Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win-Defender SubTab!blnk

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.11.2016, 17:43   #1
CommissarRaz
 
Win-Defender SubTab!blnk - Standard

Win-Defender SubTab!blnk



Das ganze scheint hier ja gerade umzugehen, deshalb werde ich das hier jetzt als Generalüberprüfung sehen. Wichtig ist noch zu erwähnen dass es anfieng, nachdem ich "the stanley parable" nach langer zeit wieder einmal startete. Avast und Malwarebytes finden weder bei breiter suche, noch bei durchsuchung des Ordners etwas, Win-defender kann es anscheinen nicht richtig löschen

Farbar Scan hier, screenshot angehängt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
durchgeführt von Raziel (Administrator) auf RAZIEL-PC (06-11-2016 17:36:41)
Gestartet von C:\Users\Raziel\Desktop
Geladene Profile: Raziel (Verfügbare Profile: Raziel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Raziel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) D:\Smite\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) D:\Games\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Raziel\AppData\Roaming\Spotify\SpotifyCrashService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Spotify Ltd) C:\Users\Raziel\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Raziel\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Raziel\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\Run: [Spotify Web Helper] => C:\Users\Raziel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-10-27] (Spotify Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-09] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 78.42.43.41 82.212.62.41
Tcpip\..\Interfaces\{C37EB25B-1D7C-42F3-959E-3C631E35FF7B}: [DhcpNameServer] 192.168.2.250
Tcpip\..\Interfaces\{D5F0C119-93DB-4E24-A038-00C7712692B6}: [DhcpNameServer] 78.42.43.41 82.212.62.41

Internet Explorer:
==================
HKU\S-1-5-21-2111743-707936688-3786592067-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2111743-707936688-3786592067-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2111743-707936688-3786592067-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com/
HKU\S-1-5-21-2111743-707936688-3786592067-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
SearchScopes: HKLM -> {CCD04615-1444-4DC5-832E-3540A92472C1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {CCD04615-1444-4DC5-832E-3540A92472C1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2111743-707936688-3786592067-1000 -> {CCD04615-1444-4DC5-832E-3540A92472C1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-14] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

FireFox:
========
FF DefaultProfile: easkikmv.default-1419898908165
FF ProfilePath: C:\Users\Raziel\AppData\Roaming\Mozilla\Firefox\Profiles\easkikmv.default-1419898908165 [2016-11-06]
FF Extension: (Firefox Hotfix) - C:\Users\Raziel\AppData\Roaming\Mozilla\Firefox\Profiles\easkikmv.default-1419898908165\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-03]
FF Extension: (NoScript) - C:\Users\Raziel\AppData\Roaming\Mozilla\Firefox\Profiles\easkikmv.default-1419898908165\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-26] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-11] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
U2 HiPatchService; D:\Smite\HiPatchService.exe [9728 2016-07-12] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-26] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2016-03-06] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 SaiDOutput; "C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [303616 2016-06-05] () [Datei ist nicht signiert]
S3 ebdrv; C:\windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation)
S3 iaStorS; C:\windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation)
S3 igfx; C:\windows\System32\DRIVERS\igdkmd64.sys [4221440 2014-01-22] (Intel Corporation) [Datei ist nicht signiert]
S2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [35328 2016-06-05] () [Datei ist nicht signiert]
R3 MEIx64; C:\windows\system32\drivers\TeeDriverx64.sys [99288 2014-02-26] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 PciIsaSerial; C:\windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] ()
S3 PciSPorts; C:\windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] ()
R3 SaiMini; C:\windows\System32\DRIVERS\SaiMini.sys [23968 2015-11-06] (Saitek)
R3 SaiNtBus; C:\windows\System32\drivers\SaiBus.sys [51616 2015-11-06] (Saitek)
R3 VUSB3HUB; C:\windows\system32\drivers\ViaHub3.sys [225792 2013-12-11] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
R3 xhcdrv; C:\windows\system32\drivers\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 SaiK0762; system32\DRIVERS\SaiK0762.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-06 17:36 - 2016-11-06 17:36 - 00015949 _____ C:\Users\Raziel\Desktop\FRST.txt
2016-11-06 17:36 - 2016-11-06 17:36 - 00000000 ____D C:\FRST
2016-11-06 17:35 - 2016-11-06 17:35 - 02410496 _____ (Farbar) C:\Users\Raziel\Desktop\FRST64.exe
2016-11-06 17:32 - 2016-11-06 17:32 - 00003325 _____ C:\Users\Raziel\AppData\Local\recently-used.xbel
2016-11-06 17:25 - 2016-11-06 17:26 - 00000000 ____D C:\AdwCleaner
2016-11-06 17:25 - 2016-11-06 17:25 - 03910208 _____ C:\Users\Raziel\Desktop\AdwCleaner_6.030.exe
2016-11-01 13:49 - 2016-11-01 15:13 - 00000000 ____D C:\Users\Public\Documents\stalker-shoc
2016-10-29 14:56 - 2016-10-29 14:56 - 00000000 ____D C:\Users\Raziel\AppData\Roaming\ModLauncherWPF
2016-10-28 22:11 - 2016-10-28 22:11 - 00000000 ____D C:\Users\Raziel\AppData\Roaming\Stencyl
2016-10-23 16:27 - 2016-10-23 16:27 - 00000000 ____D C:\Users\Raziel\Desktop\Screenshots, pics und so
2016-10-21 12:08 - 2016-10-21 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-12 18:19 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-10-12 18:19 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-10-12 18:19 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-10-12 18:19 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-10-12 18:19 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-10-12 18:19 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-10-12 18:19 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-10-12 18:19 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-10-12 18:19 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-10-12 18:19 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-10-12 18:19 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-10-12 18:19 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-10-12 18:19 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-10-12 18:19 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-10-12 18:19 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-10-12 18:19 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-10-12 18:19 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-10-12 18:19 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-10-12 18:19 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-10-12 18:19 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-10-12 18:19 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-10-12 18:19 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-10-12 18:19 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-10-12 18:19 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-10-12 18:19 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 18:19 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-10-12 18:19 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-10-12 18:19 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-10-12 18:19 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-10-12 18:19 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-10-12 18:19 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-10-12 18:19 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-10-12 18:19 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-10-12 18:19 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-10-12 18:19 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-10-12 18:19 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-10-12 18:19 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-10-12 18:19 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-10-12 18:19 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-10-12 18:19 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-10-12 18:19 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-10-12 18:19 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-10-12 18:19 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-10-12 18:19 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-10-12 18:19 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-10-12 18:19 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-10-12 18:19 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-10-12 18:19 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-10-12 18:19 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-10-12 18:19 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-10-12 18:19 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-10-12 18:19 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-10-12 18:19 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-12 18:19 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-10-12 18:19 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-10-12 18:19 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-10-12 18:19 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-10-12 18:19 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-10-12 18:19 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-10-12 18:19 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-10-12 18:19 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-10-12 18:19 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-10-12 18:19 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-10-12 18:19 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-10-12 18:19 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-10-12 18:19 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-10-12 18:19 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-10-12 18:19 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-10-12 18:19 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-10-12 18:19 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-10-12 18:19 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2016-10-12 18:19 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-10-12 18:19 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2016-10-12 18:19 - 2016-09-12 22:17 - 00077032 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-10-12 18:19 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-10-12 18:19 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-10-12 18:19 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 01226752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-10-12 18:19 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-10-12 18:19 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-10-12 18:19 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-10-12 18:19 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-10-12 18:19 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-10-12 18:19 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-10-12 18:19 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-10-12 18:19 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-10-12 18:19 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-10-12 18:19 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-10-12 18:19 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-10-12 18:19 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-10-12 18:19 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-10-12 18:19 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-10-12 18:19 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2016-10-12 18:19 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-10-12 18:19 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-10-12 18:19 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-10-12 18:19 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-10-12 18:19 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-10-12 18:19 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-10-12 18:19 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-10-12 18:19 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-10-12 18:19 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-10-12 18:19 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-10-12 18:19 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-10-12 18:19 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-10-12 18:19 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-10-12 18:19 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-10-12 18:19 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-10-12 18:19 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-10-12 18:19 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 01629184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00586752 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00273408 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-10-12 18:19 - 2016-09-09 16:54 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-10-12 18:19 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-10-12 18:19 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-10-12 18:19 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-10-12 18:19 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-10-12 18:19 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-10-12 18:19 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2016-10-12 18:19 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-10-12 18:19 - 2016-08-29 16:31 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-10-12 18:19 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-10-12 18:19 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-10-12 18:19 - 2016-08-29 16:12 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-10-12 18:19 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-10-12 18:19 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-10-12 18:19 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-10-12 18:19 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2016-10-12 18:19 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2016-10-12 18:19 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-10-12 18:19 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-10-12 18:19 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-10-12 18:19 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-10-12 18:19 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-10-12 18:19 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-10-12 18:19 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-10-12 18:19 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-10-12 18:19 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-10-12 18:19 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-10-12 18:19 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\WsmRes.dll
2016-10-12 18:19 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll
2016-10-12 18:19 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-10-12 18:19 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 18:19 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-10-12 18:19 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-10-12 18:19 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmRes.dll
2016-10-12 18:19 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-10-12 18:19 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wsmprovhost.exe
2016-10-12 18:19 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 18:19 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmprovhost.exe
2016-10-12 18:19 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmplpxy.dll
2016-10-12 18:19 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2016-10-12 18:19 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2016-10-12 18:19 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-10-12 18:19 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2016-10-12 18:19 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-10-12 18:19 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2016-10-12 18:19 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2016-10-12 18:19 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-10-12 18:19 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2016-10-12 18:19 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-10-12 18:19 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-10-12 18:19 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-10-12 18:19 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-10-12 18:19 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2016-10-12 18:19 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-06 17:33 - 2016-01-16 19:22 - 00000000 ____D C:\Users\Raziel\.gimp-2.8
2016-11-06 17:32 - 2016-01-16 19:28 - 00000000 ____D C:\Users\Raziel\AppData\Local\gtk-2.0
2016-11-06 17:22 - 2014-07-03 19:42 - 00000000 ____D C:\Users\Raziel\AppData\Roaming\TS3Client
2016-11-06 17:21 - 2016-04-19 20:38 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-06 17:17 - 2016-09-08 18:57 - 00000000 ____D C:\Users\Raziel\AppData\Roaming\Spotify
2016-11-06 17:07 - 2016-09-08 18:57 - 00000000 ____D C:\Users\Raziel\AppData\Local\Spotify
2016-11-06 17:03 - 2014-07-08 16:57 - 00000000 ____D C:\Users\Raziel\AppData\Local\CrashDumps
2016-11-06 16:46 - 2014-04-08 12:44 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-11-06 14:15 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-06 14:15 - 2009-07-14 05:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-06 14:13 - 2011-04-12 08:43 - 00700146 _____ C:\windows\system32\perfh007.dat
2016-11-06 14:13 - 2011-04-12 08:43 - 00149784 _____ C:\windows\system32\perfc007.dat
2016-11-06 14:13 - 2009-07-14 06:13 - 01622778 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-06 14:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-11-06 14:07 - 2014-04-09 11:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-06 14:07 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-11-06 14:07 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-02 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2016-10-31 21:01 - 2015-10-13 19:20 - 00000000 ____D C:\Users\Raziel\AppData\Local\Frontier_Developments
2016-10-30 17:03 - 2015-10-18 10:23 - 00001780 _____ C:\Users\Raziel\Desktop\Elite Systeme.txt
2016-10-30 00:16 - 2014-07-03 19:26 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-10-29 14:57 - 2015-01-10 01:00 - 00000000 ____D C:\Users\Raziel\AppData\Roaming\FiraxisLive
2016-10-29 14:57 - 2014-07-04 15:30 - 00000000 ____D C:\Users\Raziel\Documents\My Games
2016-10-29 12:25 - 2015-05-08 12:32 - 00000000 ____D C:\Users\Raziel\AppData\Local\Arma 3 Launcher
2016-10-29 12:17 - 2014-10-25 16:39 - 00000000 ____D C:\Users\Raziel\AppData\Local\Arma 3
2016-10-28 21:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-26 20:46 - 2014-04-08 12:44 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-10-26 20:46 - 2014-04-08 12:44 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-26 20:46 - 2014-04-08 12:44 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-10-26 20:46 - 2014-04-08 12:44 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-10-26 20:46 - 2014-04-08 12:44 - 00000000 ____D C:\windows\system32\Macromed
2016-10-26 19:09 - 2014-10-16 16:17 - 00000000 ____D C:\Users\Raziel\AppData\Local\Battle.net
2016-10-26 16:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-10-23 18:05 - 2014-09-25 20:44 - 00000000 ____D C:\Users\Raziel\AppData\Local\Warframe
2016-10-21 21:12 - 2014-07-03 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-18 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2016-10-13 17:00 - 2009-07-14 05:45 - 00294640 _____ C:\windows\system32\FNTCACHE.DAT
2016-10-13 16:58 - 2014-12-12 13:15 - 00000000 ____D C:\windows\system32\appraiser
2016-10-13 16:58 - 2014-07-05 12:07 - 00000000 ___SD C:\windows\system32\CompatTel
2016-10-13 16:58 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2016-10-13 16:58 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Dism
2016-10-09 01:31 - 2014-10-11 16:59 - 00007594 _____ C:\Users\Raziel\AppData\Local\Resmon.ResmonCfg
2016-10-07 22:02 - 2014-10-16 16:28 - 00000000 ____D C:\Program Files (x86)\Hearthstone

