| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Externes Backuplaufwerk VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.12.2016, 15:12
| #1 |
| |  Externes Backuplaufwerk Virus Hallo Leute, ich habe letztens von meiner Schwester eine externe Festplatte gekriegt, über die ich "mal rübergucken soll". Vor einiger Zeit hatte sie da anscheinend einen Virus drauf, der alle Daten unsichtbar gemacht oder in Verknüpfungen umgewandelt hat. Seitdem hatte sie die Platte nicht mehr wirklich benutzt, allerdings würde sie die gerne wieder als Backup-Festplatte verwenden. Als ich die Platte angeschlossen hatte, schien allerdings alles wieder normal. Ich wäre trotzdem sehr dankbar, wenn hier jemand mit Ahnung nochmal drüber gucken könnte, damit sich auf der Platte nichts fieses mehr tummelt. Hier ist sind die FRST logs mit der Festplatte angeschlossen. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2016
durchgeführt von Otti (Administrator) auf OTTI-PC (17-12-2016 15:03:01)
Geladene Profile: Otti (Verfügbare Profile: Otti)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(DeviceVM, Inc.) C:\ASUS.SYS\config\DVMExportService.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avwebg7.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Six Engine] => C:\Program Files\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2876704 2016-12-16] (Valve Corporation)
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
AppInit_DLLs: {DLL_Str} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C17DD923-E015-4AAE-9D11-5ADE08521ABA}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3534099020-634075679-966876233-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3534099020-634075679-966876233-1000 -> {56C9BBE2-B38E-4CC4-9D74-C66AA7FF4CD9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-11] (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-11] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: vd5nyfxp.default-1371114904938
FF ProfilePath: C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938 [2016-12-17]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (ExHentai Easy 2) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2016-08-12]
FF Extension: (Adblock Plus) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3534099020-634075679-966876233-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-06-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default [2016-12-02]
CHR Extension: (Avira Browserschutz) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-31]
CHR Extension: (uMatrix) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2016-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-30]
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [136544 2009-10-22] ()
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [319488 2009-10-16] (DeviceVM, Inc.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-11] ()
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-06-06] (Avira Operations GmbH & Co. KG)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [99952 2010-01-11] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-08-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3564800 2011-07-22] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-09-21] (Duplex Secure Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1127936 2010-03-02] (VIA Technologies, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Otti\AppData\Local\Temp\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-17 15:03 - 2016-12-17 15:03 - 00014182 _____ C:\Users\Otti\Downloads\FRST.txt
2016-12-16 23:31 - 2016-12-16 23:31 - 09700976 _____ C:\Users\Otti\Downloads\Thorium Mod v1.2.13.4.zip
2016-12-16 23:28 - 2016-12-16 23:29 - 10847910 _____ C:\Users\Otti\Downloads\tModLoader.Windows.v0.9.0.2.zip
2016-12-09 09:59 - 2016-12-09 09:59 - 01143583 _____ C:\Users\Otti\Downloads\Abtin Weninger Perivascular macrophages mediate neutrophil recruitment during bacterial skin infection Nat Immunol 2014 .pdf
2016-12-08 18:45 - 2016-12-08 18:45 - 00001094 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-11-21 16:26 - 2016-11-21 16:28 - 00000000 _____ C:\Users\Otti\c(1
2016-11-21 01:41 - 2016-11-21 01:41 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-11-18 19:43 - 2016-12-17 11:33 - 00000000 ____D C:\Users\Otti\AppData\LocalLow\Mozilla
2016-11-18 15:32 - 2016-12-17 11:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-18 01:56 - 2016-11-18 01:56 - 01198288 _____ (Adobe Systems Incorporated) C:\Users\Otti\Downloads\flashplayer23_xa_install.exe
2016-11-18 01:36 - 2016-12-15 21:54 - 00030672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-17 15:03 - 2015-07-25 15:55 - 00000000 ____D C:\FRST
2016-12-17 14:57 - 2015-07-25 10:46 - 01762304 _____ (Farbar) C:\Users\Otti\Downloads\FRST.exe
2016-12-17 14:37 - 2016-01-04 11:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-17 14:29 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-17 14:29 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-17 11:42 - 2011-09-21 17:43 - 00000000 ____D C:\Program Files\Steam
2016-12-17 11:37 - 2011-09-21 16:57 - 00000177 ____H C:\dvmexp.idx
2016-12-17 11:30 - 2011-09-21 17:43 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-12-17 11:27 - 2012-05-04 01:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-17 11:27 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-17 01:43 - 2011-11-23 20:03 - 00000000 ____D C:\Users\Otti\AppData\Roaming\Skype
2016-12-16 11:04 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-12-15 21:58 - 2015-05-04 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-15 21:54 - 2015-05-04 20:02 - 00140840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-12-15 21:54 - 2015-05-04 20:02 - 00119208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-12-14 00:37 - 2015-07-01 22:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-14 00:37 - 2015-07-01 22:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-14 00:37 - 2011-09-21 17:30 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 21:00 - 2012-12-12 21:18 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-08 18:43 - 2015-05-04 19:28 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-02 16:15 - 2015-10-13 21:07 - 00000000 ____D C:\Users\Otti\AppData\Roaming\.minecraft
2016-12-02 12:54 - 2011-09-21 16:35 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-02 12:54 - 2009-07-14 09:47 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-12-02 12:54 - 2009-07-14 09:47 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-12-01 00:44 - 2015-02-05 18:06 - 00000000 ____D C:\Users\Otti\AppData\Local\Steam
2016-11-30 16:54 - 2012-12-12 21:18 - 00000000 ____D C:\Users\Otti\AppData\Local\Google
2016-11-28 23:02 - 2011-11-23 20:03 - 00000000 ___RD C:\Program Files\Skype
2016-11-28 23:02 - 2011-11-23 20:03 - 00000000 ____D C:\ProgramData\Skype
2016-11-21 16:26 - 2011-09-21 16:32 - 00000000 ____D C:\Users\Otti
2016-11-20 23:11 - 2011-09-21 17:06 - 00000000 ____D C:\Users\Otti\AppData\Local\CrashDumps
2016-11-18 01:57 - 2011-09-21 19:56 - 00000000 ____D C:\Users\Otti\AppData\Local\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-06-05 17:08 - 2014-06-19 20:44 - 0000096 _____ () C:\Users\Otti\AppData\Roaming\LauncherSettings_live.cfg
2014-06-03 18:00 - 2015-05-28 14:36 - 0138056 _____ () C:\Users\Otti\AppData\Roaming\PnkBstrK.sys
2016-01-22 23:34 - 2016-11-15 20:56 - 0013106 _____ () C:\Users\Otti\AppData\Roaming\SpeedRunnersLog.txt
2016-10-24 17:46 - 2016-10-24 17:46 - 0002634 _____ () C:\Users\Otti\AppData\Roaming\TargetInvocationLog.txt
2014-06-05 17:11 - 2014-06-05 17:11 - 0000039 _____ () C:\Users\Otti\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-06-15 23:03 - 2015-06-15 23:03 - 0007607 _____ () C:\Users\Otti\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Otti\AppData\Local\temp\jansi-32-5584262173844750113.dll
C:\Users\Otti\AppData\Local\temp\jansi-32-5904728097558407002.dll
C:\Users\Otti\AppData\Local\temp\jansi-32-7001619451983330431.dll
C:\Users\Otti\AppData\Local\temp\jansi-32-8839384565308921463.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-14 09:31
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 17-12-2016
durchgeführt von Otti (17-12-2016 15:03:24)
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-09-21 15:32:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3534099020-634075679-966876233-500 - Administrator - Disabled)
Gast (S-1-5-21-3534099020-634075679-966876233-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3534099020-634075679-966876233-1002 - Limited - Enabled)
Otti (S-1-5-21-3534099020-634075679-966876233-1000 - Administrator - Enabled) => C:\Users\Otti
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Productions Ltd.)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM\...\{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}) (Version: 3.1.0.0342 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games)
ANNO 1404 (HKLM\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.01.0000 - Ubisoft)
Anno 1404 (Version: 1.00.0000 - Ubisoft) Hidden
Antichamber (HKLM\...\Steam App 219890) (Version: - Alexander Bruce)
Assassin's Creed II (HKLM\...\Steam App 33230) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM\...\Steam App 242050) (Version: - Ubisoft Montreal)
Audiosurf (HKLM\...\Steam App 12900) (Version: - Dylan Fitterer)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
BioShock 2 (HKLM\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock Infinite (HKLM\...\BioShock Infinite_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crusader Kings II (HKLM\...\Steam App 203770) (Version: - Paradox Development Studio)
Dead Space™ (HKLM\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.21.123 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Discord (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version: - )
Dota 2 Test (HKLM\...\Steam App 205790) (Version: - )
EPU (HKLM\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )
Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio)
Express Gate (HKLM\...\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}) (Version: 1.5.17.9 - DeviceVM, Inc.)
Factorio version 0.12.25 (HKLM\...\Factorio_is1) (Version: - )
Fallout 3 (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version: - Bethesda Softworks)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEAR (HKLM\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FlatOut (HKLM\...\Steam App 6220) (Version: - Bugbear Entertainment)
FORCED (HKLM\...\Steam App 249990) (Version: - BetaDwarf)
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version: - Greenheart Games)
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Gothic 3 (HKLM\...\Steam App 39500) (Version: - Piranha – Bytes)
Gothic_Patch (HKLM\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Guitar Hero III (HKLM\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.31 - Activision)
Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione)
Heroes of Might & Magic V: Tribes of the East (HKLM\...\Steam App 15370) (Version: - Nival)
Heroes of Newerth (HKLM\...\hon) (Version: 1.0.20 - S2 Games)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hitman 2: Silent Assassin (HKLM\...\Steam App 6850) (Version: - Eidos)
Hitman: Blood Money (HKLM\...\Steam App 6860) (Version: - Eidos)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Just Cause 2 (HKLM\...\Steam App 8190) (Version: - Avalanche)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Lethal League (HKLM\...\Steam App 261180) (Version: - Team Reptile)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
measure (HKLM\...\{5FC40A17-BC1D-4F59-A511-B308A669DBAA}) (Version: 4.6.11.1 - Phywe Systeme GmbH)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM\...\Steam App 113020) (Version: - Pocketwatch Games)
Mount Your Friends (HKLM\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Mozilla Firefox 50.1.0 (x86 de) (HKLM\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
My Game Long Name (HKLM\...\UDK-7c652209-baac-4ad1-ab52-d0e8e7a84a01) (Version: - Epic Games, Inc.)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PC Probe II (HKLM\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.87 - ASUSTeK Computer Inc.)
PDF24 Creator 7.0.4 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Port Royale 2 (HKLM\...\Steam App 12470) (Version: - Ascaron Entertainment ltd.)
