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-12 17:53 - 2016-10-05 11:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 17:53 - 2016-10-05 11:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-12 17:53 - 2016-10-05 11:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-12 17:53 - 2016-10-05 11:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-12 17:53 - 2016-10-05 11:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-12 17:53 - 2016-10-05 11:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-12 17:53 - 2016-10-05 11:24 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 17:53 - 2016-10-05 11:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 17:53 - 2016-10-05 11:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 17:53 - 2016-10-05 11:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-12 17:53 - 2016-10-05 11:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 17:53 - 2016-10-05 11:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-12 17:53 - 2016-10-05 11:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-12 17:53 - 2016-10-05 11:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-12 17:53 - 2016-10-05 11:22 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 17:53 - 2016-10-05 11:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-12 17:53 - 2016-10-05 11:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-12 17:53 - 2016-10-05 11:20 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-12 17:53 - 2016-10-05 11:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-12 17:53 - 2016-10-05 11:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 17:53 - 2016-10-05 11:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-12 17:53 - 2016-10-05 11:19 - 02265088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-12 17:53 - 2016-10-05 11:19 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-12 17:53 - 2016-10-05 11:19 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 17:53 - 2016-10-05 11:19 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-12 17:53 - 2016-10-05 11:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-12 17:53 - 2016-10-05 11:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-12 17:53 - 2016-10-05 11:18 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-12 17:53 - 2016-10-05 11:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-12 17:53 - 2016-10-05 11:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 17:53 - 2016-10-05 11:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 17:53 - 2016-10-05 11:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-12 17:53 - 2016-10-05 11:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-12 17:53 - 2016-10-05 11:17 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 17:53 - 2016-10-05 11:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-12 17:53 - 2016-10-05 11:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-12 17:53 - 2016-10-05 11:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 17:53 - 2016-10-05 11:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-12 17:53 - 2016-10-05 11:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-12 17:53 - 2016-10-05 11:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 17:53 - 2016-10-05 11:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-12 17:53 - 2016-10-05 11:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-12 17:53 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 02667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 17:53 - 2016-10-05 11:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-12 17:53 - 2016-10-05 11:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-12 17:53 - 2016-10-05 11:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 17:53 - 2016-10-05 11:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 17:53 - 2016-10-05 11:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-12 17:53 - 2016-10-05 11:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 17:53 - 2016-10-05 11:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 17:53 - 2016-10-05 11:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-12 17:53 - 2016-10-05 11:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-12 17:53 - 2016-10-05 11:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-12 17:53 - 2016-10-05 11:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-12 17:53 - 2016-10-05 11:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 17:53 - 2016-10-05 11:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-12 17:53 - 2016-10-05 11:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 17:53 - 2016-10-05 11:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-12 17:53 - 2016-10-05 11:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 17:53 - 2016-10-05 11:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-12 17:53 - 2016-10-05 11:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-12 17:53 - 2016-10-05 11:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 17:53 - 2016-10-05 11:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-12 17:53 - 2016-10-05 11:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-12 17:53 - 2016-10-05 11:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-12 17:53 - 2016-10-05 11:07 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-12 17:53 - 2016-10-05 11:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-12 17:53 - 2016-10-05 11:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-12 17:53 - 2016-10-05 11:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-12 17:53 - 2016-10-05 11:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 17:53 - 2016-10-05 02:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 17:53 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-12 17:52 - 2016-10-05 12:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-12 17:52 - 2016-10-05 12:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-12 17:52 - 2016-10-05 12:09 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-12 17:52 - 2016-10-05 12:04 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-12 17:52 - 2016-10-05 12:04 - 00628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 17:52 - 2016-10-05 11:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-12 17:52 - 2016-10-05 11:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-12 17:52 - 2016-10-05 11:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-12 17:52 - 2016-10-05 11:22 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-12 17:52 - 2016-10-05 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-12 17:52 - 2016-10-05 11:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-12 17:52 - 2016-10-05 11:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 17:52 - 2016-10-05 11:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 17:52 - 2016-10-05 11:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-10 20:31 - 2016-10-10 20:31 - 00000000 ____D C:\Users\Philip\AppData\Roaming\OBS
2016-10-09 14:04 - 2016-10-09 13:50 - 00023640 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-10-02 16:32 - 2016-10-02 16:32 - 00000000 ____D C:\ProgramData\Gaijin
2016-09-29 21:17 - 2016-09-29 21:17 - 00000222 _____ C:\Users\Philip\Desktop\Life is Feudal Forest Village.url
2016-09-29 20:07 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-29 20:07 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-29 20:07 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-29 20:07 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-29 20:07 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-29 20:07 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-29 20:07 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-29 20:07 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-29 20:07 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-29 20:07 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-29 20:07 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-29 20:07 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 20:07 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-29 20:07 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-29 20:07 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-29 20:07 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-29 20:07 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-29 20:07 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-29 20:07 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-29 20:07 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-29 20:07 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-29 20:07 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-29 20:07 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-29 20:07 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-29 20:07 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-29 20:07 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-29 20:07 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-29 20:07 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-29 20:07 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-29 20:07 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-29 20:07 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-29 20:07 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-29 20:07 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-29 20:07 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-29 20:07 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-29 20:07 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-29 20:07 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-29 20:07 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-29 20:07 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-29 20:07 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-29 20:07 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-29 20:07 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-29 20:07 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-29 20:07 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-29 20:07 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-29 20:07 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-29 