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-22 14:45 - 2015-02-22 14:45 - 0003584 _____ () C:\Users\Raziel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-06 17:32 - 2016-11-06 17:32 - 0003325 _____ () C:\Users\Raziel\AppData\Local\recently-used.xbel
2014-10-11 16:59 - 2016-10-09 01:31 - 0007594 _____ () C:\Users\Raziel\AppData\Local\Resmon.ResmonCfg
2014-04-08 13:13 - 2014-04-08 13:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\iml.xml
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\winiml.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\winiml.dat


Einige Dateien in TEMP:
====================
C:\Users\Raziel\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Raziel\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Raziel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Raziel\AppData\Local\Temp\nvStInst.exe
C:\Users\Raziel\AppData\Local\Temp\Quarantine.exe
C:\Users\Raziel\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-28 21:02

==================== Ende von FRST.txt ============================
         

Alt 06.11.2016, 17:44   #2
CommissarRaz
 
Win-Defender SubTab!blnk - Standard

Win-Defender SubTab!blnk



Und additional.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von Raziel (06-11-2016 17:36:55)
Gestartet von C:\Users\Raziel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-03 18:01:48)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2111743-707936688-3786592067-500 - Administrator - Disabled)
Gast (S-1-5-21-2111743-707936688-3786592067-501 - Limited - Disabled)
Raziel (S-1-5-21-2111743-707936688-3786592067-1000 - Administrator - Enabled) => C:\Users\Raziel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Games)
Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Games) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version:  - Ubisoft)
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version:  - )
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed II (HKLM\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Atlantic Fleet (HKLM\...\Steam App 420440) (Version:  - Killerfish Games)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version:  - Beamdog)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefleet Gothic: Armada (CTT) (HKLM-x32\...\Steam App 317000) (Version:  - )
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Blood Bowl Legendary Edition Version 2.0.0.0 (HKLM-x32\...\BloodBowlLegendary_is1) (Version: 2.0.0.0 - Cyanide Entertainment)
Blood Omen 2: Legacy of Kain (HKLM-x32\...\Steam App 242960) (Version:  - )
Breach & Clear (HKLM-x32\...\Steam App 266130) (Version:  - Mighty Rabbit Studios)
Breath of Death VII  (HKLM-x32\...\Steam App 107300) (Version:  - Zeboyd Games)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version:  - Double Fine Productions)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Command: Northern Inferno (HKLM\...\Steam App 397180) (Version:  - WarfareSims)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
Darkest Hour: A Hearts of Iron Game (HKLM-x32\...\Steam App 73170) (Version:  - Martin Ivanov)
DEFCON Demo (HKLM\...\Steam App 1522) (Version:  - Introversion Software)
Deponia - The Complete Journey (HKLM-x32\...\Deponia The Complete Journey) (Version: 3.2 - Daedalic Entertainment)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version:  - Ion Storm)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Door Kickers (HKLM-x32\...\Steam App 248610) (Version:  - KillHouse Games)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version:  - Frontier Developments)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Europa Universalis IV (HKLM\...\Steam App 236850) (Version:  - Paradox Development Studio)
Evochron Mercenary (HKLM-x32\...\Steam App 71000) (Version:  - StarWraith 3D Games LLC)
Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version:  - Black Isle Studios)
Flashpoint Campaigns: Red Storm (HKLM-x32\...\Steam App 330720) (Version:  - On Target Simulations)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Guns of Icarus Online (HKLM\...\Steam App 209080) (Version:  - Muse Games)
Hacknet (HKLM-x32\...\Steam App 365450) (Version:  - Team Fractal Alligator)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Update (HKLM-x32\...\Steam App 290930) (Version:  - Filip Victor)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studio)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM-x32\...\Steam App 274170) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number Digital Comic (HKLM-x32\...\Steam App 341190) (Version:  - Dennaton Games)
In Verbis Virtus (HKLM\...\Steam App 242840) (Version:  - Indomitus Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version:  - Behold Studios)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy of Kain: Defiance (HKLM-x32\...\Steam App 224300) (Version:  - Crystal Dynamics)
Legacy of Kain: Soul Reaver (HKLM-x32\...\Steam App 224920) (Version:  - Crystal Dynamics)
Legacy of Kain: Soul Reaver 2 (HKLM-x32\...\Steam App 224940) (Version:  - Crystal Dynamics)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metro 2033 Redux (HKLM-x32\...\Steam App 286690) (Version:  - 4A GAMES)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monkey Island™ Special Edition Collection (HKLM-x32\...\MISEC) (Version: 1.0.0.0 - LucasArts)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Out There Somewhere (HKLM-x32\...\Steam App 263980) (Version:  - MiniBoss)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Poker Night 2 (HKLM\...\Steam App 234710) (Version:  - Telltale Games)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Rogue Legacy (HKLM\...\Steam App 241600) (Version:  - Cellar Door Games)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
S.T.A.L.K.E.R.: Call of Pripyat (HKLM\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM\...\Steam App 4500) (Version:  - GSC Game World)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - EA - Maxis)
Sins of a Solar Empire®: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Slavistan (HKLM\...\Steam App 504770) (Version:  - Free Candy Games)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.11.2894.0 - Hi-Rez Studios)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
Spotify (HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\Spotify) (Version: 1.0.41.375.g040056ca - Spotify AB)
Star Ruler 2 (HKLM-x32\...\Steam App 282590) (Version:  - Blind Mind Studios)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - Born Ready Games Ltd.)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Supreme Ruler Cold War (HKLM-x32\...\Steam App 73220) (Version:  - BattleGoat Studios)
Tales of Maj'Eyal (HKLM-x32\...\Steam App 259680) (Version:  - DarkGod)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
Titan Quest Anniversary Edition (HKLM\...\Steam App 475150) (Version:  - Iron Lore Entertainment)
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell (HKLM-x32\...\Steam App 13560) (Version:  - Ubisoft)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
Verdun (HKLM-x32\...\Steam App 242860) (Version:  - M2H)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Victoria II (HKLM-x32\...\Steam App 42960) (Version:  - Paradox Development Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Wargame: Red Dragon (HKLM\...\Steam App 251060) (Version:  - Eugen Systems)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer 40,000: Dawn of War – Dark Crusade (HKLM-x32\...\Steam App 4580) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Winter Assault (HKLM-x32\...\Steam App 9310) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
World of Warships (HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XCOM 2 (HKLM\...\Steam App 268500) (Version:  - Firaxis)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {4BB7C3C7-3811-41E8-9C1B-19AA243B8BE1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {837A34C2-8D09-44DF-93A1-B178EF83F2E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26] (Adobe Systems Incorporated)
Task: {A24ED587-1656-43C4-B988-9D79B973849E} - System32\Tasks\SafeZone scheduled Autoupdate 1458732395 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {CF620CA0-21E7-46A7-8F8A-0E45CEC0D95F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D2876621-A035-45BD-BFF9-4FF82F126DD5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-09 11:23 - 2016-06-29 19:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-25 16:18 - 2016-06-14 21:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-08 21:00 - 2016-06-14 21:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-25 16:18 - 2016-06-14 21:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-12-17 21:14 - 2016-06-14 21:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-09-08 12:40 - 2016-03-06 19:34 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2016-04-08 21:00 - 2016-06-14 21:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-08 21:00 - 2016-06-14 21:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-08 21:00 - 2016-06-14 21:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-15 16:49 - 2016-06-14 21:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-08 21:00 - 2016-06-14 21:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-08 21:00 - 2016-06-14 21:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2014-02-28 10:14 - 2016-07-18 20:03 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-06-20 08:48 - 2016-07-18 20:03 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-06-20 08:49 - 2016-07-18 20:03 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-06-20 08:54 - 2016-07-18 20:03 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-20 08:55 - 2016-07-18 20:03 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-05-09 12:14 - 2016-05-09 12:14 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 12:14 - 2016-05-09 12:14 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-04 21:07 - 2016-11-04 21:07 - 03127760 _____ () C:\Program Files\AVAST Software\Avast\defs\16110401\algo.dll
2016-05-09 12:14 - 2016-05-09 12:14 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-11-06 14:07 - 2016-11-06 14:07 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16110600\algo.dll
2016-05-09 12:14 - 2016-05-09 12:14 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-04-07 21:55 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-05 21:04 - 2015-12-05 21:04 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-08 13:07 - 2014-02-26 08:59 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-25 21:42 - 2016-09-08 04:14 - 00784672 _____ () D:\Games\Steam\SDL2.dll
2015-12-25 21:42 - 2016-09-01 02:02 - 04969248 _____ () D:\Games\Steam\v8.dll
2015-12-25 21:42 - 2016-09-01 02:02 - 01563936 _____ () D:\Games\Steam\icui18n.dll
2015-12-25 21:42 - 2016-09-01 02:02 - 01195296 _____ () D:\Games\Steam\icuuc.dll
2015-12-25 21:42 - 2016-10-13 02:58 - 02321696 _____ () D:\Games\Steam\video.dll
2015-12-25 21:42 - 2016-01-27 08:49 - 02549760 _____ () D:\Games\Steam\libavcodec-56.dll
2015-12-25 21:42 - 2016-01-27 08:49 - 00442880 _____ () D:\Games\Steam\libavutil-54.dll
2015-12-25 21:42 - 2016-01-27 08:49 - 00491008 _____ () D:\Games\Steam\libavformat-56.dll
2015-12-25 21:42 - 2016-01-27 08:49 - 00332800 _____ () D:\Games\Steam\libavresample-2.dll
2015-12-25 21:42 - 2016-01-27 08:49 - 00485888 _____ () D:\Games\Steam\libswscale-3.dll
2015-12-25 21:42 - 2016-10-13 02:58 - 00836896 _____ () D:\Games\Steam\bin\chromehtml.DLL
2016-03-09 14:23 - 2016-07-04 23:17 - 00266560 _____ () D:\Games\Steam\openvr_api.dll
2016-10-14 12:20 - 2016-08-04 21:56 - 49825056 _____ () D:\Games\Steam\bin\cef\cef.winxp\libcef.dll
2015-12-25 21:42 - 2015-09-25 00:52 - 00119208 _____ () D:\Games\Steam\winh264.dll
2016-09-08 18:57 - 2016-10-27 17:19 - 51889264 _____ () C:\Users\Raziel\AppData\Roaming\Spotify\libcef.dll
2016-09-08 18:57 - 2016-10-27 17:19 - 01803888 _____ () C:\Users\Raziel\AppData\Roaming\Spotify\libglesv2.dll
2016-09-08 18:57 - 2016-10-27 17:19 - 00086128 _____ () C:\Users\Raziel\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Raziel:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2111743-707936688-3786592067-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-01-01 16:38 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2111743-707936688-3786592067-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Raziel\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 78.42.43.41 - 82.212.62.41
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IML.lnk => C:\windows\pss\IML.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IML64.lnk => C:\windows\pss\IML64.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Raziel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IML.lnk => C:\windows\pss\IML.lnk.Startup