Prince of Persia (HKLM\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prince of Persia Sands of Time (HKLM\...\Uplay Install 111) (Version: - Ubisoft)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.15.209.2010 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SEGA Genesis & Mega Drive Classics (HKLM\...\Steam App 34270) (Version: - Sega)
Sim City 4 Deluxe (HKLM\...\{90EEF48B-EAAF-44DC-B2F6-6FB97D7DAC4E}) (Version: 1.0.0 - Doctor Strange)
SimCity™ Societies (HKLM\...\{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}) (Version: 1.0.0.0 - Electronic Arts)
Skullgirls (HKLM\...\Steam App 245170) (Version: - Lab Zero Games)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
South Park - The Stick of Truth Version 1.0.1353 (HKLM\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SPEEDLINK CASE (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54200.103 - Sonix)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version: - sparsevector)
TeamSpeak 3 Client (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version: - CD Projekt RED)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version: - Nadeo)
TrackMania² Stadium Open Beta (HKLM\...\Steam App 233070) (Version: - Nadeo)
Trine 2 (HKLM\...\Steam App 35720) (Version: - Frozenbyte)
Tropico 3 - Steam Special Edition (HKLM\...\Steam App 23490) (Version: - Haemimont Games)
TurboV EVO (HKLM\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.20 - )
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.4 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3534099020-634075679-966876233-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {212395F8-BF05-48CB-8DD8-CC09589DF3C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {260E6265-B5D2-43E2-A1CB-25C1AD7B3936} - System32\Tasks\{F9DDD321-AAE5-4267-A62E-46046C1DA01D} => H:\C&C G\generals.exe
Task: {31855B55-CA9B-460D-8772-021CB6D58D96} - System32\Tasks\{C17E8858-867F-44F9-8E08-BE03850DF90A} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.111.259&LastError=404
Task: {5392CA4E-A8D7-48E4-85DB-513CD400AF35} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {69A655CC-26B7-494E-B630-A69355641EBF} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {88EEE1FF-1FE5-48D8-8148-1FAB946D6C1E} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {93648F48-097D-47CE-AF18-E7E347D1BA99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9804ABC1-EFEE-4444-9248-BEF74E812770} - System32\Tasks\{D75400F9-CEF5-4B9A-8A35-583C9357DFC0} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.111.259&LastError=12007
Task: {98415088-2D91-412A-8F50-86C0F8C528FF} - System32\Tasks\{56861F2F-779A-4A46-B206-DBEA0CDCC14C} => pcalua.exe -a C:\Users\Otti\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A97CA397-B93D-43D0-A171-0DE73D9B93EA} - System32\Tasks\{D2B8A2BB-6D39-4FDF-9DBB-257E057C55F3} => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe [2016-01-03] ()
Task: {E41C18AC-9250-42F9-B625-11ED57641030} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-04-02] (ASUSTeK Computer Inc.)
Task: {F2905056-495B-4773-9D29-FB4B97C3643B} - System32\Tasks\{FEAFA12A-00FB-49E0-AB06-AB93FE578D57} => pcalua.exe -a F:\DIRECTX\dxsetup.exe -d F:\DIRECTX
Task: {FE5205E8-7F93-4A10-924B-0184E8104307} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-29 22:24 - 2013-04-29 22:24 - 00202240 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-02-16 13:49 - 2012-02-16 13:49 - 03850240 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-03-05 14:59 - 2012-03-05 14:59 - 00512000 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-06-03 18:00 - 2014-07-11 10:06 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2009-03-30 07:32 - 2009-03-30 07:32 - 00032768 ____R () C:\Windows\DAODx.exe
2011-09-21 18:09 - 2009-09-30 04:33 - 00024576 ____R () C:\Windows\system32\AsIO.dll
2011-09-21 18:09 - 2010-02-08 16:19 - 00053248 _____ () C:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2011-09-21 18:09 - 2008-12-10 19:04 - 00253952 _____ () C:\Program Files\ASUS\TurboV EVO\pngio.dll
2013-03-25 13:23 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-02 21:30 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files\Steam\v8.dll
2014-12-02 21:30 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-02 21:30 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-24 07:02 - 2016-12-16 23:39 - 02322720 _____ () C:\Program Files\Steam\video.dll
2014-08-29 11:57 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 11:57 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 11:57 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 11:57 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2014-08-29 11:57 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2011-09-22 14:23 - 2016-12-16 23:39 - 00838944 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2016-02-19 11:50 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files\Steam\openvr_api.dll
2016-11-18 01:27 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files\Steam\bin\cef\cef.win7\libcef.dll
2011-09-22 14:23 - 2016-12-16 23:39 - 00388384 _____ () C:\Program Files\Steam\steam.dll
2014-12-16 21:23 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files\Steam\winh264.dll
2014-05-28 23:55 - 2016-08-10 11:44 - 00149272 _____ () C:\Programme\TeamSpeak 3 Client\quazip.dll
2011-05-10 14:48 - 2016-08-10 11:44 - 00089880 _____ () C:\Programme\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2011-05-10 14:48 - 2016-08-10 11:44 - 00103192 _____ () C:\Programme\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2011-05-10 14:48 - 2016-08-10 11:44 - 00259352 _____ () C:\Programme\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-16 16:28 - 2016-08-10 11:44 - 00373016 _____ () C:\Programme\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
2016-12-14 00:37 - 2016-12-14 00:37 - 19761240 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Otti\AppData\Local\Discord\app-0.0.290\Discord.exe
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tsnp2uvc => C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
MSCONFIG\startupreg: TurboV EVO => "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E568A85F-3488-4295-AD5C-F3814D61B0FA}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{A9E0534C-D39E-4807-901F-FEDB6025091F}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{573A2CBA-DDA1-4D07-9AE4-8274B26F0A43}] => D:\World of Warcraft\Launcher.exe
FirewallRules: [{A341FD75-CA47-42A3-A435-4030FCEA6F30}] => D:\World of Warcraft\Launcher.exe
FirewallRules: [{9DAE4A5D-0818-4BA5-B355-43398E62720C}] => D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{4DCA2361-29A6-4B99-8745-6219236D5C96}] => D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{467A5113-CCD2-4111-947D-3D1F8E483ADB}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{93840C42-9FF7-4B9F-9E19-E9BF631E1F6E}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{DAAF1158-F8FF-4956-B07A-B6C83575AAFA}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{AFA5CA22-0E17-4923-B5BE-235315446348}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{D4DEDCCF-19F5-4192-8BDA-505C7D9DD83B}] => C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{C029ECB3-445A-4D5E-99C0-176570E472B1}] => C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{B666F467-9BC4-442F-97E0-4006B9DD1793}] => E:\WoW Test\World of Warcraft Public Test\Launcher.exe
FirewallRules: [{8E64879A-AAAD-48B9-8E61-0DD806E4C57D}] => E:\WoW Test\World of Warcraft Public Test\Launcher.exe
FirewallRules: [{0C42C1C6-0E4C-4241-8878-A34D1E6D809C}] => E:\WoW Test\World of Warcraft Public Test\Launcher.patch.exe
FirewallRules: [{6C7AD351-0845-4F47-8AEA-55F62B919BF9}] => E:\WoW Test\World of Warcraft Public Test\Launcher.patch.exe
FirewallRules: [{03D4C544-BBF1-487E-BA25-0A60BE018614}] => E:\World of Warcraft\Launcher.exe
FirewallRules: [{279FFE3F-4B7C-42AD-8F3A-32CC6F43B152}] => E:\World of Warcraft\Launcher.exe
FirewallRules: [{A6FB244B-F89A-4EA4-868B-F1EF7F1A9B3C}] => E:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{FEB4BC64-D50C-496A-A224-167513946BCF}] => E:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{52CDAF9D-044F-4859-A917-322F87BC3599}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{96586C3E-15CC-4980-87E7-D1B8CAAA03A7}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{DCA09D93-DD03-43C1-AB7D-1CB5E147E855}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{1F7797DB-BD7B-4E47-AC82-34E291AED0A7}E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [UDP Query User{636CD2BC-7259-42A0-B2CC-D285CFBB4B07}E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [{D70989FC-7720-4569-A26B-3CA3D490A0E2}] => C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{E4BED6F8-78B1-4792-A325-EEFAA690F53F}] => C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C4C007F1-E78D-4B10-BC07-585A00768CB6}] => C:\ProgramData\Battle.net\Agent\Agent.516\Agent.exe
FirewallRules: [{A0D3BFBC-0453-4AA2-AD12-311105D783C0}] => C:\ProgramData\Battle.net\Agent\Agent.516\Agent.exe
FirewallRules: [{D6CD1D59-ED4E-4474-9D87-A21357D70DF5}] => C:\Program Files\Diablo III Beta\Diablo III.exe
FirewallRules: [{E66780C7-C155-4CEB-B8E3-D6A356088FE8}] => C:\Program Files\Diablo III Beta\Diablo III.exe
FirewallRules: [{76B3B89E-08B5-4840-B208-8E4230EC0498}] => C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{A17AFCD0-C9B1-47B1-8638-BC90446B51D3}] => C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{2272C476-2915-4E3E-80F3-B1F24014B150}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EAAB0B20-5C10-4E34-98AB-65764C0594BC}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{05F0CA97-12C9-4A60-AC40-86D4C94CCBDA}C:\programdata\battle.net\agent\agent.649\agent.exe] => C:\programdata\battle.net\agent\agent.649\agent.exe
FirewallRules: [UDP Query User{65BD2E2B-B2C3-4792-9D74-98488376C42D}C:\programdata\battle.net\agent\agent.649\agent.exe] => C:\programdata\battle.net\agent\agent.649\agent.exe
FirewallRules: [TCP Query User{FF81B32F-D392-47E3-BC0F-3D8030FF090E}C:\program files\diablo iii beta\diablo iii.exe] => C:\program files\diablo iii beta\diablo iii.exe
FirewallRules: [UDP Query User{D801B325-89B4-418C-9C30-0EF3A3AA4A05}C:\program files\diablo iii beta\diablo iii.exe] => C:\program files\diablo iii beta\diablo iii.exe
FirewallRules: [{A8C1D08D-08F6-461B-A68E-D3F81DD2B0C5}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{3A06FA7E-AEBF-47E9-A4C0-D94A7B0923F1}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{A490D29C-331B-4728-9683-61457735592C}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{92EC4CEE-6AA8-4AA8-8879-1BE0C5B993F9}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{0D2FCEC1-6A15-44C3-9B8C-6444E5E9FF45}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{1883B0E8-EF14-4FC1-9C9E-1819E0D38C82}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{0CE86750-7537-4D03-AB33-406D1D3B1BD3}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [{C48C6730-224A-46E5-86F0-E7CF2F9B13D8}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [TCP Query User{1764764C-FD19-4C15-B299-D971E3B148E7}E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [UDP Query User{ED3D5300-D335-43BC-93A5-18461F2934F2}E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [TCP Query User{E9AD4D43-9545-453D-B639-F1E6DBDBF547}C:\programdata\battle.net\agent\agent.749\agent.exe] => C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{0F878FC7-073B-4856-AF45-6B671FAE64FF}C:\programdata\battle.net\agent\agent.749\agent.exe] => C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{A164D4CD-B1DE-4CF0-BBD0-FF8DD47F49F3}E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [UDP Query User{B3FEA817-DF86-4037-A347-60B98C067355}E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [{8E60F03B-866C-4994-92CE-4D032ADBCA0A}] => C:\Program Files\Steam\SteamApps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{49F95687-4AFB-4BA0-AF52-851F92C8A763}] => C:\Program Files\Steam\SteamApps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{BB0A4E42-766C-480E-A123-2F6EBFB096BA}E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [UDP Query User{335A9644-8FFA-47ED-847F-6165B104F5CC}E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [TCP Query User{F82639CF-EF49-4A3E-B09C-0B2352E173D9}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{C0F3DBA2-129D-401D-A4DA-25DC8972F4B4}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{3704E7FE-25F0-4611-B641-48713D4AD6AB}C:\programdata\battle.net\agent\agent.868\agent.exe] => C:\programdata\battle.net\agent\agent.868\agent.exe