20:07 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-29 20:07 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-29 20:07 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-29 20:07 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-29 20:07 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-29 20:07 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-29 20:07 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-29 20:07 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-29 20:07 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 20:07 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-29 20:07 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-29 20:07 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-29 20:07 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-29 20:07 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-29 20:07 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-29 20:07 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-29 20:07 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-29 20:07 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-29 20:07 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-29 20:07 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-29 20:07 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-29 20:07 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-29 20:07 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-29 20:07 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-29 20:07 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-29 20:07 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-29 20:07 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-29 20:07 - 2016-09-15 18:43 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2016-09-29 20:07 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-29 20:07 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-29 20:07 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-29 20:07 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-29 20:07 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-29 20:07 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-29 20:07 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-29 20:07 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-29 20:07 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-29 20:07 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-29 20:07 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-29 20:07 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-29 20:07 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-29 20:07 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-29 20:07 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-29 20:07 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-29 20:07 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-29 20:07 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-29 20:07 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-29 20:07 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-29 20:07 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-29 20:07 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-29 20:07 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-29 20:07 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-29 20:07 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-29 20:07 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-29 20:07 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-29 20:07 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 20:07 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-29 20:07 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-29 20:07 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-29 20:07 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-29 20:07 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-29 20:07 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-29 20:07 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-29 20:07 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-29 20:07 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-29 20:07 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-29 20:07 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-29 20:07 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-29 20:07 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-29 20:07 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-29 20:07 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-29 20:07 - 2016-09-15 18:28 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-09-29 20:07 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-29 20:07 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-29 20:07 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-29 20:07 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-29 20:07 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-29 20:07 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-29 20:07 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-29 20:07 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-29 20:07 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-29 20:07 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-29 20:07 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-29 20:07 - 2016-09-15 18:24 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2016-09-29 20:07 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-29 20:07 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-29 20:07 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-29 20:07 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-29 20:07 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-29 20:07 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-29 20:07 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-29 20:07 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-29 20:07 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-29 20:07 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-29 20:07 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-29 20:07 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-29 20:07 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-29 20:07 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-29 20:07 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-29 20:07 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-29 20:07 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-29 20:07 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-29 20:07 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-29 20:07 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-29 20:07 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-29 20:07 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-29 20:07 - 2016-09-15 18:16 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2016-09-29 20:07 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-29 20:06 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-29 20:06 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-29 20:06 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-29 20:06 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-29 20:06 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-29 20:06 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-29 20:06 - 2016-09-15 19:29 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-09-29 20:06 - 2016-09-15 19:29 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-09-29 20:06 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-29 20:06 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-29 20:06 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-29 20:06 - 2016-09-15 19:29 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-09-29 20:06 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-29 20:06 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-29 20:06 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-29 20:06 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-29 20:06 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-29 20:06 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-29 20:06 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-29 20:06 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-29 20:06 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-29 20:06 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-29 20:06 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-29 20:06 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-29 20:06 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-29 20:06 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-29 20:06 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-29 20:06 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-29 20:06 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-29 20:06 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-29 20:06 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-29 20:06 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-29 20:06 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-29 20:06 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-29 20:06 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-29 20:06 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-29 20:06 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-29 20:06 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-29 20:06 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-29 20:06 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-29 20:06 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-29 20:06 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-29 20:06 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-29 20:06 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-29 20:06 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-29 20:06 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-29 20:06 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-29 20:06 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-29 20:06 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-29 20:06 