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D5F18DC5-F4F6-4925-8C0F-0599D18E0E01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E9F6BC7E-AC5D-4193-AF41-C16F1149E4EF}] => (Allow) LPort=2869
FirewallRules: [{28276C3C-9BD1-4DDF-B158-0FC63328C937}] => (Allow) LPort=1900
FirewallRules: [{656DA6E0-A2F6-49C6-9AE4-8080E8AC5F7C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{517ECF2F-D3AF-4007-9F0B-F8D6F25FA3C4}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F80CBF0F-A6D1-48AB-A053-611DDF1E912D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E400A382-152B-4482-99A2-FD723AFC57F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7DF318A6-BBFF-4871-84FC-396F09328DF8}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{F4304772-49BF-4661-AD70-B13C1EC8E685}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{19078A15-3B8B-4D2D-A2E6-362E6B0A89D4}] => (Allow) D:\Games\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{E858B942-2371-4608-A251-A60590647E7A}] => (Allow) D:\Games\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{C0E16639-375E-4052-9ACA-252791E337BD}] => (Allow) D:\Games\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F8A68A8E-A499-4A7A-80C9-3D576DD957ED}] => (Allow) D:\Games\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{1AE4FA29-22FF-4EA5-9749-AD5ACC27B257}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CB3F2A70-37BD-4900-BE03-A3680C0ABE20}] => (Allow) D:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{1BF21A0C-30CB-4D3E-8085-7A83B3EF81F3}] => (Allow) D:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{1510C2CB-B27C-447A-85A7-5603947AA806}] => (Allow) D:\Games\Steam\SteamApps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{72F3B730-2D9C-42D7-BE02-910EB9F3F87B}] => (Allow) D:\Games\Steam\SteamApps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{9BD76CC4-02B1-4A6B-9C49-6731E2661C59}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30908DBC-5FF8-4006-86DC-BC384117FC5E}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2F13DAF2-A2C3-4AA0-8C93-01BE81197133}] => (Allow) D:\Games\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [{30A04DBA-9A94-40E9-8F5D-3BC8633663AD}] => (Allow) D:\Games\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [{EFBD7101-ACFE-41B3-9DB3-6140CA3D0A9D}] => (Allow) D:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6A688C63-C48A-47D6-9453-E6A936C21C55}] => (Allow) D:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F9B30A72-B891-4BBB-BB05-97A1C3FCC059}] => (Allow) D:\Games\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{06687F29-2C0B-4136-A03A-B8B7CC4591BA}] => (Allow) D:\Games\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{3CCE5062-38F3-468D-9490-5685B164628B}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A4686B00-FAD3-4EB6-B205-882810E10F15}] => (Allow) D:\Games\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{16D4BD73-9136-4EA7-819D-691924AC29F9}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{863AD0EB-6BC1-4251-B0F9-2EDADC5D3723}] => (Allow) D:\Games\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5AF25A6B-14F0-4090-A43A-8155C756BEF6}] => (Allow) D:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{5174296B-5102-41F7-BA70-A6B9AAFC8536}] => (Allow) D:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{FF8F3D8A-FC17-4F06-AEDA-0E3C968FF685}] => (Allow) D:\Games\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{58A1AA28-0183-410A-81FF-AB4E35314A35}] => (Allow) D:\Games\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{5382D7EA-693C-4296-AD6F-DA9D38FE5F0C}] => (Allow) D:\Games\Steam\SteamApps\common\Evochron Mercenary\EvochronMercenary.exe
FirewallRules: [{E97EF391-0555-4E67-90F6-7611987AF1BF}] => (Allow) D:\Games\Steam\SteamApps\common\Evochron Mercenary\EvochronMercenary.exe
FirewallRules: [{16070EBC-8BCC-4F87-8684-FA43344862F8}] => (Allow) D:\Games\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{26E671A1-53B8-41B8-B63A-C1824D272201}] => (Allow) D:\Games\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{C0630E02-E676-4BE8-8675-A1FE97C6DE6F}] => (Allow) D:\Games\Steam\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{05FA462A-95E4-4CBB-BA27-A0F8C4D1F848}] => (Allow) D:\Games\Steam\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{859A8BE4-2D29-47F9-A311-082804DA427F}] => (Allow) D:\Games\Steam\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{0EFC4F3D-C01D-4670-9D42-8BDE34D46B1C}] => (Allow) D:\Games\Steam\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{91DA75E9-EC38-4EDD-B75E-B73235C4E856}] => (Allow) D:\Games\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{9E7B1308-1CBC-48E4-802B-3004D49A643F}] => (Allow) D:\Games\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{ED54FBFE-7B23-4A28-933B-CDD5E5D7D8FA}] => (Allow) D:\Games\Steam\SteamApps\common\legacy_kain_defiance\defiance.exe
FirewallRules: [{7DEE1F74-5E95-4E45-9575-DBE9A59824D9}] => (Allow) D:\Games\Steam\SteamApps\common\legacy_kain_defiance\defiance.exe
FirewallRules: [{98CA075D-EC21-47F5-8D77-3119C30511A6}] => (Allow) D:\Games\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{358C9280-AD78-47CF-B8D5-2DBEFC582149}] => (Allow) D:\Games\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [TCP Query User{55A82693-3733-49B3-AE52-B39C5C06A9A9}D:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{DAC90B14-05C8-4450-85D1-6ABF170D56EF}D:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{E135014E-D63D-4672-AD7C-1EAF72126D31}] => (Allow) D:\Games\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{8418B445-7BC1-4860-9DC6-D5DAB4D2B136}] => (Allow) D:\Games\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [TCP Query User{D198C115-71FF-44F7-A967-9D1B798F5737}D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{01812886-1B38-4080-BCC7-E9F3AA8DBF35}D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{AB7F3723-5507-4AE0-9DC7-BC570DE9CF4A}] => (Allow) D:\Games\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{2A9C9E24-FB86-4ADD-8818-F2C1C29E38F8}] => (Allow) D:\Games\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [TCP Query User{F804529B-CD39-4FFD-A2F6-2A7E1648DB10}D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{A00C3A40-46C5-4A7A-B728-9634BE1B4C30}D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\games\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{A3892FAE-C34D-4426-99F4-2C7AA210718E}D:\games\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\games\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{908CAC56-E6F6-4AEA-8AC0-DE16786AB1A1}D:\games\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\games\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{79F84292-C185-40C8-8B54-745158916C62}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{1A63275F-851A-48BD-ADFD-0563DF3E3075}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{E22A1358-E95B-4050-B141-2BB9214F8E9C}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{E68DE806-D691-4F66-ABF3-CAA46FCE1833}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{A6E565FE-F7EB-4FA9-8277-4E95B831E5FF}] => (Allow) D:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{53BBBAB5-662C-48A2-B79A-46E3BAE13E30}] => (Allow) D:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{4573EDF8-C5D1-4A4B-A463-EBCBFC3E9749}] => (Allow) D:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8C4739D6-FFE2-4F6C-9018-3CE8879A37B9}] => (Allow) D:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{7038CC46-819B-435A-A526-3242CA5798C7}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E24F6B5-E2F4-4514-93DE-CBDE21FAE095}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{164FC838-DBE6-4078-8769-41676BD915C9}] => (Allow) D:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B5E047F8-82AF-40A0-BCB1-A1BD6339E795}] => (Allow) D:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{9E78B15B-3A42-47A9-8671-746314A8070F}D:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) D:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [UDP Query User{67940372-C635-4E59-8A2C-0AFD9880D5FA}D:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) D:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{326C8625-0681-46B7-8B90-089FE5376E32}] => (Allow) D:\Games\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{9B809320-5152-446A-A4C6-929AACBF638C}] => (Allow) D:\Games\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{9D9ED641-786E-4BC9-9A90-240F9001FDC2}] => (Allow) D:\Games\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{A525822C-055A-4687-A697-36C0F454DE2F}] => (Allow) D:\Games\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{2310ECDF-9C20-49E6-8AB9-6A977807C8C8}] => (Allow) D:\Games\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{8F721E7E-CF77-4DC4-89DE-C44EE52C0C75}] => (Allow) D:\Games\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{D70EA122-39F0-4523-B696-8CB96EE8E939}] => (Allow) D:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{D5B128FF-520C-476B-B5A0-BD318BAE3DB1}] => (Allow) D:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{282AFB16-A037-4DC3-AFE3-83E9A3CCBE43}] => (Allow) D:\Games\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{C61D20F6-9F46-43FD-8645-5FF0AAB59AF3}] => (Allow) D:\Games\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{DDD717EA-4AE9-44D7-BA07-8EBB38FA8F24}] => (Allow) D:\Games\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{6FAE84EB-80E1-4FD9-B827-B2EEFD357984}] => (Allow) D:\Games\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{91225396-1029-4466-978D-19DCD002CB1E}] => (Allow) D:\Games\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{D25AF1EA-E8AB-448A-B849-5EFAFBCC1EC4}] => (Allow) D:\Games\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{3A77A527-9E04-4C75-A248-819A834929C6}] => (Allow) D:\Games\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{CBE5699C-8DF7-4D16-89E1-02E607012B3B}] => (Allow) D:\Games\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{CBFFC6B4-DFA6-491F-854E-8225048E2D6F}] => (Allow) D:\Games\Steam\SteamApps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{522D6584-821E-4857-9D8F-58D608E82BBF}] => (Allow) D:\Games\Steam\SteamApps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{BA3629B0-E953-45F7-918A-D6A6E4A75B49}] => (Allow) D:\Games\Steam\SteamApps\common\Supreme Ruler Cold War\SupremeRulerCW.exe