FirewallRules: [UDP Query User{C27B6CD4-5BF0-4C83-9109-BEA2778BEE9C}C:\programdata\battle.net\agent\agent.868\agent.exe] => C:\programdata\battle.net\agent\agent.868\agent.exe
FirewallRules: [TCP Query User{C03462CD-672A-4291-817F-095DC4E694FC}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{16992B69-EF89-432D-B0E2-913946A143BB}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{0E05B281-A4B3-4DBC-BA94-C4AB44B086B8}] => C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe
FirewallRules: [{D43E50CF-3391-4873-A870-57346655AB02}] => C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe
FirewallRules: [TCP Query User{E999B39F-F3D3-40DA-8B35-9907B9EAA645}C:\programdata\battle.net\agent\agent.954\agent.exe] => C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{36342DE5-2EF6-4367-A5C4-250E53F5A050}C:\programdata\battle.net\agent\agent.954\agent.exe] => C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [{79A44702-3AFE-47C1-AAE7-DB79D8BA6F13}] => D:\2K Games\Bioshock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{508E877F-B18A-455D-B2B9-7BFF9AEEC227}] => D:\2K Games\Bioshock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{C03D883F-0C85-4035-A789-282E3EBC172E}] => D:\2K Games\Bioshock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{731B2187-EABA-4E95-B12D-E51A402C21F6}] => D:\2K Games\Bioshock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [TCP Query User{A83941C7-82E1-42FD-B999-6D08E9553220}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe
FirewallRules: [UDP Query User{94411FCA-8831-4979-B9E9-94EB776D3844}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe
FirewallRules: [{6243AD7F-F734-4A3B-A3E9-3BA345B07843}] => D:\Diablo III\Diablo III.exe
FirewallRules: [{527B18BD-C8CC-4AA3-853B-37007B844515}] => D:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F1BDAD3D-27C3-4B5F-AB6D-EFCB475CF6E4}C:\programdata\battle.net\agent\agent.976\agent.exe] => C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{F1874D76-E126-4088-A6F4-B4626133C55F}C:\programdata\battle.net\agent\agent.976\agent.exe] => C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{0EEA1371-F366-4848-B7D6-57E57C7B4EBB}C:\programdata\battle.net\agent\agent.998\agent.exe] => C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{47FB1774-5A72-4E0D-B267-5817CC27D0DA}C:\programdata\battle.net\agent\agent.998\agent.exe] => C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{DF358BBB-C9A9-4F76-BED6-43B18766A637}C:\programdata\battle.net\agent\agent.1040\agent.exe] => C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{1693B1ED-D012-4CA2-9F5A-1917E5DFA10E}C:\programdata\battle.net\agent\agent.1040\agent.exe] => C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{880138E1-65F8-4FF2-B812-1FF88A3C7C92}] => C:\Program Files\Steam\SteamApps\common\borderlands\Binaries\Borderlands.exe
FirewallRules: [{8F9AFAB6-B2A8-4EE1-AB3F-EC21CE55B2BB}] => C:\Program Files\Steam\SteamApps\common\borderlands\Binaries\Borderlands.exe
FirewallRules: [TCP Query User{46267F84-A1C1-461F-8682-36DBC8C7FEDE}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{25BF16CE-4EEF-4F91-95DC-7F9DD2342ACD}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [{272884C9-FF1B-4D06-8627-B9E9B04B92A2}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{EFB1F124-0471-4972-8A86-A9078CC11594}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{B221F76D-14DF-4742-AC3E-94CAC52A0784}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{22F4F794-D602-494D-AF25-9047DD00AC1C}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0425783C-CB3F-455D-9687-B0D1CE0117C7}] => D:\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{6541CD77-D363-4223-B349-1B6AB7D218B1}] => D:\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{58DEC5C5-C756-409C-A113-26625DB5924A}] => D:\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{97BE214F-9FD7-4AEA-8273-5AA4B2F49CDE}] => D:\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{E95B16E5-6E54-404B-864A-C3D5E82F39E5}] => D:\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{4B06FC8A-A5B9-416B-AB70-1100FA0C2C9D}] => D:\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [TCP Query User{2D5E9B56-FD7C-4D71-871D-8A95716D419C}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{8BC5115D-3876-4C78-8E0A-8B062F7F5479}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [{AF4E9EF3-B3E0-475A-ADCC-4934F2365851}] => D:\Prince of Persia\Prince of Persia.exe
FirewallRules: [{9ADB38DE-162D-4AA3-8421-6ED153EBDEF2}] => D:\Prince of Persia\Prince of Persia.exe
FirewallRules: [{C313EF7B-3312-4C73-B45C-4F215E2DDFE6}] => D:\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{1BBE6291-4B67-4428-A6B2-EF25FA036FC5}] => D:\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [TCP Query User{3957A71D-F374-42A4-82EC-F54E31162431}D:\electronic arts\deadspace\deadspace.exe] => D:\electronic arts\deadspace\deadspace.exe
FirewallRules: [UDP Query User{28C11678-3FE6-44F2-BAC9-906C81604573}D:\electronic arts\deadspace\deadspace.exe] => D:\electronic arts\deadspace\deadspace.exe
FirewallRules: [TCP Query User{76D2DD88-F48C-4E28-9A59-AFD6BC4D957B}D:\electronic arts\deadspace\dead space.exe] => D:\electronic arts\deadspace\dead space.exe
FirewallRules: [UDP Query User{D1C93ADB-6154-4E1D-A17C-0012DFC4254D}D:\electronic arts\deadspace\dead space.exe] => D:\electronic arts\deadspace\dead space.exe
FirewallRules: [{35933EE3-F9AD-4334-A439-47B6D49479D5}] => C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{645483AD-43D2-44BD-8F03-20835B494638}] => C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{325A6244-9B92-46E4-B9AC-D6116E907431}] => C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{BC059A93-A380-453A-BD21-B7A58003BF11}] => C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{F52BE773-E851-4196-AD7C-B7E444AA7EEB}] => C:\Program Files\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{BA3C7D9F-F7C8-4E32-B0BA-3428A756C7DD}] => C:\Program Files\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{34D6E995-FB14-4058-A1D0-345E8701F719}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{37EE1F71-B728-4F17-BAF2-452B7F870A33}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{15133073-817B-4729-94B9-7AAE23406460}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{752A253E-DE53-4B24-AADA-8345C76BA07F}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3714A085-66AD-4E71-BF6E-71AA78545D4D}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C27B4C30-292D-46E9-A90B-0BDED30AC2A9}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{31A67AF3-9FEB-4E65-BFFE-780B618AAE61}] => C:\Program Files\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{7694C910-321C-4770-A206-C26D65AE2430}] => C:\Program Files\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{2141C595-3A0D-42C8-9482-AFA254FE720B}] => C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{4493DC5D-D4D9-4602-91AF-D9CB92489154}] => C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{8D2693C9-53C3-4BA4-9375-A88E0977113B}D:\heroes of newerth\hon.exe] => D:\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{87AABD27-E609-4ECE-BEAA-518C7428EB9E}D:\heroes of newerth\hon.exe] => D:\heroes of newerth\hon.exe
FirewallRules: [{99634AC9-3115-4F1D-9914-B51BC762E627}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{80C7397A-6FF9-4068-B14F-326F7DB4E677}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{A1CD4298-0885-4A77-B540-8089DCE76B0C}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{C51CE07B-0494-4A6A-A89A-79D98A3CF732}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{C9AD272B-4A78-4E58-A4B6-6A39936C0BB1}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{A95E232C-B319-4BA0-9C65-1BED433C1622}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{F3209092-4D43-49CF-AF98-81F3FE8667DB}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{F4D9DF15-8DAA-4384-A9F6-CE9A828C6C56}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{2D6C2AC8-4F23-41D6-B5B2-1F6EADF26422}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{2E3A52B2-9761-4263-8CA3-6F563ECBFF07}] => D:\F.E.A.R\FEAR.exe
FirewallRules: [{656AEB94-F935-43A4-A4E3-122EC7132AE4}] => D:\F.E.A.R\FEAR.exe
FirewallRules: [{676ADBF2-1798-4815-9B7A-49FB3CE901C8}] => D:\F.E.A.R\FEARMP.exe
FirewallRules: [{8BAB504C-4E98-4A56-A928-3828454483B1}] => D:\F.E.A.R\FEARMP.exe
FirewallRules: [TCP Query User{E7AF5D4F-EF15-4A40-A03E-3443AF39AA9A}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{5C6519CA-8BB6-4337-B94E-7F8FF6A379C6}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{E5A8D9E6-2A8A-4DC6-B98E-C2D98076786A}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{43A26C19-0EE3-40AD-A046-29CD1BACA4B2}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{2FF589EC-9F9B-44EC-9715-75E83491C73D}D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [UDP Query User{B78212E9-3466-4B51-B568-F39DD06EEAE5}D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [{ADE60596-8BDF-443E-AC4B-8B4ED51290E3}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0002D1DF-8D83-401F-8915-F378E9DB6864}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{D8A390AD-4E3A-4332-9AFA-83AA3A78E957}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{EC343EE4-3123-4FC2-A343-B35F5E1D2862}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{1DB9693B-C1BF-4603-98DA-05B61DF94278}E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [UDP Query User{EFEC7492-6516-412A-93B7-7086CF135772}E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [TCP Query User{479A26BB-6461-498D-94A3-D0361FE5032D}D:\dead island\deadislandgame_x86_rwdi.exe] => D:\dead island\deadislandgame_x86_rwdi.exe
FirewallRules: [UDP Query User{A23471E0-459A-472F-8BE2-F62199E28B32}D:\dead island\deadislandgame_x86_rwdi.exe] => D:\dead island\deadislandgame_x86_rwdi.exe
FirewallRules: [{F9C77335-EA3F-4A95-996E-FCF0C6D65114}] => C:\Program Files\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{00C66733-C1CF-4075-B11D-FAB7D2EBC2A5}] => C:\Program Files\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [TCP Query User{54566374-E743-460B-B0CD-AE04F8580DDD}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{8EB29137-663B-4786-99A0-7F87EFEC6F39}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [{6ED7DA77-7316-40D0-98E1-23F6A7D76E45}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F74AF459-9A7D-4916-B29D-68D60D479973}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6A7003E2-F5BD-4C6E-97CB-4BB597FCF57C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B8623E96-5E41-455D-9BA3-FECA9C84F24A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{03D54A90-E92D-4874-B66F-C00BC1F02DEC}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{E94D12D0-334B-4DB9-844C-CF9EF14555CC}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [TCP Query