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-29 20:06 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-29 20:06 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-29 20:06 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-29 20:06 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-29 20:06 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-29 20:06 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-29 20:06 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-29 20:06 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-29 20:06 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-29 20:06 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-29 20:06 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-29 20:06 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-29 20:06 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-29 20:06 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-29 20:06 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-29 20:06 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 20:06 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-29 20:06 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-29 20:06 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 20:06 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-29 20:06 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-29 20:06 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-29 20:06 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-29 20:06 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-29 20:06 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-29 20:06 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-29 20:06 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-29 20:06 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-29 20:06 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-29 20:06 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-29 20:06 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-29 20:06 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-29 20:06 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-29 20:06 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-29 20:06 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-29 20:06 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-29 20:06 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-29 20:06 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-29 20:06 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-29 20:06 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-29 20:06 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-29 20:06 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-29 20:06 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-29 20:06 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-29 20:06 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-29 20:06 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-29 20:06 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-29 20:06 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-29 20:06 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-29 20:06 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-29 20:06 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-29 20:06 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-29 20:06 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-29 20:06 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-29 20:06 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-29 20:06 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-29 20:06 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-29 20:06 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-29 20:06 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-29 20:06 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-29 20:06 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-29 20:06 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-29 20:06 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-29 20:06 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-29 20:06 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-29 20:06 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-29 20:06 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-29 20:06 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-29 20:06 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-29 20:06 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-29 20:06 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-29 20:06 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-29 20:06 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-29 20:06 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-29 20:06 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-29 20:06 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-29 20:06 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-29 20:06 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-29 20:06 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-29 20:06 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-29 20:06 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-29 20:06 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-29 20:06 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-29 20:06 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-29 20:06 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-29 20:06 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-29 20:06 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-29 20:06 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-29 20:06 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-29 20:06 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-29 20:06 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-29 20:06 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-29 20:06 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-29 20:06 - 2016-09-15 18:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-09-29 20:06 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-29 20:06 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-29 20:06 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-29 20:06 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-29 20:06 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-29 20:06 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-29 20:06 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-29 20:06 - 2016-09-15 18:28 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-09-29 20:06 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-29 20:06 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-29 20:06 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-29 20:06 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-29 20:06 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-29 20:06 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-29 20:06 - 2016-09-15 18:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-09-29 20:06 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-29 20:06 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-29 20:06 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-29 20:06 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-29 20:06 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-29 20:06 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-29 20:06 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-29 20:06 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-29 20:06 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-29 20:06 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-29 20:06 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-29 20:06 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-29 20:06 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-29 20:06 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-29 20:06 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-29 20:06 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-29 20:06 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-29 20:06 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-29 20:06 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-29 20:06 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-29 20:06 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-29 20:06 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-29 20:06 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-29 20:06 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-29 20:06 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-29 20:06 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-29 20:06 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-29 20:06 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-29 20:06 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-29 20:06 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-26 07:04 - 2016-09-26 07:04 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿerStore
2016-09-26 06:57 - 2016-09-26 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-09-26 06:55 - 2016-09-26 06:55 - 00000000 ____D C:\Users\Philip\AppData\LocalLow\AMD
2016-09-25 22:37 - 2016-09-25 22:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-09-25 22:35 - 2016-09-25 22:35 - 27923456 _____ C:\Users\Philip\Downloads\PhysX-9.13.0725-SystemSoftware.msi
2016-09-25 20:33 - 2016-09-25 20:33 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-25 19:36 - 2016-09-25 19:36 - 00001397 _____ C:\Users\Public\Desktop\Dragon Age Origins.lnk
2016-09-25 19:36 - 2016-09-25 19:36 - 00000000 ____D C:\Users\Philip\Documents\BioWare
2016-09-25 19:36 - 2016-09-25 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-19 17:35 - 2016-04-13 15:37 - 00000000 ____D C:\Users\Philip\AppData\Local\Battle.net
2016-10-19 17:32 - 2016-06-13 19:57 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2016-10-19 17:05 - 2016-08-19 01:53 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-10-19 16:23 - 2016-08-20 05:02 - 00000000 ____D C:\Users\Philip