FirewallRules: [{9A6019A3-14DA-4099-A309-D71F89747110}] => (Allow) D:\Games\Steam\SteamApps\common\Supreme Ruler Cold War\SupremeRulerCW.exe
FirewallRules: [{4C5A22CC-804D-4A09-9DF3-0A0BCA2BB1D6}] => (Allow) D:\Games\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{10978276-9B81-441F-8E6E-5258902FE1A8}] => (Allow) D:\Games\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{41B01CB9-CC4C-4C50-B448-731D5E38BF1D}] => (Allow) D:\Games\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [{F6BE5E7B-A7D8-449D-8972-463D4C4BB56E}] => (Allow) D:\Games\Steam\SteamApps\common\Morrowind\Morrowind Launcher.exe
FirewallRules: [TCP Query User{B6A8723E-68F4-4E7C-B17A-AB910861AFB4}D:\games\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) D:\games\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{023EC77A-00A0-44AA-BC22-319C3C4F5AE8}D:\games\steam\steamapps\common\total war rome ii\rome2.exe] => (Block) D:\games\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{5944C211-4BF7-4A61-8911-16DF86D348D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BDCDFD27-57CA-42D9-8F8A-BAEC10EFCBCB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7D4BFEE7-258E-4453-ADC5-9A8640AB2D87}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9DD29E8E-1651-4241-8865-7863808186D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5B3A4136-0059-4624-B7B8-DD3B3D077F2F}] => (Allow) D:\Games\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{C7E76F7C-9920-4A4D-8848-03BC0173303F}] => (Allow) D:\Games\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{80804876-FF30-403D-8BCC-1F942C186BD8}] => (Allow) D:\Games\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{A5F6A364-80FC-4A1A-82A1-2EDC72347F3F}] => (Allow) D:\Games\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{4212CB04-9381-4843-9024-0559F68AF2F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{CE4DF10B-5CE4-4ED5-9F04-D149F0FD042C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{BDD89CAA-EF5D-4181-BD3E-23B5713DE2B9}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{0B25ED71-472C-48F5-BF4D-54460BD2E2E1}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{1EC6EDD2-3D87-4657-B55B-A9BA27D97200}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5871E2B1-05BA-4E98-AF4D-C4EDF23FCB6A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{90B9160E-285A-4854-B0C9-D1B48105CF69}] => (Allow) D:\Games\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{4E668790-51F4-4D74-834E-28C7C50CC70C}] => (Allow) D:\Games\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{724F1257-FBB9-47A6-B202-C7EB020394C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{E811E35C-E64C-4D5E-84F2-2B183D8F6EF6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{9EB40F37-CD76-450E-B52D-A6B7F4210C13}] => (Allow) D:\Games\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{4F67A050-4092-496E-A486-983288F14394}] => (Allow) D:\Games\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{F3AE0F83-F365-4FBE-BCC1-D3BB2A52A9C7}] => (Allow) D:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{3D481ECA-438D-424A-BB69-73E0F04073F3}] => (Allow) D:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{CDC3ABB5-119D-47D6-BA87-7DF234FE8D74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{44715434-8C9D-4CF9-9016-D5AADCECEC38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{E61EB908-5949-4FC6-A60F-10EC6CED6FA6}] => (Allow) D:\Games\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{DDFA654B-EB8E-4A04-A083-9C8723EA3AD6}] => (Allow) D:\Games\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{A7F47E3A-568A-4D3F-93DE-5555A6A9D84C}] => (Allow) D:\Games\Steam\SteamApps\common\Flashpoint Campaigns Red Storm\autorun.exe
FirewallRules: [{06AC5A2F-4980-4D4E-A6E3-704B80516880}] => (Allow) D:\Games\Steam\SteamApps\common\Flashpoint Campaigns Red Storm\autorun.exe
FirewallRules: [{DE93578E-8101-476D-859A-60701A562C72}] => (Allow) D:\Games\Steam\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{A6429E5C-ACBD-47AD-A3FA-A58F4720A7A6}] => (Allow) D:\Games\Steam\SteamApps\common\BreachAndClear\bnc.exe
FirewallRules: [{DD3FF3EF-765F-4931-9311-E4B22F15E65D}] => (Allow) D:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
FirewallRules: [{FF3A4BB1-D481-4EB5-81E2-EEC675477AC0}] => (Allow) D:\Games\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
FirewallRules: [{842E65BB-7883-49A1-89B6-BE1C38761652}] => (Allow) D:\Games\Steam\SteamApps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe
FirewallRules: [{3D372EDB-DE81-4C99-83A9-1876D3165D79}] => (Allow) D:\Games\Steam\SteamApps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe
FirewallRules: [{B76AF24D-B8FF-4E9E-8984-61B309D2283F}] => (Allow) D:\Games\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{5E8E6392-757E-49E4-837D-041DF39F4EDF}] => (Allow) D:\Games\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{DF4A0B4A-E78A-4E30-859B-17E7D741AE1C}] => (Allow) D:\Games\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{FAD0A0C6-6F56-4168-9535-5EB6E5896D87}] => (Allow) D:\Games\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{6AFE2EFE-FED0-41AA-A8C5-46FA0345BF7E}] => (Allow) D:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{7A134E4A-2699-4E4C-B855-88B28BDBD3F8}] => (Allow) D:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{29815C95-6068-4178-AF3E-125055D7161A}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{25162F9B-F8D9-4FD2-8BE8-3ED73ED0D72E}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{D114E18A-B014-48AB-AA99-D537D3D5384B}] => (Allow) D:\Games\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{535AAA36-C39F-475E-ADB8-DD62CDAE9118}] => (Allow) D:\Games\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{2376BD97-780F-4484-B99B-4E394E8FFB8D}] => (Allow) D:\Games\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{33B16CA0-799C-49B2-B78F-57DBA35C39A2}] => (Allow) D:\Games\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{5A3B9901-87EE-4861-AF6A-300D102587FF}] => (Allow) D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{8002F188-90E2-414F-ACB0-689B5EF7C77D}] => (Allow) D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{286647BD-23D3-46D3-8F33-28E3F6FB9520}] => (Allow) D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{4AC8BED9-57D8-4D5E-9745-7BDBA1FB44EF}] => (Allow) D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{41E7A5DC-C41C-4D77-89A8-CB79BCC80DCD}] => (Allow) D:\Games\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{ED688A84-0DCD-4984-ACB9-298740D84E81}] => (Allow) D:\Games\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{FB2D8BA2-4C6F-4953-98EA-3FBFA2321DCF}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{8A71C145-681F-4D05-BB7C-FBBA894114A5}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{D5CA81BA-ACEA-45CB-B378-7D388A280D10}] => (Allow) D:\Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{AC94A296-8955-486A-9453-14AB9CB60A97}] => (Allow) D:\Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{F5F174A9-6A52-42AC-9921-626ACE42AA59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{311268E9-F4C5-4915-B2FF-526BF25EDFAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B29FA3B-67BB-410E-AC5C-F1AF59FCEDE7}] => (Allow) D:\Games\Steam\SteamApps\common\Splinter Cell\system\splintercell.exe
FirewallRules: [{ADFAA99D-3295-44D4-978B-41494A96A9E9}] => (Allow) D:\Games\Steam\SteamApps\common\Splinter Cell\system\splintercell.exe
FirewallRules: [{37FFEF4B-F069-4691-973E-44A7A7D88D44}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{B1E47824-E0D9-4721-AED8-91F3E0847174}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{38AEC141-B94A-44B7-A800-6592EEF90113}] => (Allow) D:\Games\Steam\SteamApps\common\Legacy of Kain Soul Reaver 2\sr2.exe
FirewallRules: [{E095CCA1-E92F-46D1-B31C-784CFDF2695F}] => (Allow) D:\Games\Steam\SteamApps\common\Legacy of Kain Soul Reaver 2\sr2.exe
FirewallRules: [{DFF9D3E9-B063-47F3-9E1A-E0CD803A6595}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{F56DAA3F-A512-4474-A467-605C6BBD6D06}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{71F62AA4-7F37-456B-BF5D-611B7A2E9485}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{5F955245-FEEC-4642-B4F6-AA917D07DBD9}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{0BB0C665-3F0E-4D3A-9A04-58F219EDE701}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Codename 47\Hitman.Exe
FirewallRules: [{154A097A-4916-45C6-992E-F04F9F9BDC95}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Codename 47\Hitman.Exe
FirewallRules: [{97A900AE-C2F0-449C-A21C-0B0632F31DDC}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Codename 47\Setup.exe
FirewallRules: [{8E5CEAB6-BA1E-4ACB-9877-66446828F071}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Codename 47\Setup.exe
FirewallRules: [{F000B8BD-ECA3-4B23-B8E3-322EDD0CCD3E}] => (Allow) D:\Games\Steam\SteamApps\common\Blood Omen 2 Legacy of Kain\bo2.exe
FirewallRules: [{072AE383-B565-47CC-9410-9E760ADD8861}] => (Allow) D:\Games\Steam\SteamApps\common\Blood Omen 2 Legacy of Kain\bo2.exe
FirewallRules: [{6AFABDC1-36E0-4D22-BB22-AA1D2DACA741}] => (Allow) D:\Games\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{055674F0-7EE8-4430-BE69-10DC7C8E08BF}] => (Allow) D:\Games\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{047FDC08-68B7-4F0C-820A-C061D008EFC6}] => (Allow) D:\Games\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{1DA45F8F-DEAF-4C72-9113-E014510CAF47}] => (Allow) D:\Games\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D8BBA519-DE9E-4174-8F10-89C92449B978}] => (Allow) D:\Games\Steam\SteamApps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{7AD78D9A-DCBE-4820-A718-46B381BF2938}] => (Allow) D:\Games\Steam\SteamApps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{FBF9B941-D72B-4FDC-879F-9D8E1013832B}] => (Allow) D:\Games\Steam\SteamApps\common\Breath of Death VII\BoDVIIPC.exe
FirewallRules: [{FA4B9C17-A70C-485B-A864-A4BAE2D02A94}] => (Allow) D:\Games\Steam\SteamApps\common\Breath of Death VII\BoDVIIPC.exe