User{2EA24E4C-060D-4E7E-AED0-C010241D8658}C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe] => C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{BA7EE73D-26E4-4222-B24F-6531175CC604}C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe] => C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [{E7C36135-BB2D-430B-A799-5CCB7B502170}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6D42EDEF-A367-4083-9CAF-4AE03FE79D27}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7F7C8B25-BAC4-457E-960D-E6D784CECBE9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F43A1D6E-3E8A-4344-8005-9617EA62A696}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8300EB33-51CC-4E18-830B-E54FF15E32AA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB3947B-0581-43E1-B85D-161DD0361F25}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8DB85C6-E2AB-4A3E-99A5-A0FEC926F3BD}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2526CDAC-79F6-43C5-B444-0201B7760886}] => D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2B74999D-72A7-48B1-B017-1B4A0C907CF7}] => D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D97A092E-7E32-48BF-A899-8C1CF2211A4E}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A9318A99-42EF-4BCF-9F67-E5578DF5E66D}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E830A068-1AED-44C6-9CCD-5147B4985FCD}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0B40C744-0F8A-4070-84B2-01EA4B761D88}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0CCC8685-6953-4D7C-88CF-0228E715D581}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6ECD6B26-F0EA-4902-8D5B-6418A2988466}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{424CFC3F-541B-40B8-B3BA-533F8141A0EF}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4DA40D0E-5DB9-423D-9DBB-8AE84BBFC74B}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C1E2AC4E-68CF-441F-BDC8-2096423AF90F}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{06F4D475-06BB-4F37-B510-0D10C112ACCD}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{82A1CC89-879B-419E-A0BB-CAB5B4F2E3F1}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A639A706-06D1-4995-AF32-0819A7B8EA39}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{81CF0714-56EF-4029-9BBE-4AF2568997C8}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{45BF4069-9800-4429-9AC2-1D33A6C53B73}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{427BD3D2-36BD-42F6-8B0E-02F8D25EFD94}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{9F4D8942-34B1-4BF5-B25B-284C7C946315}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{FF31A829-99CB-46D3-B745-2EE89F9AC1C7}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B67AA204-A108-43B6-8CA9-5BB4D041E18D}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B9FDFC38-182C-421E-8C50-D706EDC2B143}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{2A12023F-72B2-42C9-AE6D-F7234F2D7F03}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{B5727E9B-59A1-40F8-B58E-150491FB1B77}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{7F858E23-BE14-464E-8943-74B886D4EB87}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{011DB4AA-14F7-401D-899C-DBE0E97985B0}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{3F84FDB6-88B9-4F90-BECB-B25B4017FD17}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{554933FE-3FBB-4DC7-8569-E77624DD64D1}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{6039FDD4-4F1A-4559-8891-110F635F5753}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{15F9F389-8A75-40D6-8857-7E0F5C809ABA}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{54CF5F3A-00CA-49BE-8D9B-4DA5F39F10DF}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{40D2E168-3BAE-4AA2-81CF-D82A55B9F36A}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B1BF2F1B-DF6F-4BB0-A0B1-DAB19763857F}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2625B82F-F62C-4ED8-81D1-A6B3DE020AD1}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E855FF44-F6FE-414B-A49F-95A2FD31E473}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8EF8DC26-B0B7-4372-BA4D-E5D5235CF300}] => D:\SteamLibrary\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{0DC1F4B9-533B-466E-A10A-27205540D45B}] => D:\SteamLibrary\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{1EE76C8D-11FE-46D3-A3BB-7CBCF21B275B}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30166ED7-E497-44E1-A972-F8E3F12DD937}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC05E1FE-DF9F-41EC-BA6D-C3EFCC53381B}] => D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{4A456AAD-2571-420F-B11C-2C10EE36EB7A}] => D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{84DA8FF2-C2C3-44A3-80F1-13B8529DBD13}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{50DAE296-9717-4D15-99AB-E1F3ACC53D69}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{FC100A19-B707-48B4-BE6C-495C826880B7}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{6146C5BE-7933-43E5-965A-A63D298E1F06}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{609FA4C8-8255-4C1E-94C2-F2DC4103E261}] => C:\Program Files\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{17845C48-00CA-40BF-8D42-EF7D68CC25D3}] => C:\Program Files\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{DD7050DC-1D14-4494-AEEB-516343E13068}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{33EED445-7A34-4041-88A4-7C58E5DE269B}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{79006F9F-ADCD-4B97-BA87-DE9CD7D93E8C}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{C21D905D-49DF-4BA8-8BDB-1737D4BAA0FF}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{92573FDE-B00A-4BF5-9085-FFA09DB1E119}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{5A243312-8610-4171-88FA-C17FAACEDD91}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{2CDDA180-1AD4-49AD-A4EB-16C0F27CF125}] => C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{7EE2999D-6458-4AD3-AE17-0E518FEC5C06}] => C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{29F87D8C-E47D-483C-AD05-B1EFD7C7424A}] => C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{A37F1082-576E-44B1-9B3B-48A260460E0F}] => C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{80CC07D9-64A8-4DF2-A589-822701962296}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F85DA0A2-E516-4A64-8F20-1F4E5F8F0673}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{72891B8E-6973-4CAC-8989-3E938A84F5A6}] => D:\StarCraft II\StarCraft II.exe
FirewallRules: [{877E8F2A-4FCC-4F3B-8C84-31AC17955B9F}] => D:\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{DA32A0DD-BF06-4ECB-88FB-AEE3AB1BD04D}D:\starcraft ii\versions\base28667\sc2.exe] => D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{00D049C8-486B-46C5-9E1E-8389825AA167}D:\starcraft ii\versions\base28667\sc2.exe] => D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{8669CF9C-D6AA-4FFC-A938-41D4A2C70FF7}] => C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{EE2E86A6-E17A-4143-88A0-F7B3A72968B4}] => C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{8E8D3A44-97EC-4F20-8EC9-2AB50868D22D}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{EAA7D2F3-9BD7-402D-A287-5C011007C5E4}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{951FB2FB-BF2D-4E2B-830A-8785A44D3BE8}] => D:\SteamLibrary\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{774D7E95-09DE-4013-A033-743F01985CA6}] => D:\SteamLibrary\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{758887FF-E66F-41D1-ACBD-9579807F8660}] => D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{3D190ED8-B9BA-4553-AB7B-FB9B7A8E4BF2}] => D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{995ABA57-A52D-4069-8912-C42646A77089}] => D:\SteamLibrary\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{4EEE7BFC-4EC0-4107-949B-4C5D7B79F957}] => D:\SteamLibrary\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{C971B5C5-BD6E-441A-9EA1-507B6076B720}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{D6074904-862C-4554-A23F-89C9689B26BA}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{30B6605E-BBC0-499C-B5BD-83AC0E112D49}] => D:\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{F85B2AF1-5B87-47B3-B55E-AF2B7107D286}] => D:\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{BE2DCE7D-6214-4EDE-9741-8E7609E16F6A}] => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8B74A210-B2D8-4C02-845E-985183A5BDD2}] => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C77E2011-0C90-4091-A8CA-0F4BC034D559}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{3F230923-FD6D-4276-AF44-69D53AC56E9C}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{6BB7CA3A-0D66-4C8D-B140-AB57EB226B6C}] => D:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{07F3836B-EEA0-443E-88A8-24171ABD6B89}] => D:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{33E4EBF0-3E01-46C4-87B3-D5649F72E0A9}] => D:\SteamLibrary\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{43F9DE32-5A97-4EC4-8E30-78CF44F7A23D}] => D:\SteamLibrary\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{1A715213-B909-407A-9128-C3165E06CB55}] => D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{A61A572F-C336-4B37-B4EE-F9C814A6B31B}] => D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [TCP Query User{9CDADCF9-080E-4A60-97C9-F3491FC59F90}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{E2E72813-7AAF-44EA-A0EA-7D39808C6C6C}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{6107C44F-815D-491B-ABBE-0880B8DB4674}] => D:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6FE3DE32-2EDF-49E9-9875-151F06021F96}] => D:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2BC8FAFA-A36C-42C5-8C04-E1E98634BD52}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B1DDB7A1-5F00-47B0-BD20-F1B07913A585}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{0161E88A-B633-4727-9EBB-D8C984965C67}] => D:\SteamLibrary\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{400E3C14-E9BD-4807-AA0C-34AD9A234AA5}] => D:\SteamLibrary\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{ACAFB545-0BB9-4ACA-81DB-901322E5BF9B}D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{A2685D1A-E981-4F0A-80B8-2FCB6684758F}D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{B531253E-1173-4050-8D30-EBC135058B52}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{D03A3FEC-42B3-49D9-9BE5-283019D0EAD8}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{2F2A6484-443A-4248-913B-EFB82947825E}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{7CB1CCB0-B700-4001-82C1-8D31F86EE48E}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [{DC48228E-8534-4FD1-AAD3-F64AD8AAADDD}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{F7D9B3A2-C90D-4175-8357-EFE17746245A}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CB6A84B-4BE5-43C4-81AF-A6CFA54C5344}] => D:\SteamLibrary\SteamApps\common\FlatOut\flatout.exe
FirewallRules: [{F0BB7343-63EE-4C2A-B8E8-F9127B1962F0}] => D:\SteamLibrary\SteamApps\common\FlatOut\flatout.exe
FirewallRules: [{9EFF69BE-3522-464F-8E98-D7F78A95D20D}] => D:\SteamLibrary\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{C956A2DD-953A-4BC8-912E-87CF7306BAD6}] => D:\SteamLibrary\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{0F98A126-DE04-4906-A44D-27936D5DC5BC}] => D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{9BFFD0E1-5F62-4989-B4FE-85C98DEC1DD8}] => D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4D63FCA0-9D2B-41BB-9AA2-A00F9A59671C}] => D:\SteamLibrary\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{23C372F5-DAFE-4976-BC18-89758A42AD04}] => D:\SteamLibrary\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{6D6D4FF2-79B0-4A22-BE9F-1F578281F258}] => D:\SteamLibrary\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [{B030D5BE-74E6-4A3D-A9FC-CBE466E7EB8A}] => D:\SteamLibrary\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [TCP Query User{544C29AD-E24E-4123-BC07-336342A1DE7A}C:\program files\geneious\jre\bin\java.exe] => C:\program files\geneious\jre\bin\java.exe
FirewallRules: [UDP Query User{3315995D-4CFB-4739-9AF4-3547769F7148}C:\program files\geneious\jre\bin\java.exe] => C:\program files\geneious\jre\bin\java.exe
FirewallRules: [{E1BEBB8B-CAE6-46A1-B2DB-61F66CC5F54D}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{035AE7C9-7F8F-42A1-92DC-ED8DFCEEC774}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{06A413F3-D3F1-48F2-9760-0846EA05AB3D}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{C2CD5402-7C0C-41F6-AE4A-05154EE8F187}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [TCP Query User{F431765F-4205-4544-BC27-D6546082A2BE}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{3AF5D673-39EB-40F7-9896-44B8A2D41E84}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{ACB7A484-EC4B-45F1-8BF7-A8C6B8504E9C}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{C70643F1-CC41-4DFF-8018-366F43C81DCF}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{29C5102E-B2B2-4415-B047-C978F5C3B91B}] => D:\SteamLibrary\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{9DA54B2A-5177-4D9F-BA44-10905B78EA1B}] => D:\SteamLibrary\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{A5AED074-D454-4AF1-A16B-80C3E630B350}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{256E15DB-D5A1-418D-A07D-4BB47A8AE342}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1DE54C33-6145-4A29-9425-926C623988FB}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2.exe
FirewallRules: [{4D6CAFC6-854A-405D-A839-838D4117C466}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2.exe
FirewallRules: [{4C58F486-2DD8-418E-A44A-BB7314344B93}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2Config.exe
FirewallRules: [{AD56DF24-935F-402A-9713-60D51B06E78E}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2Config.exe
FirewallRules: [TCP Query User{0E99E21F-00A0-4DCA-8712-E568FE89ACCF}C:\programdata\battle.net\agent\agent.3632\agent.exe] => C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{C1841E25-07B5-44A5-96FF-367CCD8A0F01}C:\programdata\battle.net\agent\agent.3632\agent.exe] => C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [{7A47B7FE-95E9-4598-9B00-36CA7C5C02C7}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{732378E6-6A02-4EC4-B807-40D3723038B7}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [TCP Query User{61F1E079-0AB6-4C3E-B356-9792ED776D4C}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A92D1A85-EE4B-408B-AE89-4506C8D1D9C0}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8D80575E-B390-488B-8DE1-C899CA4C3408}D:\heroes of the storm\versions\base34659\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34659\heroesofthestorm.exe