2016-10-19 16:22 - 2016-04-13 15:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-10-19 16:11 - 2016-08-20 04:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-19 15:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-19 10:40 - 2016-03-10 21:37 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-19 10:13 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-18 23:39 - 2016-03-25 13:04 - 00000000 ____D C:\Users\Philip\AppData\Local\Spotify
2016-10-18 23:33 - 2016-03-10 21:50 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2016-10-18 20:13 - 2016-03-25 13:03 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Spotify
2016-10-18 14:11 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-17 00:39 - 2016-07-17 00:51 - 00679884 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-17 00:39 - 2016-07-17 00:51 - 00147008 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-17 00:39 - 2016-03-11 03:48 - 01843128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-17 00:32 - 2016-08-20 05:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-16 00:55 - 2016-03-13 12:18 - 00000000 ____D C:\Users\Philip\Desktop\bildas
2016-10-15 15:53 - 2016-09-03 13:16 - 00000219 _____ C:\Users\Philip\Desktop\Dota 2.url
2016-10-14 23:53 - 2016-04-30 21:06 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-10-14 13:20 - 2016-08-05 22:12 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-10-13 22:32 - 2016-04-20 17:00 - 00000000 ____D C:\Users\Philip\Documents\The Witcher 3
2016-10-13 18:20 - 2016-04-30 22:50 - 00001173 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-10-13 08:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 06:43 - 2016-03-11 03:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-13 06:40 - 2016-08-20 04:55 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 22:59 - 2016-08-20 04:57 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-10-12 22:59 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 22:57 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 22:57 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-12 19:22 - 2016-03-10 23:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 19:17 - 2016-03-10 23:57 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 17:39 - 2016-05-10 18:39 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-10-12 17:32 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-12 17:32 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-12 17:22 - 2016-03-10 21:36 - 00000000 ____D C:\Users\Philip\AppData\Local\Ubisoft Game Launcher
2016-10-10 17:49 - 2016-04-20 16:39 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-10-10 00:23 - 2016-04-12 22:52 - 00000000 ____D C:\Users\Philip\AppData\Local\CRYENGINE_Launcher
2016-10-09 15:36 - 2016-04-12 22:52 - 00000000 ____D C:\ProgramData\GFACE
2016-10-09 14:04 - 2016-05-15 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-09 13:50 - 2016-05-15 18:51 - 00153392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-10-09 13:50 - 2016-05-15 18:51 - 00149832 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-10-07 07:06 - 2016-03-11 03:45 - 00000000 ____D C:\Users\Philip\AppData\Local\Packages
2016-10-06 16:55 - 2016-08-20 05:15 - 00003992 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1458768815
2016-10-06 16:55 - 2016-03-23 23:33 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-10-06 16:55 - 2016-03-23 23:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-10-04 06:39 - 2016-03-10 21:26 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 06:39 - 2016-03-10 21:26 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-03 00:47 - 2016-08-26 13:23 - 00000000 ____D C:\ProgramData\Origin
2016-10-03 00:45 - 2016-08-26 13:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Origin
2016-09-29 23:40 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-29 23:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-29 23:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-29 23:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-29 23:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-26 07:04 - 2016-03-10 21:30 - 00000000 ____D C:\AMD
2016-09-26 07:02 - 2016-03-10 21:32 - 00000000 ____D C:\Users\Philip\AppData\Local\AMD
2016-09-26 06:57 - 2016-04-06 01:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-26 06:54 - 2016-08-20 04:57 - 00000000 ____D C:\Program Files\AMD
2016-09-25 22:34 - 2016-08-26 13:23 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-09-24 23:26 - 2016-08-26 13:26 - 00000000 ____D C:\Users\Philip\AppData\Local\Origin
2016-09-24 23:25 - 2016-08-26 13:22 - 00000000 ____D C:\Program Files (x86)\Origin
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-25 13:54 - 2016-08-29 21:24 - 0002709 _____ () C:\Users\Philip\AppData\Roaming\SpeedRunnersLog.txt
Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe
C:\Users\Philip\AppData\Local\Temp\jre-8u101-windows-au.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-10-17 15:51
==================== Ende von FRST.txt ============================
[/CODE] |
|
19.10.2016, 16:42
| #4 |
| | Rootkit und vermutlich Trojaner Addition:# Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von Philip (19-10-2016 17:35:57)
Gestartet von C:\Users\Philip\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-20 03:23:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3590540074-1526890384-2677090714-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3590540074-1526890384-2677090714-503 - Limited - Disabled)
Gast (S-1-5-21-3590540074-1526890384-2677090714-501 - Limited - Disabled)
Philip (S-1-5-21-3590540074-1526890384-2677090714-1001 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Disabled - Out of date) {D1196F3E-3487-585D-3681-0661BD157EC3}
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {6A788EDA-12BD-57D3-0C31-3D13C692347E}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A3Launcher version 0.1.2.9 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.2.9 - Maca134)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.22.54 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
BioShock (HKLM\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version: - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version: - Irrational Games)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
CCGLauncher version 0.1.2.9 (HKLM-x32\...\{1E299AE2-6B17-4CD8-74C8-A86E0EDD3C42}_is1) (Version: 0.1.2.9 - Maca134)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CRYENGINE Launcher (HKLM-x32\...\{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}) (Version: 1.0.0 - Crytek GmbH)
Curse Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Darksiders (HKLM\...\Steam App 50620) (Version: - Vigil Games)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.10 - Emsisoft Ltd.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios)
F.E.A.R. 3 (HKLM\...\Steam App 21100) (Version: - Day 1 Studios)
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks)
FINAL FANTASY VII (HKLM\...\Steam App 39140) (Version: - Square Enix)
FINAL FANTASY XIV: A Realm Reborn (HKLM\...\Steam App 39210) (Version: - SQUARE ENIX)
Gameforge Live 2.0.11 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.11 - Gameforge)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Golf With Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grey Goo (HKLM\...\Steam App 290790) (Version: - Petroglyph)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hatoful Boyfriend (HKLM\...\Steam App 310080) (Version: - Mediatonic)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Blood Money (HKLM\...\Steam App 6860) (Version: - IO Interactive)
HuniePop (HKLM\...\Steam App 339800) (Version: - HuniePot)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League Client alpha pbe (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\League Client alpha pbe 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.1.1) (Version: 4.1.1 - Riot Games)
League of Legends (x32 Version: 4.1.1 - Riot Games) Hidden
Life is Feudal: Forest Village (HKLM\...\Steam App 496460) (Version: - Mindillusion)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version: - SQUARE ENIX)
Magic Duels (HKLM\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magicka 2 (HKLM\...\Steam App 238370) (Version: - Pieces Interactive)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Napoleon: Total War (HKLM\...\Steam App 34030) (Version: - The Creative Assembly)
NEKOPARA Vol. 1 (HKLM\...\Steam App 333600) (Version: - NEKO WORKs)
Nether (HKLM\...\Steam App 247730) (Version: - Phosphor Games Studio)
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
One Troll Army (HKLM\...\Steam App 438680) (Version: - FlyAnvil)
One Way Heroics (HKLM\...\Steam App 266210) (Version: - Smoking WOLF)
Opera Stable 40.0.2308.81 (HKLM-x32\...\Opera 40.0.2308.81) (Version: 40.0.2308.81 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.0.2.33129 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Poker Night 2 (HKLM\...\Steam App 234710) (Version: - Telltale Games)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Sanctum 2 (HKLM\...\Steam App 210770) (Version: - Coffee Stain Studios)
Shadowrun: Dragonfall - Director's Cut (HKLM\...\Steam App 300550) (Version: - Harebrained Schemes)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM\...\Steam App 310950) (Version: - Capcom)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
Warmachine Tactics (HKLM\...\Steam App 253510) (Version: - WhiteMoon Dreams)
Warsow 2.1 (HKLM-x32\...\{24508D50-EC8F-4FE6-B69D-E5035D8745EB}_is1) (Version: 2.1 - Warsow.gg)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3590540074-1526890384-2677090714-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13090CBD-D313-4211-80AF-D501268BF01E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {29FE4EFD-E5A5-426A-AF72-2EA89DEE2390} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {99D7B6BF-AE9E-427C-A8B7-EFDDD7F4E638} - System32\Tasks\Opera scheduled Autoupdate 1458768815 => C:\Program Files (x86)\Opera\launcher.exe [2016-10-03] (Opera Software)
Task: {D9C2572A-E592-47E0-889E-2390DC3EBD47} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-07] (Advanced Micro Devices, Inc.)