FirewallRules: [{CBB59EAE-C205-4FC1-B78D-B6B0F82470E7}] => (Allow) D:\Games\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{02D73DAF-4B60-419C-A041-6B22D61411E3}] => (Allow) D:\Games\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{CE47323D-E375-465D-8A4C-6B0C0E3763D9}] => (Allow) D:\Games\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{F96810B5-8E6B-493D-BC69-E87D2FD5D575}] => (Allow) D:\Games\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{132C9DC3-76CD-46FF-A4B5-98B3C6EDF266}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{DC43C7C6-D58F-474F-9BC0-7275CFD477F1}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{F10FB1F1-3772-4DA3-9BC4-F0ECFC2C3B32}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{A1FFDFDA-C304-4432-BF61-01849D87B971}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{724FE22F-B515-4B4F-9CBE-3C580AD43DDC}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{BD6C7B9D-8229-4BC2-8437-580CC77E17FB}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Gold\W40kWA.exe
FirewallRules: [{26FC54B1-386E-47DC-B2A4-72293CC3BE13}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{A80CDCE7-D09E-4B72-A4A8-D4B29F24ACB3}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{FF400654-62D4-4BBF-A6A4-768426DE23C6}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{69DBE17F-6FBB-482D-887E-0E5FC8E3B449}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Gold\W40k.exe
FirewallRules: [{3460FBF7-76CA-4BAB-AF1A-5CEC55F29592}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{DD100903-1484-4E2F-B630-D6B886D94BE8}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War Dark Crusade\darkcrusade.exe
FirewallRules: [{399DC3FF-991B-451D-AF0A-A0BDEF54349E}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Update\hl2.exe
FirewallRules: [{94CF006A-5F2C-431D-BED8-C6AA7D1ABED4}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Update\hl2.exe
FirewallRules: [{4689F990-EE83-4F84-8FB3-0242AB4F3623}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{B9D9737E-ACA1-4A51-B3EA-93E49A8BD29A}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{C578C8E9-AAFE-44AC-9718-B3D2DCD7BF5C}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{19DB2E7D-5213-45E2-BC25-48D213DD828E}] => (Allow) D:\Games\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{3E476E5C-4691-48A8-821C-BBD505B6811A}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{15B66ADC-449E-40A1-89CE-8C805096CA93}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{FA0A744D-72CA-4D4B-92FC-428E61FC07A8}] => (Allow) D:\Games\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{F6A27230-C67D-4CF1-8692-80622998CDA3}] => (Allow) D:\Games\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{025D2249-E8B5-4E33-9AC7-BDE0F8C5B043}] => (Allow) D:\Games\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{1880EFE7-A5F9-4BB8-A035-987F8950CDAD}] => (Allow) D:\Games\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [TCP Query User{734104AD-ADF6-493F-B51D-132A785C3D2B}D:\games\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\games\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{9797FA24-D61C-442A-9139-935B17A0111D}D:\games\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\games\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{9F6CF138-7B87-4FD1-B6FA-A971FF895C9A}] => (Allow) D:\Games\Steam\SteamApps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{F147D0F9-93D1-40F9-87C6-B8789D89B172}] => (Allow) D:\Games\Steam\SteamApps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{6137F949-E9CD-46B4-BBBE-388D664B807B}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{C39FE025-E875-4D26-9524-EE5A28429AA4}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{B0610D16-D92C-491D-8DF6-4BC3A3317BF4}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [{7CC63DE8-BC7A-432A-B4BD-37A3616E790D}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [TCP Query User{FF601257-16B1-4A45-B6FB-C66FC38F04B1}D:\games\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Block) D:\games\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{4809D550-BD5D-4BC4-A8B5-6E2E63854E8B}D:\games\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Block) D:\games\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{748C0E05-9D47-4BD1-BA01-EEA43F1C5A82}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{FAFC8B75-BB71-43F1-994F-853DDFA1BF48}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{5AEE9812-D981-41D6-84E4-2DBA0AE0FA1A}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{BAC1508F-F0F5-482F-85E0-29C36067F466}] => (Allow) D:\Games\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{C48C4EA1-BA83-4ADD-96BA-8FE73C259544}] => (Allow) D:\Games\Steam\SteamApps\common\TalesMajEyal\t-engine.exe
FirewallRules: [{52ABC2A2-4A12-4FFD-AAF1-80C6051D7E19}] => (Allow) D:\Games\Steam\SteamApps\common\TalesMajEyal\t-engine.exe
FirewallRules: [{5F970C11-FB58-4553-882E-B1F56E6E24FF}] => (Allow) D:\Games\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{9645933E-FF11-4AEA-ABE0-66D03D664BA7}] => (Allow) D:\Games\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{315A0653-5D5E-412C-ACE2-5C9A917DD6BE}] => (Allow) D:\Games\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{5C203174-D014-4F89-B95F-A903224A0C1E}] => (Allow) D:\Games\Steam\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{D55EEA0C-3F6C-4C98-83D3-042365CFF133}] => (Allow) D:\Games\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{C3A8F917-32A1-407C-9304-A92174BB5F39}] => (Allow) D:\Games\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [TCP Query User{59F83218-29C3-40AA-9A6A-379FD9417443}D:\games\steam\steamapps\common\total war attila\attila.exe] => (Block) D:\games\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{7BD9EBB4-3F63-4EDE-9596-2DB853CDEFC8}D:\games\steam\steamapps\common\total war attila\attila.exe] => (Block) D:\games\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{C5D014D3-9572-4382-9F66-1EAD0E75F2AB}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{8E6D517C-7325-43A7-A26C-7A18FF489938}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{99FF055E-3355-4FB2-AD0F-FE4FD4DEFB9C}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{682A3C12-268A-4A25-AD1F-E0EF3B387239}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{46F64666-4652-4355-8BE3-E2E8731A6723}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BCEE124C-03C7-4662-83E8-4D0D5CEFF723}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2EB33A88-A0EF-4D9C-B574-3E4A49540FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{093202B6-3525-4258-BEA4-9B8FB8505258}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1E199625-818C-4091-9A2C-718653710DCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9176636B-EE20-4E9D-8797-4A2A168488BD}] => (Allow) D:\Games\Steam\SteamApps\common\outtheresomewhere\ots.exe
FirewallRules: [{4C7A1572-3E3C-4255-9214-83782C2404AA}] => (Allow) D:\Games\Steam\SteamApps\common\outtheresomewhere\ots.exe
FirewallRules: [{A2F05EE2-5903-4FCC-8831-CC3E88FEE329}] => (Allow) D:\Games\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{8A8C8997-1D7A-457E-9707-A68A500694BF}] => (Allow) D:\Games\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{183E99CA-5DC6-4FB4-AA73-4059D00AE5B9}] => (Allow) D:\Games\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{A882C37E-F614-4EDA-BDD1-D5078FF72806}] => (Allow) D:\Games\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{26ACF857-234F-47F1-8579-F90AFD828495}] => (Allow) D:\Games\BloodBowl1\Blood Bowl Legendary Edition\BB_LE.exe
FirewallRules: [{DA83F0F5-964E-4FBA-9D2B-931F9904EDFD}] => (Allow) D:\Games\BloodBowl1\Blood Bowl Legendary Edition\BB_LE.exe
FirewallRules: [{12BCDD0B-E4C5-4359-92B0-1148B5D0DAFE}] => (Allow) D:\Games\BloodBowl1\Blood Bowl Legendary Edition\Autorun\Exe\Autorun.exe
FirewallRules: [{7227E4C8-7364-452E-B697-1F01A455F141}] => (Allow) D:\Games\BloodBowl1\Blood Bowl Legendary Edition\Autorun\Exe\Autorun.exe
FirewallRules: [{9D6DF5E3-9124-4F6C-834A-0AE0661FAEDA}] => (Allow) D:\Games\AOE III\age3.exe
FirewallRules: [{7FA3339F-6498-444F-8070-B5F2836B7394}] => (Allow) D:\Games\AOE III\age3.exe
FirewallRules: [{B76FBEE5-F3F3-44DF-949E-21448D4CAF34}] => (Allow) D:\Games\AOE III\age3x.exe
FirewallRules: [{7BF15B62-502C-4887-B4AC-80682C10CDA4}] => (Allow) D:\Games\AOE III\age3x.exe
FirewallRules: [{44FCD6F3-F6B4-4B68-965F-572486BD487A}] => (Allow) D:\Games\AOE III\age3y.exe
FirewallRules: [{6C7610E0-FCDA-477C-BA1D-4AEBC5E73FAA}] => (Allow) D:\Games\AOE III\age3y.exe
FirewallRules: [{8AA5B6A4-5488-4410-B2C5-E191E6B99456}] => (Allow) D:\Games\AOE III\autopatcher.exe
FirewallRules: [{80C8C92D-10FA-4115-9C54-9245B9FA299E}] => (Allow) D:\Games\AOE III\autopatcher.exe
FirewallRules: [{16F5D3F0-C943-4E64-8386-1E6CCD370E58}] => (Allow) D:\Games\AOE III\autopatcher2.exe
FirewallRules: [{226C8883-30BE-4529-8B91-7F88E194AFC8}] => (Allow) D:\Games\AOE III\autopatcher2.exe
FirewallRules: [{0C220347-3BAA-4FCC-A944-FEFEB3762569}] => (Allow) D:\Games\AOE III\autopatcherx.exe
FirewallRules: [{432C4D65-3B64-47C3-A56F-C711A1060F51}] => (Allow) D:\Games\AOE III\autopatcherx.exe
FirewallRules: [{9AF95C8F-9A0A-416F-A3A5-CFF882B70E3B}] => (Allow) D:\Games\AOE III\autopatchery.exe
FirewallRules: [{D12CBDDF-0C91-4267-B267-9BACB2B831EC}] => (Allow) D:\Games\AOE III\autopatchery.exe
FirewallRules: [TCP Query User{AF05A04F-4FBC-4166-9DFB-DD38A92FFC0A}D:\games\bloodbowl1\blood bowl legendary edition\bb_le.exe] => (Block) D:\games\bloodbowl1\blood bowl legendary edition\bb_le.exe
FirewallRules: [UDP Query User{97506D94-DB60-4B9F-9568-5A57873A16E1}D:\games\bloodbowl1\blood bowl legendary edition\bb_le.exe] => (Block) D:\games\bloodbowl1\blood bowl legendary edition\bb_le.exe