FirewallRules: [UDP Query User{479D4095-B4A3-4067-A1E5-63AB76B6677D}D:\heroes of the storm\versions\base34659\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34659\heroesofthestorm.exe
FirewallRules: [{25814D4B-7FB0-4977-8176-64D1B4189537}] => D:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E60EBBEC-643F-4832-B231-2F92BDBBBD5D}] => D:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{36A225D5-0DCE-4CA7-9FFD-281F95BF4ED2}D:\heroes of the storm\versions\base34846\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [UDP Query User{AEFA2525-A07B-458A-ADEA-5769E5D1CBA1}D:\heroes of the storm\versions\base34846\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [{BDF8D20F-5CBC-4088-B4F0-A392A204CF1E}] => D:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win32\spacegame-Win32-Shipping.exe
FirewallRules: [{5E83B031-F4B2-4185-86A5-368D1A15EBF6}] => D:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win32\spacegame-Win32-Shipping.exe
FirewallRules: [TCP Query User{047B1566-774C-429E-ABAB-CC49EF8FCA1B}J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe] => J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe
FirewallRules: [UDP Query User{F914C1CE-3E32-47AF-9CDD-2D36EB310D3F}J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe] => J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe
FirewallRules: [{6D1ACC45-9F70-4DA1-B05C-1147602D5E54}] => D:\SteamLibrary\SteamApps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{5A864CF4-BFBC-477B-97BE-9892DB08F2D5}] => D:\SteamLibrary\SteamApps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{EA6DF6D6-CB19-4126-A88C-C474053699C6}] => D:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E000B7E1-28A3-4432-B4CF-309743AE1097}] => D:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{72649A71-3A3D-4B71-9D32-65EFAA51C600}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{8BDA8251-F3A8-4EC0-98CB-387395CE1417}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{DC5A2A6D-544B-4136-B89E-2BF1C5BBBE95}] => D:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A404998B-5CEE-41CA-97E1-DE0FC75A48B6}] => D:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{1533A207-FC63-4DC3-8C07-1A5C6C174F85}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{200D00AF-302D-4372-920E-CAE13137C349}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{38FC7F71-43E1-494D-B03F-306B0CA53B86}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{06028079-7D6E-4245-BEB9-31461143C1E5}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{616F6893-4E18-4C14-9A2B-5500E1F924A4}] => D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{1B731D39-69CC-47A8-9FC6-DC44DF3C54F0}] => D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{15063A19-85EE-4727-813D-C289F2F6B9D4}] => D:\SteamLibrary\SteamApps\common\FORCED\forced.exe
FirewallRules: [{B8CE4CAA-C90B-4E9F-9E7E-7B765156E4EA}] => D:\SteamLibrary\SteamApps\common\FORCED\forced.exe
FirewallRules: [TCP Query User{328CC877-0893-421D-B394-531CAD8829D6}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{B9C9CE43-33B0-472D-A130-496FE49D101C}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [TCP Query User{6EF491DD-2F6A-46DF-9F62-FFDF1174B30A}C:\program files\origin games\battlefield 1942\bf1942.exe] => C:\program files\origin games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{21F8353D-6428-40E8-B89B-71AC6BCCF35C}C:\program files\origin games\battlefield 1942\bf1942.exe] => C:\program files\origin games\battlefield 1942\bf1942.exe
FirewallRules: [{872EDA9D-867A-4570-810D-F67E5CF91432}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\game\bin\win32\dota2.exe
FirewallRules: [{B297B775-A4D8-4826-B4FF-2FBD2E69F20F}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\game\bin\win32\dota2.exe
FirewallRules: [{43B8EA4A-25B6-42BB-BF32-67DA5BACA8FA}] => D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{04CA5D54-8B64-4B65-A92D-95FF3D2D39A5}] => D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{D59329B1-90F0-442C-AF2A-949D7231B585}] => D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E335F702-257B-4926-9D86-D56455FB2092}] => D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4549A8FE-FEE9-4357-A01A-1F442A68B506}D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe] => D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe
FirewallRules: [UDP Query User{1F0C80EC-7A72-44BA-BC98-C00C825A72A3}D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe] => D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe
FirewallRules: [{E70CAF05-C6A0-47AD-8C65-EFCA63F8BA50}] => D:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A6764B57-0F89-4C87-AC32-EE046870566A}] => D:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [TCP Query User{6B2C9904-891D-4A42-B1A1-5D30F2D90DC9}E:\facturio\bin\win32\factorio.exe] => E:\facturio\bin\win32\factorio.exe
FirewallRules: [UDP Query User{A187DEF5-1832-4764-AFE9-2A24053B3EC1}E:\facturio\bin\win32\factorio.exe] => E:\facturio\bin\win32\factorio.exe
FirewallRules: [{581679F6-2E40-424F-B726-CF667C36AB4E}] => D:\SteamLibrary\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{16196621-4246-443A-A53C-EF4C9FB340C8}] => D:\SteamLibrary\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A3D0FBF0-ADC6-419B-9C24-0D5A5E0B9251}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{95B728D6-ED61-483D-B422-77AB79BBB06C}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{1CD1CBCF-35CA-40C0-B067-7F0A0388D218}] => D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{415CBA82-0084-4C63-9D99-DC65C7AA1CC2}] => D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{016B7276-5C6B-4835-892D-CD9D56106F11}] => D:\SteamLibrary\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{DBB57A73-8468-4C33-B3F0-7F0FFBA8A000}] => D:\SteamLibrary\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{BD17C3E2-66BB-4FB8-9478-65BFCCCF6E91}] => D:\SteamLibrary\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{F3673393-C89A-4A5D-8A1B-EA5755A71AD3}] => D:\SteamLibrary\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{19BDB955-AE1A-465A-AFE9-A5D33DE291FB}] => D:\SteamLibrary\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{0023FA3D-000D-4E46-A97A-0CF62D905EEE}] => D:\SteamLibrary\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{AA4703E4-ACC3-44C5-A189-01CA44693A13}] => D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{9A8AF813-1935-41AE-AC46-C0DA272E20BA}] => D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [TCP Query User{4049540C-3097-48EF-93AA-7B73F9E8ECE8}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{CD5B3767-B067-4E2F-8D62-E63E9E3BEF4B}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{3C8B210F-DACE-43DF-BB1D-BDE10121C527}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{6024E61B-6113-4AA2-84F4-DF512CD99824}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [{79983646-B3CE-42E2-BDED-A28BD3E71342}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{D896A99E-3E9C-4610-9B15-A8F3C2FD905A}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{65CA188F-C33F-4AE7-9E16-AC6280F71CA0}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{47B2F51E-8815-4975-8ABC-C5041A1008F2}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{806F10C8-EB6E-46E0-AEA0-B37AD0BC6A72}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{D277D33D-0E25-40C9-9377-EAC19BC5904B}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{BF4163B0-38B5-4132-9060-E7A7270B7850}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{F56EBC97-BB39-4B63-8072-BDD43D4383ED}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{1738AD56-5E67-4483-B8D5-47D57FB5570B}] => C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
15-12-2016 16:38:11 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/17/2016 04:00:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x728
Startzeit der fehlerhaften Anwendung: 0x01d25783b44ae268
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: ec8599b0-c404-11e6-a565-20cf3093393a
Error: (12/17/2016 04:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0x01d25783b424bcc5
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: eb0fe1a5-c404-11e6-a565-20cf3093393a
Error: (12/16/2016 02:52:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x748
Startzeit der fehlerhaften Anwendung: 0x01d256d21fb594a5
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: 513fccad-c332-11e6-9b1f-20cf3093393a
Error: (12/15/2016 04:34:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\Trine 2\tools\luac_x64.exe".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/15/2016 04:32:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\EFLC\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/15/2016 01:50:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x784
Startzeit der fehlerhaften Anwendung: 0x01d25627dd79b6ba
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 77deec2e-c260-11e6-b517-20cf3093393a
Error: (12/15/2016 01:50:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x74c
Startzeit der fehlerhaften Anwendung: 0x01d25627dd444ed5
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: 747c774b-c260-11e6-b517-20cf3093393a
Error: (12/14/2016 09:54:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x738
Startzeit der fehlerhaften Anwendung: 0x01d255ddc84aae00
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: f8b2ded1-c1da-11e6-a648-20cf3093393a
Error: (12/14/2016 09:34:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\EFLC\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/14/2016 01:27:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x760
Startzeit der fehlerhaften Anwendung: 0x01d25523cd0a7401
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: 22777ae8-c194-11e6-9666-20cf3093393a
Systemfehler:
=============
Error: (12/17/2016 11:30:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/17/2016 11:30:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/17/2016 04:00:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/16/2016 02:52:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/15/2016 01:50:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/14/2016 09:54:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/14/2016 01:27:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/13/2016 02:06:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/12/2016 03:35:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/11/2016 09:44:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 3198.18 MB
Verfügbarer physikalischer RAM: 1095.62 MB
Summe virtueller Speicher: 6394.68 MB
Verfügbarer virtueller Speicher: 3177.46 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:294.04 GB) (Free:133.37 GB) NTFS
Drive d: () (Fixed) (Total:392.66 GB) (Free:51.79 GB) NTFS
Drive e: () (Fixed) (Total:244.71 GB) (Free:218.58 GB) NTFS
Drive f: (BIOSHOCK) (CDROM) (Total:4.38 GB) (Free:0 GB) UDF
Drive g: (SPORE) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive h: () (Fixed) (Total:232.88 GB) (Free:88.89 GB) NTFS
Drive j: (MEMUP 1TB) (Fixed) (Total:931.51 GB) (Free:619.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 101FB8C2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=294 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=637.4 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 24C249AC)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 000E0861)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
MfG Oddel |
|
17.12.2016, 19:25
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  |  Externes Backuplaufwerk Virus Schritt 1
__________________Die "infizierte" Platte an den PC anstecken und einen ESET-Scan durchführen. Wichtig: Bitte unter "Computer-Prüfeinstellungen/...zu prüfende Objekte" die checkbox bei Computer setzen.  ESET Online Scanner
__________________ |
|
19.12.2016, 15:17
| #3 |
| | Externes Backuplaufwerk Virus Moin Leute,
__________________der ESET Scan hat tatsächlich nen Trjoaner auf der Platte gefunden. Code:
ATTFilter J:\$RECYCLE.BIN\S-1-5-21-2906566944-2032903341-733258773-1000\$RC96U3N.lnk LNK/Agent.CF Trojaner
MfG |
|
19.12.2016, 19:16
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk Virus Kannst Du bitte das Log so posten wie beschrieben?