Task: {E1AB3362-2174-43F0-93C3-23EDBE03D695} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {E200B93A-4EFE-456B-8255-26605B652123} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Hotspot Shield Free VPN Proxy – Unblock Sites.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=heajfgnegopeedndeahkdjedjkjcmnpb
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 20:07 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 08:28 - 2016-08-25 08:28 - 01864384 _____ () C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-16 14:25 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 17:52 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-12 17:53 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-12 17:53 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-12 17:53 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 01484776 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\Battle.net Helper.exe
2016-10-12 17:53 - 2016-10-05 11:12 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-09-15 10:58 - 2016-09-24 23:24 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-03-10 21:39 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-03-10 21:39 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-03-10 21:39 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-03-10 21:39 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-10 21:39 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 21:39 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-06 06:51 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-10-04 06:39 - 2016-09-25 05:47 - 01805416 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-04 06:39 - 2016-09-25 05:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 37247976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\libcef.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\ortp.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 06402560 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\battle.net.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\libEGL.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\libGLESv2.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\libglesv2.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\libegl.dll
2016-10-11 13:46 - 2016-10-11 13:46 - 00990696 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8058\ffmpegsumo.dll
2016-03-10 21:39 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{259a2093-8359-4eb8-b1cd-edbd8f984ef2}.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3590540074-1526890384-2677090714-1001\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{A0B8E1D5-3AB1-4460-A086-148A8FBD732B}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{096C0A4C-04C9-4D2E-872B-817F9340EF2C}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{57F84CCC-09EE-409D-806C-9976DFD2FB65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3E26471D-D0A5-44C0-A360-CDF66F9CAF28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9C7E9892-86A1-482B-84C8-FA895B601ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{953AD51B-C88D-4955-BEBF-D103F89A0ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{EBBCE164-918F-4AC0-AA20-96927220E4B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DB9B184B-F7BF-4B63-BF0B-08DC1B97E764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [UDP Query User{FB1CC01D-B4C9-4E13-B843-82030329FA2C}C:\program files (x86)\warsow 2.1\warsow_x64.exe] => (Allow) C:\program files (x86)\warsow 2.1\warsow_x64.exe
FirewallRules: [TCP Query User{A7C1250B-C5D6-477E-BA62-532BA3A21019}C:\program files (x86)\warsow 2.1\warsow_x64.exe] => (Allow) C:\program files (x86)\warsow 2.1\warsow_x64.exe
FirewallRules: [{763A71F7-8D38-41F6-91D1-22B53AD1580B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{86C1E00D-63F7-45AF-AAF6-9D17CEA6D5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{2ECE42CC-DDF7-4D41-8677-3E5B1B5F666D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{6B949957-A9C9-48E6-B091-D9F1332CB41D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{1EE109BF-BAD8-4F51-8B3A-9080D4322766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{A5226051-E8D0-4991-B22B-3A6979853D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{6F34D78A-B573-41E1-9CCD-29D6E06CD539}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{31999F45-EEEB-47FE-96B8-F349F78F3CBC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{EC27CBBA-D777-451D-A079-02DA90D8464E}] => (Allow) C:\Users\Philip\Desktop\BlackDesert_Downloader.exe
FirewallRules: [{BACA1A96-5986-4533-8912-8C1E942C2CED}] => (Allow) C:\Users\Philip\Desktop\BlackDesert_Launcher.exe
FirewallRules: [{0C80E395-540A-44D3-92BD-F3FA5133B2E3}] => (Allow) C:\Users\Philip\Desktop\bin64\BlackDesert64.exe
FirewallRules: [{C1DFC9BA-666D-46EF-8610-54709CDD8E07}] => (Allow) C:\Users\Philip\Desktop\bin\BlackDesert32.exe
FirewallRules: [{CAAEDB00-3A62-45BF-AD8D-97FD35761EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{44D0859B-DB40-4717-B51C-2631E97B25C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{6E14073C-CE2E-430D-935F-2FFE261F5905}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{A51F2194-C3AB-44BE-9EA5-4CD9306BAF08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{5A9AA723-849E-417E-9573-79625C8F751A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{D9619252-53D8-45E0-A042-B02C36A13A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{402C1DC1-E587-4800-9A73-8A183BC3E65E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{940CDFFD-9A1A-4A87-B86B-4CE015C3ED3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [UDP Query User{B3EADBAC-BEA9-42EF-B169-A424CB2B5D6D}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{AD900E9E-0154-4F46-97C1-27C05C6F2AD7}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{33C5FD07-3CE1-451E-B359-D0F62299EFE5}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{223B8573-DEA9-442C-867A-C855C2340712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D3827B3D-123C-4546-98E5-04CB11C36B42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [UDP Query User{D2C5E7A5-C46E-4383-AD69-A6C1D3BC44BB}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [TCP Query User{45BDD88E-0EA7-4DC1-B05A-3C6282A3F0F7}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [UDP Query User{7AC1DF58-22B9-4B33-BA7F-42F06F32F004}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [TCP