FirewallRules: [{E90238C5-F4E2-4842-8200-26411CB09CE3}] => (Allow) D:\Games\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{65811925-789A-4D8D-986C-7209207E7947}] => (Allow) D:\Games\Steam\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{23B23F28-C626-445D-BCDD-E7B1E033C6DF}] => (Allow) D:\Games\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{331BF8EC-6D80-42F0-9D8F-465AE8FD161D}] => (Allow) D:\Games\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{72B667AB-26C5-444A-B26D-DD6693D36619}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{8C1464FB-E854-4304-AF04-403ED97A44EA}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{7AAB60C1-859A-4BF9-9717-DC17BA6B7735}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{7F119C11-E95A-4ACE-998B-9E94A0F0CA43}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{57E80FC3-1BA4-42E8-B700-F220F28C06C7}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{07741632-67CC-4A2D-808D-D0FBF0AF86B6}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{EABAE100-689C-4CF3-8DF9-D8EDAB8C6C7B}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{EEA98B5D-BFE7-4173-A98E-013C6C3C0462}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{7E445AD9-55CE-4551-88AF-02DC50DE88A9}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{6A415191-4C41-414C-8BCF-0E4B10CABE7B}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{251F1703-5E7B-438F-9013-9EC9DCDB865F}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{5D9EED9E-05D2-4371-AE54-DBED472F2082}] => (Allow) D:\Games\Steam\SteamApps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{6F5480E0-FD1C-4DC4-99FF-ADBC06C409C0}] => (Allow) D:\Games\Steam\SteamApps\common\Legacy of Kain Soul Reaver\kain2.exe
FirewallRules: [{CBC928BA-5197-4808-8AFD-5E90DF6441BF}] => (Allow) D:\Games\Steam\SteamApps\common\Legacy of Kain Soul Reaver\kain2.exe
FirewallRules: [{33E36D12-6BAA-4EB8-A84F-68EE5403B3AA}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{D305D558-8085-49AB-9CBC-8B603379B20D}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [TCP Query User{B4C58C99-8E3D-46F8-BAD1-FD05F61436BC}D:\games\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\games\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{1F603BC8-3BFB-4562-BC3E-7CA75B0EEE77}D:\games\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) D:\games\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [{4B8D4200-1A7D-4882-AEDB-CDD0D8270B22}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F62001DE-56DA-475D-A0BF-93958DFD7717}] => (Allow) D:\Games\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{35E5E397-C23A-493F-A77C-48465E02BFB1}] => (Allow) D:\Games\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{E6F7F8EB-03E4-478C-9902-4868D69A00B1}] => (Allow) D:\Games\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{949BC6CB-21D3-4B19-ACAD-A34775521EE1}] => (Allow) D:\Games\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{489F4FF5-9DC5-4F7A-8873-F37313782196}] => (Allow) D:\Games\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{B741E203-D049-4EAF-8E6A-74755969634B}] => (Allow) D:\Games\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{97D1036D-EB7B-4EF0-AA57-E5F49CD1CACE}] => (Allow) D:\Games\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{D71FBB7F-7767-4CD3-804E-89945984D024}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3AC074CB-AB68-494D-B9EC-51CFA44C5931}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{450EF204-3D24-4340-91BF-48CE63AEF5E9}] => (Allow) D:\Games\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{4F3A88B3-0052-4A82-B1A3-990D1E9D7602}] => (Allow) D:\Games\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [TCP Query User{009E6909-5AA9-434D-A045-48B42E85BC10}D:\games\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Block) D:\games\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{B41040EA-109E-43C8-A3F6-A926310B754B}D:\games\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Block) D:\games\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{E05BA0BF-501E-4B01-AEF8-8D76B824A609}] => (Allow) D:\Games\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{FDC4DAD8-68CD-44B5-A304-64EB1731E3D5}] => (Allow) D:\Games\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{B8E7D4CC-493D-41C1-95F4-CC8DFD7F53EE}] => (Allow) D:\Games\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{0647B409-C691-418B-8364-0156D4C0CAB7}] => (Allow) D:\Games\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{AF714443-4D7D-427A-A5E2-775D05503C1A}] => (Allow) D:\Games\Steam\SteamApps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{ACC0AAB8-B6D4-4C5B-BA8E-AE26933E0E0D}] => (Allow) D:\Games\Steam\SteamApps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{BB6720C3-F0F6-4DD4-8A5E-1BBABE3E4E38}] => (Allow) D:\Games\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1CEEE707-5CC1-46EB-A999-ACF57C60CA52}] => (Allow) D:\Games\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E070E2EB-4BFB-4A8D-9FD0-A69C91AFAA02}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{9DA3E435-24A8-4357-8117-14AF39F50A8F}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{5C172701-B0F1-4F8D-BE6C-F18714369A52}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{EE73B99F-E8B9-44E5-95B5-0ED30EF9CFE6}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{E0A97380-E7CF-4D18-A056-78E804EB230B}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{9F4195EB-5D44-4BA9-8BFD-F050902655FC}] => (Allow) D:\Games\Steam\SteamApps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{1D2291C8-B5E2-4B89-8C2A-D487E7F7643B}] => (Allow) D:\Games\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{0FE4A817-8418-4A4D-A85C-875E6272DEE6}] => (Allow) D:\Games\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{0B53666A-A82D-4823-85EF-996D52755412}] => (Allow) D:\Games\Steam\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{6C82B565-D5EE-4E09-B40C-86A85E2AC833}] => (Allow) D:\Games\Steam\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [TCP Query User{D71E1367-37DE-4873-88A8-340A725DCAB6}D:\games\steam\steamapps\common\battlefleet gothic armada (ctt)\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\battlefleet gothic armada (ctt)\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{CABA0082-BA76-4CEE-8024-41B6D60BB4EB}D:\games\steam\steamapps\common\battlefleet gothic armada (ctt)\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\battlefleet gothic armada (ctt)\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{F534DDAF-AADF-4083-8EF3-DD6C125CB185}] => (Allow) D:\Games\Steam\SteamApps\common\Battlefleet Gothic Armada (CTT)\BattleFleetGothic.exe
FirewallRules: [{E031D942-B711-415C-93BB-9A92E4657EF0}] => (Allow) D:\Games\Steam\SteamApps\common\Battlefleet Gothic Armada (CTT)\BattleFleetGothic.exe
FirewallRules: [TCP Query User{5960A3C6-FF6E-465F-8356-2ECCD227C7A2}D:\games\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\games\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{688AF744-DBFB-47C3-8C17-292957881A26}D:\games\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\games\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{90076D00-EC86-43FD-8172-746FDA3EE422}] => (Allow) D:\Games\Steam\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{734E462B-4591-4A3C-AA1A-8AB446ACA3E8}] => (Allow) D:\Games\Steam\SteamApps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [TCP Query User{9A3BD286-6564-4928-97D2-D0C0D680C537}D:\games\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{CD355778-3279-45AB-BC1F-AE5D54C085B2}D:\games\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{1E705E27-A98F-4529-B31A-AFA02EB5F63B}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{667205E9-02D1-44CF-9CDD-822CB08945F8}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3FBE8006-5BD5-4FAC-BA87-FAF6954A471B}] => (Allow) D:\Games\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{F4E4BB5D-E642-40FF-9AAB-CB2E114F475F}] => (Allow) D:\Games\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{D857F3E5-CD16-43E4-BDEA-08F630D94076}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{C6D8DE76-47BC-48DE-B8B0-BAEEDBE57588}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{E50961B0-97D3-4D53-9896-4A21CFC99391}] => (Allow) D:\Games\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{517B2194-7760-494F-A400-55D0A5AF6EF3}] => (Allow) D:\Games\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{0C04BA77-031E-4D80-B3D1-1012BBA9D76F}] => (Allow) D:\Games\Steam\SteamApps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{18D019D9-CAF6-4A11-B114-5C4849C09360}] => (Allow) D:\Games\Steam\SteamApps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{A0B4B41B-00BB-41F0-AD8B-47C09F62E847}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{15F709EF-7D5A-4F0E-95EB-FF0C2C7EB5A3}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{DC99B7E7-AC41-48BA-8D59-AEFE69C98D38}D:\games\overwatch beta\overwatch\overwatch.exe] => (Allow) D:\games\overwatch beta\overwatch\overwatch.exe
FirewallRules: [UDP Query User{C4D5AEFB-54E1-4597-AD1D-6765CB6FFA43}D:\games\overwatch beta\overwatch\overwatch.exe] => (Allow) D:\games\overwatch beta\overwatch\overwatch.exe
FirewallRules: [{D4F8B06A-AC8A-49DB-876B-04AD40D79F97}] => (Allow) D:\Games\Steam\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{3107D869-0405-490F-8F8B-DE8266E8C431}] => (Allow) D:\Games\Steam\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{EB5E4901-1D7E-42D1-8AFE-EB07DA8E72AF}] => (Allow) D:\Games\Anno 2070\Anno5.exe
FirewallRules: [{350DE6F7-5943-48B4-B3C3-C047919CC78A}] => (Allow) D:\Games\Anno 2070\Anno5.exe
FirewallRules: [{0E0CD113-6F19-4E8C-9AA9-FC0D7C66E23E}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{EDA4F4AD-86F2-4BE2-9768-86F36CD400EB}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{17C82613-C618-420B-B07C-0F11ED7C4249}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{019BEE92-3780-4134-A4B7-20377F093F14}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E1F81ED9-7E42-4415-A01C-2C4CF591942A}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FE435904-2734-4090-8470-110FCE75C927}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{019C4603-D9DB-46BC-971F-152B5BCCAEA5}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2E06E2C2-8B50-469F-A59F-4FB1958D0B8E}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A72F5300-95B1-4F2E-B583-E1C6CA76E089}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8069A30D-8154-4618-B577-53416D4D94FC}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3ABD275A-B798-4B0F-BC4D-CC210DEE734C}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{A83DA98B-02FF-4738-8BB8-9B0C7137C4F9}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{210D79DA-B8C3-48AE-9D0C-E887BE065C18}] => (Allow) D:\Games\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{D13E14F9-0CA8-4218-AD45-96669A97842C}] => (Allow) D:\Games\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{099658D6-BB9D-495D-A26D-045AD77CDBCB}] => (Allow) D:\Games\Steam\SteamApps\common\Command Modern Air  Naval Operations\GameMenu_CNI\autorun.exe