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
19.12.2016, 19:40
| #5 |
| | Externes Backuplaufwerk Virus Hmm sorry, die Logfile die gesucht wurde war nicht direkt zu sehen. Das müsste es aber sein. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4d86243337c3924d85caa52b9c2d7fed
# engine=31781
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-19 02:07:36
# local_time=2016-12-19 03:07:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 79466 54958092 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 105088347 233787647 0 0
# scanned=526088
# found=1
# cleaned=0
# scan_time=14899
sh=AAFCCCD5F749ECFB57D2F549BD332EC51798684D ft=0 fh=0000000000000000 vn="LNK/Agent.CF Trojaner" ac=I fn="J:\$RECYCLE.BIN\S-1-5-21-2906566944-2032903341-733258773-1000\$RC96U3N.lnk"
Der eigentliche log.txt in dem Verzeichnis waren lediglich diese Lines: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4d86243337c3924d85caa52b9c2d7fed
# end=init
# utc_time=2016-12-18 04:27:49
# local_time=2016-12-18 05:27:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 31779
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 31779
Update Init
Update Download
Update Finalize
Updated modules version: 31781
Hoffe das war jetzt richtig. Sorry für die Unannehmlichkeit/Verwechslung. MfG |
|
20.12.2016, 12:44
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk Virus Das beste wäre, wenn Du die Platte formatierst. Dann werden alle Daten und Dateien zwar gelöscht, Du kannst sie anschließend aber wieder "sorgenfrei" verwenden.
__________________ --> Externes Backuplaufwerk Virus |
|
20.12.2016, 18:31
| #7 |
| | Externes Backuplaufwerk Virus Ist es sicher, die Dateien vor dem Formatieren auf ein anderes Laufwerk zu ziehen? Es sind relativ viele Sachen drauf, die mittlerweile als einzige Kopie auf der Platte sind, ein Verlust von diesen wäre ziemlich schlecht. Gäbe es sonst noch eine Alternative zum Neuaufsetzen? MfG |
|
20.12.2016, 23:28
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk Virus Schritt 1   Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
AppInit_DLLs: {DLL_Str} => Keine Datei
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
HKU\S-1-5-21-3534099020-634075679-966876233-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
"J:\$RECYCLE.BIN\S-1-5-21-2906566944-2032903341-733258773-1000\$RC96U3N.lnk"
EmptyTemp:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
21.12.2016, 00:33
| #9 |
| | Externes Backuplaufwerk Virus Hey deeprybka, danke für die tolle Hilfe bis hier hin. Hier ist der Fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 17-12-2016
durchgeführt von Otti (21-12-2016 00:13:27) Run:1
Gestartet von C:\FRST
Geladene Profile: Otti (Verfügbare Profile: Otti)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
AppInit_DLLs: {DLL_Str} => Keine Datei
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
HKU\S-1-5-21-3534099020-634075679-966876233-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung
"J:\$RECYCLE.BIN\S-1-5-21-2906566944-2032903341-733258773-1000\$RC96U3N.lnk"
EmptyTemp:
*****************
Prozess erfolgreich geschlossen.
"{DLL_Str}" => Waarde Daten erfolgreich entfernt.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-3534099020-634075679-966876233-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
J:\$RECYCLE.BIN\S-1-5-21-2906566944-2032903341-733258773-1000\$RC96U3N.lnk => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13405964 B
Java, Flash, Steam htmlcache => 701012051 B
Windows/system/drivers => 1705864 B
Edge => 0 B
Chrome => 11737352 B
Firefox => 388665372 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 52798 B
LocalService => 132244 B
NetworkService => 66708 B
Otti => 8273950 B
UpdatusUser => 0 B
UpdatusUser => 0 B
RecycleBin => 9062050 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende vom Fixlog 00:15:27 ====
Oddel |
|
21.12.2016, 09:31
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk Virus Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
21.12.2016, 14:56
| #11 |
| | Externes Backuplaufwerk Virus Sogar im Gegenteil, mein PC läuft jetzt auch wieder wesentlich flüssiger, war wohl mal wieder nötig. Scheint aber alles in Ordnung zu sein. Ist ja ne ganze Menge runtergeschmissen worden von FRST. Danke für die Hilfe nochmal, das Board kann man echt nur weiterempfehlen.  MfG Oddel |
|
21.12.2016, 18:22
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk Virus Prima. Dann bitte nochmal frische Logs, damit wir fertig werden... Schritt 1  Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
22.12.2016, 13:32
| #13 |
| | Externes Backuplaufwerk Virus Hier sind die beiden Logfiles: FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016
durchgeführt von Otti (Administrator) auf OTTI-PC (22-12-2016 13:23:47)
Gestartet von C:\Users\Otti\Downloads
Geladene Profile: Otti (Verfügbare Profile: Otti)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(DeviceVM, Inc.) C:\ASUS.SYS\config\DVMExportService.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avwebg7.exe
() C:\Windows\DAODx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Six Engine] => C:\Program Files\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [script_fcbd] => "D:\Uplay\Far Cry 3 Blood Dragon\fcbd.bat"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C17DD923-E015-4AAE-9D11-5ADE08521ABA}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3534099020-634075679-966876233-1000 -> {56C9BBE2-B38E-4CC4-9D74-C66AA7FF4CD9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-11] (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-11] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-20] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: vd5nyfxp.default-1371114904938
FF ProfilePath: C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938 [2016-12-22]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (ExHentai Easy 2) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2016-08-12]
FF Extension: (Adblock Plus) - C:\Users\Otti\AppData\Roaming\Mozilla\Firefox\Profiles\vd5nyfxp.default-1371114904938\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-11-18] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-20] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-20] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3534099020-634075679-966876233-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-18] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default [2016-12-21]
CHR Extension: (Avira Browserschutz) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-31]
CHR Extension: (uMatrix) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2016-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\Otti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-30]
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [136544 2009-10-22] ()
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2291904 2016-10-30] (Microsoft Corporation)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [319488 2009-10-16] (DeviceVM, Inc.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-11] ()
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119208 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140840 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-06-06] (Avira Operations GmbH & Co. KG)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [99952 2010-01-11] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-08-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3564800 2011-07-22] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-09-21] (Duplex Secure Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1127936 2010-03-02] (VIA Technologies, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Otti\AppData\Local\Temp\catchme.sys [X]
S3 eapihdrv; \??\C:\Users\Otti\AppData\Local\Temp\ehdrv.sys [X]
S4 NVHDA; system32\drivers\nvhda32v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-22 13:23 - 2016-12-22 13:24 - 00015041 _____ C:\Users\Otti\Downloads\FRST.txt
2016-12-22 13:23 - 2016-12-22 13:23 - 01762816 _____ (Farbar) C:\Users\Otti\Downloads\FRST.exe
2016-12-21 16:32 - 2016-12-21 16:32 - 01993746 _____ C:\Users\Otti\Downloads\MRSA_Epidemiologie_und_Kosten__Klinik_und_Therapie.pdf
2016-12-21 00:11 - 2016-12-21 00:11 - 00000000 ____D C:\Users\Otti\Documents\Benutzerdefinierte Office-Vorlagen
2016-12-20 19:17 - 2016-12-20 19:17 - 00000000 ____D C:\Users\Otti\AppData\Local\Ubisoft
2016-12-20 11:04 - 2016-12-20 11:04 - 00002172 _____ C:\Users\Otti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-20 11:04 - 2016-12-20 11:04 - 00002078 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-20 11:04 - 2016-12-20 11:04 - 00002078 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-20 11:04 - 2016-12-20 11:04 - 00000000 ___RD C:\Users\Otti\OneDrive
2016-12-20 11:04 - 2016-12-20 11:04 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-20 11:04 - 2016-12-20 11:04 - 00000000 ____D C:\Program Files\Microsoft OneDrive
2016-12-20 11:03 - 2016-12-20 11:03 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-20 10:48 - 2016-12-20 10:48 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-20 10:48 - 2016-12-20 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-12-20 10:45 - 2016-12-20 11:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-20 10:41 - 2016-12-21 00:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-20 10:40 - 2016-12-20 10:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-20 10:39 - 2016-12-20 10:40 - 03815736 _____ (Microsoft Corporation) C:\Users\Otti\Downloads\Setup.X86.de-de_O365ProPlusRetail_0475e8d2-bf5e-4743-bd82-0fd5cbbcddec_TX_DB_b_32_.exe
2016-12-18 17:27 - 2016-12-18 17:27 - 00000000 ____D C:\Program Files\ESET
2016-12-18 17:23 - 2016-12-18 17:23 - 02870984 _____ (ESET) C:\Users\Otti\Downloads\esetsmartinstaller_deu.exe
2016-12-16 23:31 - 2016-12-16 23:31 - 09700976 _____ C:\Users\Otti\Downloads\Thorium Mod v1.2.13.4.zip
2016-12-16 23:28 - 2016-12-16 23:29 - 10847910 _____ C:\Users\Otti\Downloads\tModLoader.Windows.v0.9.0.2.zip
2016-12-08 18:45 - 2016-12-08 18:45 - 00001094 _____ C:\Users\Public\Desktop\Avira Connect.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-22 13:23 - 2015-07-25 15:55 - 00000000 ____D C:\FRST
2016-12-22 13:23 - 2011-09-21 16:35 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-22 13:23 - 2009-07-14 09:47 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-12-22 13:23 - 2009-07-14 09:47 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-12-22 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-12-22 13:21 - 2011-09-21 17:43 - 00000000 ____D C:\Program Files\Steam
2016-12-22 13:08 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-22 13:08 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-22 12:37 - 2016-01-04 11:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-22 11:36 - 2016-11-18 19:43 - 00000000 ____D C:\Users\Otti\AppData\LocalLow\Mozilla
2016-12-22 07:16 - 2011-09-21 16:57 - 00000177 ____H C:\dvmexp.idx
2016-12-22 07:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-21 00:36 - 2011-09-21 17:43 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-12-21 00:17 - 2009-07-14 05:33 - 00454872 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-20 20:08 - 2016-10-06 10:07 - 00000000 ____D C:\Users\Otti\Desktop\Master