Query User{46FC5290-B08B-4D38-9591-FA728130F93E}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{EF83BC77-6FC0-4F10-9099-91E71D30E550}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{BFAFBEEC-103F-483A-8341-E03798ECC9C6}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{967C844C-545A-44D0-8FE4-61213235E5F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{99E11439-07CC-4626-984D-F14224229F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{882F3B20-943A-47BA-902E-2A194B6D4D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{41A2A962-FAAD-4751-93E2-D37390840D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{68689867-3493-4F3A-9055-54F873858AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{9CA9760B-FA97-4476-9DE9-F9A446CD44F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2A8834E6-5B49-4459-82EF-A4360AB17C16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{6E9CFD5C-F9A9-471E-A7A5-B16E324FB29D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [UDP Query User{670F692E-A0B6-4D0D-925B-DF59E0A35D25}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{C1494E49-9E65-4DAD-A378-C4EF6001AC9D}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{694B614D-AA72-4ECC-B262-3F3640569B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A0CF82E1-B97C-4465-9A57-090293CFC7C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{3D3D18E1-2B22-41DA-B25D-7AEDA02DDD45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [{E2B38888-6ADE-4E74-84BD-3B3E6B302111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [UDP Query User{B53424B5-C1F0-4D1F-BD0F-7308C15BA93C}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{2446E9DD-82D5-40FB-A33B-2B3BC1609FE9}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{50134A4E-FF61-40CF-88A2-E187FFCBBCD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{5DFEF060-CB21-4CE8-9227-FC4838AB3BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [UDP Query User{3E50CB2C-EDB0-48BA-B28A-60CE7D7D31D0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{BC1C1067-7576-4B07-BBA8-1EBC55EFC112}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7CC96EAA-E46E-47C0-8737-8BAD457467FF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{89F86010-374F-49A2-9185-955A8A951568}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{FEB3CCE6-B9C5-4142-85A0-8016DB77D9A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{12209FEC-CD96-47C8-B6FE-8272A3A70AD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B3A9105-97ED-448E-AEB9-D5BF49DD2C8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7D92B4E2-0DE4-4D95-BCA0-5547C8FCA303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{BCB197A7-CF3F-4368-B8BF-51F46C6D56E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{B3A1F28B-059F-4D2E-BC95-F5FCFEC61586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7D20CFD4-F2BB-47C2-B121-D9E924C545FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [UDP Query User{EF44C445-D452-4737-B339-8044B9F359A6}C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E2A1CD0D-6CA0-4F31-90E0-8AA563E16A46}C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{8CF5D64D-C257-4545-B661-82D037F0E68A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1CE159B5-CD9D-4018-84B2-D7193880A248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [UDP Query User{9CBB822B-179C-4FED-80A5-850223F8CAC4}C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe
FirewallRules: [TCP Query User{EE236296-B8CC-42F7-A3C4-0A78DFD43CC8}C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe] => (Allow) C:\program files (x86)\crytek\cryengine launcher\crytek\cryengine_5.0\bin\win_x64\sandbox.exe
FirewallRules: [{3DDF0319-9BAE-43D0-88D3-2734BFB4588D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2C3E8CF0-F837-49FE-949F-7D18DC357367}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B0C9A161-3861-458E-8011-034372D3B1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{B8025DC2-6589-4322-96AB-112E495DEC5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5C22EB1A-0C26-4F38-A72F-3B858DE47CA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{E711495C-2A30-4C95-9759-164FFCAA3F7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{0EE7D5F8-5773-496A-B016-80B10EF2ED79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E8D74261-5BB1-4F1C-9D5F-DF65BBFF949E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3ADEE78A-46FA-4EC1-B65A-09FC429C17AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{FAFA4FD0-C62E-4D56-858F-F889846039C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [UDP Query User{FB758731-C316-4591-ABD3-3E9DE7A28049}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [TCP Query User{564853CD-76F6-4369-BF3D-E12CF4D0393D}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{36A25DDC-1E51-4418-81AB-8F3844CB3F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{9767EF47-3A34-4301-85B6-201C474BB62B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [UDP Query User{7BF7FD5A-C772-4DDE-A109-152432B62EFE}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E360B7EE-D480-4D56-BA8F-E0FDAF024F7C}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A5C3963D-8EFC-4129-8563-929A28F59F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{E0822839-55E4-4B24-8AF5-FFCB5C21C73E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{0EEFD267-BC2C-46F2-986B-218248E310BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BFE70A07-D692-4534-966F-45D54E3E006B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{F2F48C9A-E752-46BE-BAD8-4F264A8D9228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AA156A3E-7E9C-42D4-8F41-DAB139A8A979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{94058914-692B-4E16-BCD8-A685530EBB74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{8F6EACDA-9F49-4DE2-A4F3-C3FCCAB542F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [UDP Query User{F760EC2C-202A-46AF-A058-BF8E681E49B8}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{13DE575B-3339-450A-B286-25895FE0C45A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{F74236FD-D217-4497-8973-A706BF35D9E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
FirewallRules: [{F00CB1BC-95C8-4052-A5EB-AE6997DE8A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