FirewallRules: [{7321D006-5F69-4F82-84E7-9A8FE5218E27}] => (Allow) D:\Games\Steam\SteamApps\common\Command Modern Air  Naval Operations\GameMenu_CNI\autorun.exe
FirewallRules: [{5D09D20A-110F-440A-8685-EC6C968E4E2E}] => (Allow) D:\Games\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{90987058-21D7-455A-B9C9-DF3478BA091B}] => (Allow) D:\Games\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{42B71704-AFDE-476B-A162-4C70CE1DE0A9}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{8A9ED8DA-1F9D-4D4F-B166-41B152BE394C}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{59A830C7-C89A-4976-8957-4858E249F9FE}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{DDCE44B4-2A63-459B-8A4B-F335E6BE5CD7}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FC164BCE-14CE-4D17-A535-6CBEB5F71A0C}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4FB9821E-81FF-4BD0-875F-5EF7A2DC54A2}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{8A3DB651-452A-487F-8F85-FEB4541842C1}] => (Allow) D:\Games\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{EE2F2929-7F81-490D-AE17-63DE8B356342}] => (Allow) D:\Games\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [TCP Query User{C8274A44-A059-4FEA-9F6D-0249807EA766}D:\games\steam\steamapps\common\victoria 2\v2game.exe] => (Allow) D:\games\steam\steamapps\common\victoria 2\v2game.exe
FirewallRules: [UDP Query User{C7B056A5-E41C-49ED-8C7F-52B1E2A53EAA}D:\games\steam\steamapps\common\victoria 2\v2game.exe] => (Allow) D:\games\steam\steamapps\common\victoria 2\v2game.exe
FirewallRules: [{8B7BADA2-430C-458C-A6CE-AB24FC512F01}] => (Allow) D:\Games\Steam\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{538B8C82-A614-45A2-8C51-0A1EC99822E5}] => (Allow) D:\Games\Steam\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{9362981B-1E62-42ED-9332-F7A65387EB2E}] => (Allow) D:\Games\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6C07D2EF-7C30-48E5-AA9E-97B5F9ED89E9}] => (Allow) D:\Games\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{57788B8F-7D6D-484E-9323-9C8535127C8B}D:\games\overwatch beta\overwatch test\overwatch.exe] => (Allow) D:\games\overwatch beta\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{9E703EE6-4D7A-4AA1-8221-D5BF0F7E2DAD}D:\games\overwatch beta\overwatch test\overwatch.exe] => (Allow) D:\games\overwatch beta\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{08A243E7-D9D7-4C23-9058-9336D6AC1FDD}D:\games\worldofwarships\wowslauncher.exe] => (Allow) D:\games\worldofwarships\wowslauncher.exe
FirewallRules: [UDP Query User{336D03ED-7C60-4E11-895C-72FA640E41C3}D:\games\worldofwarships\wowslauncher.exe] => (Allow) D:\games\worldofwarships\wowslauncher.exe
FirewallRules: [{484CFD51-9108-45C2-A763-D4FE0734016C}] => (Allow) D:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{FB3403CE-570C-42B6-B9E2-77435B3F68B5}] => (Allow) D:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6C2D8003-AD91-4C8F-BA29-E9BD28D5D37E}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{5325A202-4D73-4054-A72E-52166F4C9B07}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{D9441F27-2DD2-4620-8AE3-4BF5201EA9D8}] => (Allow) D:\Games\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B887B05E-B2C9-408B-ADFE-1D06221AB294}] => (Allow) D:\Games\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{45C63C4B-3D60-4950-80A5-D259F6D126B8}] => (Allow) D:\Games\Steam\SteamApps\common\Atlantic Fleet\AtlanticFleet.exe
FirewallRules: [{5F050FEF-F326-4A05-94BB-E1532F87C824}] => (Allow) D:\Games\Steam\SteamApps\common\Atlantic Fleet\AtlanticFleet.exe
FirewallRules: [{A3347BA4-CD7C-4894-B6DB-9325CF253241}] => (Allow) D:\Games\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{F0CA1E06-8644-4E62-99FF-9EC3ADD45FF8}] => (Allow) D:\Games\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [TCP Query User{18F17E3D-5772-4144-8F6A-D7A2EBE6DB45}C:\users\raziel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\raziel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9F93EC3B-DA1B-4689-BB4C-D88E16F99B13}C:\users\raziel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\raziel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C2C0FB8C-69B0-4899-8ADB-99F97770D870}] => (Allow) D:\Games\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{53AEE417-C43A-48E3-A62E-F2E29ED4CCF8}] => (Allow) D:\Games\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{6A66A91E-74A4-4BF4-B116-C6CB9E881F0E}] => (Allow) D:\Games\Steam\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{7B765C64-DEE9-4C6F-887B-A8B48FB0D5D9}] => (Allow) D:\Games\Steam\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [TCP Query User{21427D87-D947-4D35-BAEB-76DA28B2E213}C:\users\raziel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\raziel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A497643-035B-45DF-9515-C4B59394F53B}C:\users\raziel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\raziel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2D221570-0FD0-46D6-B575-1F7831CE1083}] => (Allow) D:\Games\Steam\SteamApps\common\Defcon\defcon.exe
FirewallRules: [{125B0870-46A6-4110-8A31-6700D75E6116}] => (Allow) D:\Games\Steam\SteamApps\common\Defcon\defcon.exe
FirewallRules: [{E6470134-2415-4797-BCD7-E20B56859AA6}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{ED0079DD-A222-4600-8482-8244E1C788A0}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{3388A5FD-5C21-4E3B-A905-638B1F3C81D9}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{F72FFBB5-CC3E-4F29-96CA-E8C6B4B51069}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{999C20A5-EFDE-450B-A006-112522FEA800}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{57F7FC7D-C1C3-432F-89DE-6788E3338B8C}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{AC06EC2C-70AD-42D3-A652-989630490E25}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{474B1E65-1FE5-4E67-87D9-21C6FE1BB1A7}] => (Allow) D:\Games\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{32B432A4-EEA9-46E1-B08A-2FB75F439264}D:\games\paragon\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\paragon\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{97A593A7-E402-43C6-97F3-7E6349AD9ED8}D:\games\paragon\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\paragon\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{B6AE3E69-228E-4A55-88D8-1BCB741602BD}D:\games\paragon\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\paragon\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6A11A6FA-73D0-47E4-A6E5-F8183D8968DA}D:\games\paragon\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\paragon\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{DB81B837-818B-4ABC-9DC2-F6B5AC53BA28}] => (Allow) D:\Games\Steam\SteamApps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{E62D8B6B-1F69-4647-9F44-BC979BC63758}] => (Allow) D:\Games\Steam\SteamApps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{E798944D-5F35-4E4E-BADD-54C93F378648}] => (Allow) D:\Games\Steam\SteamApps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{0086933D-5CC7-45A9-B703-716D007A61CA}] => (Allow) D:\Games\Steam\SteamApps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{89CAA1AB-2753-4DC9-8454-02173BBB6A40}] => (Allow) D:\Games\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{0F9CF03A-EEC6-4DF6-B4E2-F898C0B22DA4}] => (Allow) D:\Games\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{8E2E4D2D-5FE1-41B8-9794-2FA3AD4362DF}] => (Allow) D:\Games\Steam\SteamApps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{42C334DE-614B-4515-A0EE-4578A1AF8D6A}] => (Allow) D:\Games\Steam\SteamApps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{70BCA2D5-3DF1-4F54-88CF-CC08D74860E6}] => (Allow) D:\Games\Steam\SteamApps\common\Slavistan\Slavistan.exe
FirewallRules: [{2807615A-BFCF-473B-B385-8DBA3598B124}] => (Allow) D:\Games\Steam\SteamApps\common\Slavistan\Slavistan.exe
FirewallRules: [{ABF451E7-05A2-4F2F-926F-E9913862DD90}] => (Allow) D:\Games\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{9986F8EB-194F-45A0-9869-AEAF7FCA526E}] => (Allow) D:\Games\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{8A293CB7-FB2B-4EE4-A161-F60C55AD5603}D:\games\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{89C7D1BD-671D-4A69-8EAD-663EB114F946}D:\games\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{1C17AE3C-99D5-4849-9C68-A7399E562E99}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1F9FD11C-89B8-42CB-8E3D-C07808333299}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F5E3531C-C632-4FE9-B8E8-67A94BC0B130}] => (Allow) D:\Games\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{9389227C-628D-49F8-84E0-912465E93810}] => (Allow) D:\Games\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{6EB0B3F0-E9D4-46C5-B474-70C07BC1CC66}] => (Allow) D:\Games\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2A0DC150-65BF-4B27-AB0E-81CECE93A7C0}] => (Allow) D:\Games\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{5344E775-4C84-4AAA-B34F-D61B9231281D}] => (Allow) D:\Games\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{E88FF4A2-5E3E-40AC-BF32-67ED5C18A166}] => (Allow) D:\Games\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{634D8B4A-B6EA-4F3E-AC63-FA08F022A0C4}] => (Allow) D:\Games\Steam\SteamApps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{9B7B7D5B-CA7D-42F3-89C8-288D6F2DA941}] => (Allow) D:\Games\Steam\SteamApps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{9D5C0805-86D9-447A-A156-A207DA2E27AF}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F52851BE-770C-4811-ABD7-6490AE10ACCD}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1F87BCC-A648-462E-A629-F50EC7D4DDB5}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67CCB6D7-EE24-42B4-83BB-D38A0FE0DC1B}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe

==================== Wiederherstellungspunkte =========================

29-10-2016 14:55:53 DirectX wurde installiert
01-11-2016 12:15:05 Windows Update
04-11-2016 16:21:14 Windows Update
06-11-2016 17:15:59 Windows Defender Checkpoint

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/06/2016 05:03:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1aec
Startzeit der fehlerhaften Anwendung: 0x01d2384743c7aee3
Pfad der fehlerhaften Anwendung: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 9075c10c-a43a-11e6-942b-448a5b822a62

Error: (11/06/2016 05:03:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0x01d23839dcea68db
Pfad der fehlerhaften Anwendung: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 807fd3b8-a43a-11e6-942b-448a5b822a62

Error: (11/06/2016 03:27:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0x01d2382f6cdaa5d8
Pfad der fehlerhaften Anwendung: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 19a9b9bb-a42d-11e6-942b-448a5b822a62

Error: (11/06/2016 02:07:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/05/2016 02:57:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/04/2016 10:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0x01d236d739af2085
Pfad der fehlerhaften Anwendung: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: a7bd716e-a2d4-11e6-b014-448a5b822a62

Error: (11/04/2016 09:07:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/04/2016 04:17:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/03/2016 04:27:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/03/2016 03:31:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1a64
Startzeit der fehlerhaften Anwendung: 0x01d235dee86bb794
Pfad der fehlerhaften Anwendung: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Games\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 3b406ebc-a1d2-11e6-b11b-448a5b822a62


Systemfehler:
=============
Error: (11/06/2016 02:07:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Saitek DirectOutput" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/06/2016 02:07:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/06/2016 02:07:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/05/2016 02:57:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Saitek DirectOutput" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/05/2016 02:57:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/05/2016 02:57:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/04/2016 09:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Saitek DirectOutput" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/04/2016 09:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/04/2016 09:07:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (11/04/2016 04:17:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Saitek DirectOutput" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2016-11-06 14:07:20.460
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-06 14:07:20.397
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-06 14:07:18.206
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-06 14:07:18.146
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-05 14:57:36.659
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-05 14:57:36.589
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-05 14:57:35.379
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-05 14:57:35.309
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-04 21:07:38.225
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-04 21:07:38.155
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 16326.51 MB
Verfügbarer physikalischer RAM: 12017.04 MB
Summe virtueller Speicher: 32651.21 MB
Verfügbarer virtueller Speicher: 27845 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:226.37 GB) (Free:41.6 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:138.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3687C225)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=226.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 77B3F845)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
EDIT: Mir ist eben aufgefallen dass ich den screenshot vergessen hab, aber was solls.
__________________


Alt 10.11.2016, 14:45   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win-Defender SubTab!blnk - Standard

Win-Defender SubTab!blnk



Das issen Fehlalarm siehe https://heise.de/-3458138
__________________
__________________

Antwort

Themen zu Win-Defender SubTab!blnk
.dll, administrator, adobe, antivirus, avast, combofix, explorer, firefox, flash player, home, mozilla, prozesse, realtek, registry, scan, security, services.exe, software, subtab, svchost.exe, system, teamspeak, temp, usb, windows, winlogon.exe



Ähnliche Themen: Win-Defender SubTab!blnk


  1. BrowserModifier:Win32/SupTab!blnk - "Entfernen erfolgreich" war das echt so erfolgreich?
    Plagegeister aller Art und deren Bekämpfung - 13.11.2016 (15)
  2. BrowserModifier: Win32/SupTab!blnk
    Log-Analyse und Auswertung - 11.11.2016 (12)
  3. BrowserModifier:Win32/SupTab!blnk nach Formatierung immer noch nicht beseitigt
    Plagegeister aller Art und deren Bekämpfung - 10.11.2016 (8)
  4. BrowserModifier: Win32/SupTab!blnk
    Plagegeister aller Art und deren Bekämpfung - 09.11.2016 (2)
  5. BrowserModifier: Win32/SupTab!blnk
    Plagegeister aller Art und deren Bekämpfung - 09.11.2016 (2)
  6. Ich bekomme ständig die Meldung: Potenziell gefährliche Software erkannt - BrowserModifier: Win32/SupTab!blnk
    Plagegeister aller Art und deren Bekämpfung - 09.11.2016 (11)
  7. browsermodifier:win32 suptab!blnk Win 7
    Log-Analyse und Auswertung - 08.11.2016 (4)
  8. BrowserModifier: Win32/SupTab!blnk
    Log-Analyse und Auswertung - 08.11.2016 (14)
  9. windows defender zeigt (Potentiell gefährliche software) (win32/suptab!blnk) enfernt ihn dann alleine und zeigt ihn immer wieder erneut an.
    Log-Analyse und Auswertung - 08.11.2016 (6)
  10. BrowserModifier: Win32/SupTab!blnk
    Plagegeister aller Art und deren Bekämpfung - 05.11.2016 (1)
  11. WIN 7: Virusfunde Win32.Application.SubTab.A / Win32.Application.DownloadSponsor.D
    Plagegeister aller Art und deren Bekämpfung - 10.05.2014 (15)
  12. PC Defender Plus
    Log-Analyse und Auswertung - 27.12.2012 (12)
  13. Win 7 Defender entfernen
    Anleitungen, FAQs & Links - 20.12.2012 (2)
  14. defender.exe
    Log-Analyse und Auswertung - 04.01.2012 (1)
  15. mscj & Total Defender / PC Defender 2010
    Plagegeister aller Art und deren Bekämpfung - 18.04.2010 (5)
  16. WinPC Defender !!!!!
    Plagegeister aller Art und deren Bekämpfung - 27.04.2009 (1)
  17. WinPC Defender
    Plagegeister aller Art und deren Bekämpfung - 22.04.2009 (1)

Zum Thema Win-Defender SubTab!blnk - Das ganze scheint hier ja gerade umzugehen, deshalb werde ich das hier jetzt als Generalüberprüfung sehen. Wichtig ist noch zu erwähnen dass es anfieng, nachdem ich "the stanley parable" nach - Win-Defender SubTab!blnk...
Archiv
Du betrachtest: Win-Defender SubTab!blnk auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.