2016-12-20 19:50 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-20 19:23 - 2011-09-21 19:59 - 00116928 _____ C:\Users\Otti\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-20 14:23 - 2013-12-12 01:38 - 00000000 ____D C:\Users\Otti\AppData\Local\Ubisoft Game Launcher
2016-12-20 11:04 - 2011-09-21 16:32 - 00000000 ____D C:\Users\Otti
2016-12-20 11:03 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-20 01:35 - 2014-06-03 18:00 - 00281688 _____ C:\Windows\system32\PnkBstrB.exe
2016-12-20 01:35 - 2014-06-03 18:00 - 00138032 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2016-12-20 01:35 - 2013-12-12 01:47 - 00281688 _____ C:\Windows\system32\PnkBstrB.xtr
2016-12-20 01:31 - 2011-10-11 01:18 - 00000000 ____D C:\Users\Otti\Documents\My Games
2016-12-20 00:54 - 2011-11-23 20:03 - 00000000 ____D C:\Users\Otti\AppData\Roaming\Skype
2016-12-18 23:27 - 2011-09-21 16:32 - 00000000 ____D C:\Users\Otti\AppData\Local\VirtualStore
2016-12-17 11:27 - 2016-11-18 15:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-17 11:27 - 2012-05-04 01:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-15 21:58 - 2015-05-04 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-15 21:54 - 2016-11-18 01:36 - 00030672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-12-15 21:54 - 2015-05-04 20:02 - 00140840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-12-15 21:54 - 2015-05-04 20:02 - 00119208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-12-14 00:37 - 2015-07-01 22:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-14 00:37 - 2015-07-01 22:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-14 00:37 - 2011-09-21 17:30 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 21:00 - 2012-12-12 21:18 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-08 18:43 - 2015-05-04 19:28 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-02 16:15 - 2015-10-13 21:07 - 00000000 ____D C:\Users\Otti\AppData\Roaming\.minecraft
2016-12-01 00:44 - 2015-02-05 18:06 - 00000000 ____D C:\Users\Otti\AppData\Local\Steam
2016-11-30 16:54 - 2012-12-12 21:18 - 00000000 ____D C:\Users\Otti\AppData\Local\Google
2016-11-28 23:02 - 2011-11-23 20:03 - 00000000 ___RD C:\Program Files\Skype
2016-11-28 23:02 - 2011-11-23 20:03 - 00000000 ____D C:\ProgramData\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-06-05 17:08 - 2014-06-19 20:44 - 0000096 _____ () C:\Users\Otti\AppData\Roaming\LauncherSettings_live.cfg
2014-06-03 18:00 - 2015-05-28 14:36 - 0138056 _____ () C:\Users\Otti\AppData\Roaming\PnkBstrK.sys
2016-01-22 23:34 - 2016-11-15 20:56 - 0013106 _____ () C:\Users\Otti\AppData\Roaming\SpeedRunnersLog.txt
2016-10-24 17:46 - 2016-10-24 17:46 - 0002634 _____ () C:\Users\Otti\AppData\Roaming\TargetInvocationLog.txt
2014-06-05 17:11 - 2014-06-05 17:11 - 0000039 _____ () C:\Users\Otti\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-06-15 23:03 - 2015-06-15 23:03 - 0007607 _____ () C:\Users\Otti\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-14 09:31
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 21-12-2016
durchgeführt von Otti (22-12-2016 13:24:46)
Gestartet von C:\Users\Otti\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-09-21 15:32:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3534099020-634075679-966876233-500 - Administrator - Disabled)
Gast (S-1-5-21-3534099020-634075679-966876233-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3534099020-634075679-966876233-1002 - Limited - Enabled)
Otti (S-1-5-21-3534099020-634075679-966876233-1000 - Administrator - Enabled) => C:\Users\Otti
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Productions Ltd.)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM\...\{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}) (Version: 3.1.0.0342 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games)
ANNO 1404 (HKLM\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.01.0000 - Ubisoft)
Anno 1404 (Version: 1.00.0000 - Ubisoft) Hidden
Antichamber (HKLM\...\Steam App 219890) (Version: - Alexander Bruce)
Assassin's Creed II (HKLM\...\Steam App 33230) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM\...\Steam App 242050) (Version: - Ubisoft Montreal)
Audiosurf (HKLM\...\Steam App 12900) (Version: - Dylan Fitterer)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
BioShock 2 (HKLM\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock Infinite (HKLM\...\BioShock Infinite_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crusader Kings II (HKLM\...\Steam App 203770) (Version: - Paradox Development Studio)
Dead Space™ (HKLM\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.21.123 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Discord (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version: - )
Dota 2 Test (HKLM\...\Steam App 205790) (Version: - )
EPU (HKLM\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio)
Express Gate (HKLM\...\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}) (Version: 1.5.17.9 - DeviceVM, Inc.)
Factorio version 0.12.25 (HKLM\...\Factorio_is1) (Version: - )
Fallout 3 (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version: - Bethesda Softworks)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEAR (HKLM\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FlatOut (HKLM\...\Steam App 6220) (Version: - Bugbear Entertainment)
FORCED (HKLM\...\Steam App 249990) (Version: - BetaDwarf)
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version: - Greenheart Games)
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Gothic 3 (HKLM\...\Steam App 39500) (Version: - Piranha – Bytes)
Gothic_Patch (HKLM\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Guitar Hero III (HKLM\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.31 - Activision)
Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione)
Heroes of Might & Magic V: Tribes of the East (HKLM\...\Steam App 15370) (Version: - Nival)
Heroes of Newerth (HKLM\...\hon) (Version: 1.0.20 - S2 Games)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hitman 2: Silent Assassin (HKLM\...\Steam App 6850) (Version: - Eidos)
Hitman: Blood Money (HKLM\...\Steam App 6860) (Version: - Eidos)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Just Cause 2 (HKLM\...\Steam App 8190) (Version: - Avalanche)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Lethal League (HKLM\...\Steam App 261180) (Version: - Team Reptile)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
measure (HKLM\...\{5FC40A17-BC1D-4F59-A511-B308A669DBAA}) (Version: 4.6.11.1 - Phywe Systeme GmbH)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM\...\Steam App 113020) (Version: - Pocketwatch Games)
Mount Your Friends (HKLM\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Mozilla Firefox 50.1.0 (x86 de) (HKLM\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
My Game Long Name (HKLM\...\UDK-7c652209-baac-4ad1-ab52-d0e8e7a84a01) (Version: - Epic Games, Inc.)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PC Probe II (HKLM\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.87 - ASUSTeK Computer Inc.)
PDF24 Creator 7.0.4 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Port Royale 2 (HKLM\...\Steam App 12470) (Version: - Ascaron Entertainment ltd.)
Prince of Persia (HKLM\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prince of Persia Sands of Time (HKLM\...\Uplay Install 111) (Version: - Ubisoft)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.15.209.2010 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SEGA Genesis & Mega Drive Classics (HKLM\...\Steam App 34270) (Version: - Sega)
Sim City 4 Deluxe (HKLM\...\{90EEF48B-EAAF-44DC-B2F6-6FB97D7DAC4E}) (Version: 1.0.0 - Doctor Strange)
SimCity™ Societies (HKLM\...\{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}) (Version: 1.0.0.0 - Electronic Arts)
Skullgirls (HKLM\...\Steam App 245170) (Version: - Lab Zero Games)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
South Park - The Stick of Truth Version 1.0.1353 (HKLM\...\{83736891-79AE-49BA-96F5-55DD6F2186AC}_is1) (Version: 1.0.1353 - Ubisoft)
SPEEDLINK CASE (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54200.103 - Sonix)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version: - sparsevector)
TeamSpeak 3 Client (HKU\S-1-5-21-3534099020-634075679-966876233-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version: - CD Projekt RED)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version: - Nadeo)
TrackMania² Stadium Open Beta (HKLM\...\Steam App 233070) (Version: - Nadeo)
Trine 2 (HKLM\...\Steam App 35720) (Version: - Frozenbyte)
Tropico 3 - Steam Special Edition (HKLM\...\Steam App 23490) (Version: - Haemimont Games)
TurboV EVO (HKLM\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.20 - )
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.4 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3534099020-634075679-966876233-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Otti\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3534099020-634075679-966876233-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {212395F8-BF05-48CB-8DD8-CC09589DF3C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {260E6265-B5D2-43E2-A1CB-25C1AD7B3936} - System32\Tasks\{F9DDD321-AAE5-4267-A62E-46046C1DA01D} => H:\C&C G\generals.exe
Task: {27BCD9A8-F178-4463-B7AF-05E684C021D8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {31855B55-CA9B-460D-8772-021CB6D58D96} - System32\Tasks\{C17E8858-867F-44F9-8E08-BE03850DF90A} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.111.259&LastError=404
Task: {448C28F9-1484-4FD9-A54F-EDBB926A6534} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-20] (Microsoft Corporation)
Task: {48E8C246-9F2A-494B-BF76-EE856E0130D2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-20] (Microsoft Corporation)
Task: {5392CA4E-A8D7-48E4-85DB-513CD400AF35} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {63A9F388-7731-4E8C-AB1B-5120963DB0E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-20] (Microsoft Corporation)
Task: {69A655CC-26B7-494E-B630-A69355641EBF} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {88EEE1FF-1FE5-48D8-8148-1FAB946D6C1E} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {93648F48-097D-47CE-AF18-E7E347D1BA99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9804ABC1-EFEE-4444-9248-BEF74E812770} - System32\Tasks\{D75400F9-CEF5-4B9A-8A35-583C9357DFC0} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.111.259&LastError=12007
Task: {98415088-2D91-412A-8F50-86C0F8C528FF} - System32\Tasks\{56861F2F-779A-4A46-B206-DBEA0CDCC14C} => pcalua.exe -a C:\Users\Otti\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe -d "C:\Program Files\Mozilla Firefox"
Task: {991DDCD5-05B9-4127-9204-E08CA759DE8A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {A97CA397-B93D-43D0-A171-0DE73D9B93EA} - System32\Tasks\{D2B8A2BB-6D39-4FDF-9DBB-257E057C55F3} => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe [2016-01-03] ()
Task: {E41C18AC-9250-42F9-B625-11ED57641030} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-04-02] (ASUSTeK Computer Inc.)