FirewallRules: [{E0B9008C-6327-4991-9A70-16DC994D9427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{11CF0188-C69E-4E92-B5BF-35BF60D6F4ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{FE3B676E-CA7E-4925-A1A2-AC67CBE597A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{AE94A63D-D743-4120-8B11-D896A05B24B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BE00FB8D-47A2-4125-9115-A497A09F887C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{74A4B0C2-BB07-4010-AC70-C111EE7D3476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{B399E3E5-22DC-456A-9E94-467FA4877B03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{8C6F423F-BC2B-4199-8DCC-AE2FEB85704D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{B711A5F0-938F-4C85-8B69-1FD486CB8D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{C1516395-AC30-4E60-833C-A6FB58A10986}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{FD462965-972D-42E8-903D-43FAC5546387}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{DCD5752B-C64B-4473-B6DA-1B940E12644A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{322E4A58-B65F-4A74-A63E-B4E40C23E272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8A2FB0B1-EC1B-4991-BEB5-E832F8AEFBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{758ED23D-365D-4010-887D-F89C45ADA19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{0AA551D3-4EA6-4B3A-BE46-88ABFC286BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{888DC621-204C-420E-A8DE-0A7DF5E56050}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{63475BC0-61B4-4EF3-BEA2-B5F50641E9CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7918B932-26D4-4522-AA76-05094AAC1D1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{F7951422-3FEC-4A4E-BA56-C136D93B8822}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FF2C8A51-4AE8-4BBC-B9A5-5CF2DA5B0FEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{1CC7E20E-1AEB-4181-8A09-D082018775EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [UDP Query User{6312FC27-DE45-49E8-AFF2-762012C052C2}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{94E361C8-5233-443E-A6B6-11E5699C811B}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{074583B8-C6A2-4193-AB47-40F2036D2EB6}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [TCP Query User{047778D6-667F-4F64-8C8D-5C9EAFE6F5B9}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [{C6C48124-B8A0-472B-8DB2-602C954C6080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{548B15C5-C659-4B27-9C15-73325F278E18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hatoful Boyfriend\hatoful.exe
FirewallRules: [{A91226F9-06A5-4CDB-BE29-8E79508DF505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{4569829B-7D40-4C36-AD25-8603103D2FC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{A64DCC50-B5E1-4DD9-8531-9B2554BD8F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{A1BCA4AD-5E20-4C4D-9CB7-139E5DB2A287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{4E397725-E8A6-4764-A093-9C6C844DC872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{6381B0BA-4A28-4F90-AC6E-5C03C5DD63B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{44531A15-231D-49F4-A06C-7A0BB2830FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{A7E5B06D-1721-4327-8DA1-04450D68188D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{60271072-728C-4B4D-8746-C46745B9376A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{9DDFC12D-0A27-45FB-BE74-D22E8282B3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Friends.exe
FirewallRules: [{FF9B4DD1-146E-43CF-8799-19239A5A0241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{573560A5-0695-487B-AE4C-14531D2533A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{AFD3D6B1-8F04-44E8-884F-BFA6A44E7854}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A1426F42-EA92-481A-99B3-8B79813A469D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF016ECC-4BE1-4B3E-AA54-645FA446CB8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5318543F-59B0-45AF-B7FA-6B62694D0E41}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2941CC40-56FB-4D3F-9519-08CEE4F71859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{EFA82635-720D-454E-9861-8007035BC781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{62687A34-07BF-452D-B96F-2D6B9E0A54D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{EF33003C-CD22-489E-A050-0F44A5045798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{78795251-DD94-42BC-B904-94333043C1B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{CBAEE934-B482-4097-8651-37F7630B1DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ED3061E5-1A92-478F-9F52-BF12D29E24EF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{68E2BE6D-EC9C-4EDF-A96F-A6D0972BAC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8146B68A-EF46-4B82-BAFB-AA93E5DE3336}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48D3E2C5-0922-49CC-A914-0E757452F104}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{05D6C05E-5BC8-4AD9-B934-E14079412002}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{1BE2B600-9598-403E-9483-29B1537C15E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1EA0888B-B63C-45A6-A030-CC98517F053C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{BE58270A-E4DE-4003-BB49-93015BE8B198}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{CC50FBF2-A05D-47FE-9622-81054AE37906}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{918A29F7-01DD-4266-B87D-1A80F00A24A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe
FirewallRules: [{AA5E42B7-A6EC-41DA-AE01-344F688EAAAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe
FirewallRules: [{EB86608A-B1DD-48B3-8C7E-7D961E258F21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5D9580D1-A66A-4130-AA6F-CCA722969FE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{D957D83E-34F9-46B3-8C1C-808434D4F943}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{949BCB78-BD1E-4BC8-901F-9B0260053FED}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{0E497E15-D9C7-43AC-A5CE-ACB2E2850D73}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A132B3D7-7F6C-4262-8E89-F92AAFCC795D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B66FEE2D-7F93-43A9-A438-8561B34A16C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1B124755-7F85-4323-BEC5-B9C349FE51D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{471833D2-FA9E-4284-9B45-C3BA00E31BE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{C75469AA-AB14-4D39-BA68-19B23E53D41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{F8AEF9BC-DC8C-4782-B892-F25D7777E8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{F228AB9F-5F06-439B-9691-76967DFF8DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{3FC43940-274C-4811-B504-7F23D2D10DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{C2E527C0-64ED-49D9-A414-B5F734D14F98}] => (Allow) LPort=3724
FirewallRules: [{2B9FE349-0B51-4C40-8236-17DDB5D93C9E}] => (Allow) LPort=1119
FirewallRules: [{FEFF21DA-9B4C-44CA-9F7C-496B2D2BF753}] => (Allow) LPort=6113
FirewallRules: [{2ED612BF-516E-4966-8D86-5DA79046B700}] => (Allow) LPort=80
FirewallRules: [{2EDBB731-9F13-49CF-86BB-86C859FE198B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D6C6A41A-59BC-46B6-9652-5CC90289A729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{8782F981-5FFC-43A6-A3C7-5A69D73903D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{30A9B2AB-F47C-4D4C-BBDE-CC9A167FB985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{7C7D9A33-48A1-412B-A1DA-20B5EC467153}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{FB3BE3B4-F2CF-47A3-B98E-B4FFD8E508B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{13A9E6F2-4A3B-435A-A238-72B9307FBA7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{E48C90B2-CA5A-4FE7-9CEF-8249937F5A56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{C0E10227-8871-4BD3-98D7-61B8CC09CBF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{2AC9453E-C215-409C-816F-FD6300B8C9DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{D4464948-89FE-47E7-9314-75BE86BCECF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{4F4F76B1-B518-43D5-A1DF-B4D6D5425C59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
==================== Wiederherstellungspunkte =========================
10-10-2016 15:27:00 Geplanter Prüfpunkt
18-10-2016 14:05:42 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/18/2016 02:07:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (10/15/2016 04:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.22.49, Zeitstempel: 0x57e1645d
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.22.49, Zeitstempel: 0x57e1645d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007bbf0
ID des fehlerhaften Prozesses: 0x1b8c
Startzeit der fehlerhaften Anwendung: 0x01d226f361478945
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Antivirus\avscan.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Avira\Antivirus\avscan.exe
Berichtskennung: 0ce1f2f8-6bf8-4edc-b097-d8a29219345f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/10/2016 03:27:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (10/08/2016 10:05:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2404
Startzeit: 01d2213ab10e581e
Beendigungszeit: 1
Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: f37c5c85-8d2d-11e6-8e41-408d5cba5f15
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (10/06/2016 10:26:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-R6RHFP9)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/06/2016 10:26:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-R6RHFP9)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/06/2016 08:42:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.64.13.14, Zeitstempel: 0x57f55f04
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.64.13.14, Zeitstempel: 0x57f55f04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000379e9
ID des fehlerhaften Prozesses: 0x29c4
Startzeit der fehlerhaften Anwendung: 0x01d21fb50de7c109
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: a7884cf5-ef6b-428b-9c3a-e205dac62493
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/04/2016 12:55:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-R6RHFP9)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/04/2016 12:55:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-R6RHFP9)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/04/2016 12:55:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-R6RHFP9)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (10/19/2016 01:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/19/2016 01:14:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Error: (10/19/2016 10:40:07 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/19/2016 09:58:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/19/2016 09:58:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Error: (10/19/2016 09:57:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/19/2016 09:57:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Error: (10/19/2016 09:54:00 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/18/2016 07:23:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/18/2016 07:23:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
CodeIntegrity:
===================================
Date: 2016-10-19 17:27:12.452
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 17:27:06.312
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-19 17:26:56.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-19 17:26:55.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-19 16:57:12.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 16:42:12.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 16:18:59.410
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 16:11:53.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 15:57:12.366
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2016-10-19 15:42:12.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8125.68 MB
Verfügbarer physikalischer RAM: 5153.95 MB
Summe virtueller Speicher: 10105.67 MB
Verfügbarer virtueller Speicher: 5632.36 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:2047.51 GB) (Free:1068.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 4F053083)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=2047.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
20.10.2016, 14:51
| #5 |
| /// TB-Ausbilder | Rootkit und vermutlich Trojaner Logdateien sehen gut aus. Du hast immer noch Avira und Emsisoft parallel installiert, wovon ich dir bereits abgeraten habe.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Rootkit und vermutlich Trojaner |
| anti, appdata, code, csrss.exe, defender, driver, handy, harddisk, problem, registry, rootkit, scan, secure, security, services, setup, software, spoolsv.exe, start, svchost.exe, system, system32, temp, trojaner, uplay, windowsapps, wmi |
Linear-Darstellung