Task: {F2905056-495B-4773-9D29-FB4B97C3643B} - System32\Tasks\{FEAFA12A-00FB-49E0-AB06-AB93FE578D57} => pcalua.exe -a F:\DIRECTX\dxsetup.exe -d F:\DIRECTX
Task: {FE5205E8-7F93-4A10-924B-0184E8104307} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-29 22:24 - 2013-04-29 22:24 - 00202240 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-02-16 13:49 - 2012-02-16 13:49 - 03850240 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-03-05 14:59 - 2012-03-05 14:59 - 00512000 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-06-03 18:00 - 2014-07-11 10:06 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2009-03-30 07:32 - 2009-03-30 07:32 - 00032768 ____R () C:\Windows\DAODx.exe
2016-12-20 11:04 - 2016-12-20 11:04 - 00679624 _____ () C:\Users\Otti\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2012-01-12 18:39 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3534099020-634075679-966876233-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Otti\AppData\Local\Discord\app-0.0.290\Discord.exe
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tsnp2uvc => C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
MSCONFIG\startupreg: TurboV EVO => "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E568A85F-3488-4295-AD5C-F3814D61B0FA}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{A9E0534C-D39E-4807-901F-FEDB6025091F}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{573A2CBA-DDA1-4D07-9AE4-8274B26F0A43}] => D:\World of Warcraft\Launcher.exe
FirewallRules: [{A341FD75-CA47-42A3-A435-4030FCEA6F30}] => D:\World of Warcraft\Launcher.exe
FirewallRules: [{9DAE4A5D-0818-4BA5-B355-43398E62720C}] => D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{4DCA2361-29A6-4B99-8745-6219236D5C96}] => D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{467A5113-CCD2-4111-947D-3D1F8E483ADB}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{93840C42-9FF7-4B9F-9E19-E9BF631E1F6E}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{DAAF1158-F8FF-4956-B07A-B6C83575AAFA}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{AFA5CA22-0E17-4923-B5BE-235315446348}] => C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{D4DEDCCF-19F5-4192-8BDA-505C7D9DD83B}] => C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{C029ECB3-445A-4D5E-99C0-176570E472B1}] => C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{B666F467-9BC4-442F-97E0-4006B9DD1793}] => E:\WoW Test\World of Warcraft Public Test\Launcher.exe
FirewallRules: [{8E64879A-AAAD-48B9-8E61-0DD806E4C57D}] => E:\WoW Test\World of Warcraft Public Test\Launcher.exe
FirewallRules: [{0C42C1C6-0E4C-4241-8878-A34D1E6D809C}] => E:\WoW Test\World of Warcraft Public Test\Launcher.patch.exe
FirewallRules: [{6C7AD351-0845-4F47-8AEA-55F62B919BF9}] => E:\WoW Test\World of Warcraft Public Test\Launcher.patch.exe
FirewallRules: [{03D4C544-BBF1-487E-BA25-0A60BE018614}] => E:\World of Warcraft\Launcher.exe
FirewallRules: [{279FFE3F-4B7C-42AD-8F3A-32CC6F43B152}] => E:\World of Warcraft\Launcher.exe
FirewallRules: [{A6FB244B-F89A-4EA4-868B-F1EF7F1A9B3C}] => E:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{FEB4BC64-D50C-496A-A224-167513946BCF}] => E:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{52CDAF9D-044F-4859-A917-322F87BC3599}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{96586C3E-15CC-4980-87E7-D1B8CAAA03A7}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{DCA09D93-DD03-43C1-AB7D-1CB5E147E855}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{1F7797DB-BD7B-4E47-AC82-34E291AED0A7}E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [UDP Query User{636CD2BC-7259-42A0-B2CC-D285CFBB4B07}E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe
FirewallRules: [{D70989FC-7720-4569-A26B-3CA3D490A0E2}] => C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{E4BED6F8-78B1-4792-A325-EEFAA690F53F}] => C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C4C007F1-E78D-4B10-BC07-585A00768CB6}] => C:\ProgramData\Battle.net\Agent\Agent.516\Agent.exe
FirewallRules: [{A0D3BFBC-0453-4AA2-AD12-311105D783C0}] => C:\ProgramData\Battle.net\Agent\Agent.516\Agent.exe
FirewallRules: [{D6CD1D59-ED4E-4474-9D87-A21357D70DF5}] => C:\Program Files\Diablo III Beta\Diablo III.exe
FirewallRules: [{E66780C7-C155-4CEB-B8E3-D6A356088FE8}] => C:\Program Files\Diablo III Beta\Diablo III.exe
FirewallRules: [{76B3B89E-08B5-4840-B208-8E4230EC0498}] => C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{A17AFCD0-C9B1-47B1-8638-BC90446B51D3}] => C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{2272C476-2915-4E3E-80F3-B1F24014B150}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EAAB0B20-5C10-4E34-98AB-65764C0594BC}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{05F0CA97-12C9-4A60-AC40-86D4C94CCBDA}C:\programdata\battle.net\agent\agent.649\agent.exe] => C:\programdata\battle.net\agent\agent.649\agent.exe
FirewallRules: [UDP Query User{65BD2E2B-B2C3-4792-9D74-98488376C42D}C:\programdata\battle.net\agent\agent.649\agent.exe] => C:\programdata\battle.net\agent\agent.649\agent.exe
FirewallRules: [TCP Query User{FF81B32F-D392-47E3-BC0F-3D8030FF090E}C:\program files\diablo iii beta\diablo iii.exe] => C:\program files\diablo iii beta\diablo iii.exe
FirewallRules: [UDP Query User{D801B325-89B4-418C-9C30-0EF3A3AA4A05}C:\program files\diablo iii beta\diablo iii.exe] => C:\program files\diablo iii beta\diablo iii.exe
FirewallRules: [{A8C1D08D-08F6-461B-A68E-D3F81DD2B0C5}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{3A06FA7E-AEBF-47E9-A4C0-D94A7B0923F1}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{A490D29C-331B-4728-9683-61457735592C}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{92EC4CEE-6AA8-4AA8-8879-1BE0C5B993F9}] => C:\Program Files\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{0D2FCEC1-6A15-44C3-9B8C-6444E5E9FF45}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{1883B0E8-EF14-4FC1-9C9E-1819E0D38C82}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{0CE86750-7537-4D03-AB33-406D1D3B1BD3}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [{C48C6730-224A-46E5-86F0-E7CF2F9B13D8}] => C:\Program Files\Steam\SteamApps\common\Hitman Blood Money\configure.exe
FirewallRules: [TCP Query User{1764764C-FD19-4C15-B299-D971E3B148E7}E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [UDP Query User{ED3D5300-D335-43BC-93A5-18461F2934F2}E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [TCP Query User{E9AD4D43-9545-453D-B639-F1E6DBDBF547}C:\programdata\battle.net\agent\agent.749\agent.exe] => C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{0F878FC7-073B-4856-AF45-6B671FAE64FF}C:\programdata\battle.net\agent\agent.749\agent.exe] => C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{A164D4CD-B1DE-4CF0-BBD0-FF8DD47F49F3}E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [UDP Query User{B3FEA817-DF86-4037-A347-60B98C067355}E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [{8E60F03B-866C-4994-92CE-4D032ADBCA0A}] => C:\Program Files\Steam\SteamApps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{49F95687-4AFB-4BA0-AF52-851F92C8A763}] => C:\Program Files\Steam\SteamApps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{BB0A4E42-766C-480E-A123-2F6EBFB096BA}E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [UDP Query User{335A9644-8FFA-47ED-847F-6165B104F5CC}E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe] => E:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [TCP Query User{F82639CF-EF49-4A3E-B09C-0B2352E173D9}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{C0F3DBA2-129D-401D-A4DA-25DC8972F4B4}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{3704E7FE-25F0-4611-B641-48713D4AD6AB}C:\programdata\battle.net\agent\agent.868\agent.exe] => C:\programdata\battle.net\agent\agent.868\agent.exe
FirewallRules: [UDP Query User{C27B6CD4-5BF0-4C83-9109-BEA2778BEE9C}C:\programdata\battle.net\agent\agent.868\agent.exe] => C:\programdata\battle.net\agent\agent.868\agent.exe
FirewallRules: [TCP Query User{C03462CD-672A-4291-817F-095DC4E694FC}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [UDP Query User{16992B69-EF89-432D-B0E2-913946A143BB}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader.exe
FirewallRules: [{0E05B281-A4B3-4DBC-BA94-C4AB44B086B8}] => C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe
FirewallRules: [{D43E50CF-3391-4873-A870-57346655AB02}] => C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe
FirewallRules: [TCP Query User{E999B39F-F3D3-40DA-8B35-9907B9EAA645}C:\programdata\battle.net\agent\agent.954\agent.exe] => C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{36342DE5-2EF6-4367-A5C4-250E53F5A050}C:\programdata\battle.net\agent\agent.954\agent.exe] => C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [{79A44702-3AFE-47C1-AAE7-DB79D8BA6F13}] => D:\2K Games\Bioshock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{508E877F-B18A-455D-B2B9-7BFF9AEEC227}] => D:\2K Games\Bioshock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{C03D883F-0C85-4035-A789-282E3EBC172E}] => D:\2K Games\Bioshock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{731B2187-EABA-4E95-B12D-E51A402C21F6}] => D:\2K Games\Bioshock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [TCP Query User{A83941C7-82E1-42FD-B999-6D08E9553220}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe
FirewallRules: [UDP Query User{94411FCA-8831-4979-B9E9-94EB776D3844}C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe] => C:\users\otti\downloads\diablo-iii-8370-dede-installer-downloader(1).exe
FirewallRules: [{6243AD7F-F734-4A3B-A3E9-3BA345B07843}] => D:\Diablo III\Diablo III.exe
FirewallRules: [{527B18BD-C8CC-4AA3-853B-37007B844515}] => D:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F1BDAD3D-27C3-4B5F-AB6D-EFCB475CF6E4}C:\programdata\battle.net\agent\agent.976\agent.exe] => C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{F1874D76-E126-4088-A6F4-B4626133C55F}C:\programdata\battle.net\agent\agent.976\agent.exe] => C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{0EEA1371-F366-4848-B7D6-57E57C7B4EBB}C:\programdata\battle.net\agent\agent.998\agent.exe] => C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{47FB1774-5A72-4E0D-B267-5817CC27D0DA}C:\programdata\battle.net\agent\agent.998\agent.exe] => C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{DF358BBB-C9A9-4F76-BED6-43B18766A637}C:\programdata\battle.net\agent\agent.1040\agent.exe] => C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{1693B1ED-D012-4CA2-9F5A-1917E5DFA10E}C:\programdata\battle.net\agent\agent.1040\agent.exe] => C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{880138E1-65F8-4FF2-B812-1FF88A3C7C92}] => C:\Program Files\Steam\SteamApps\common\borderlands\Binaries\Borderlands.exe
FirewallRules: [{8F9AFAB6-B2A8-4EE1-AB3F-EC21CE55B2BB}] => C:\Program Files\Steam\SteamApps\common\borderlands\Binaries\Borderlands.exe
FirewallRules: [TCP Query User{46267F84-A1C1-461F-8682-36DBC8C7FEDE}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{25BF16CE-4EEF-4F91-95DC-7F9DD2342ACD}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [{272884C9-FF1B-4D06-8627-B9E9B04B92A2}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{EFB1F124-0471-4972-8A86-A9078CC11594}] => C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{B221F76D-14DF-4742-AC3E-94CAC52A0784}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{22F4F794-D602-494D-AF25-9047DD00AC1C}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0425783C-CB3F-455D-9687-B0D1CE0117C7}] => D:\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{6541CD77-D363-4223-B349-1B6AB7D218B1}] => D:\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{58DEC5C5-C756-409C-A113-26625DB5924A}] => D:\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{97BE214F-9FD7-4AEA-8273-5AA4B2F49CDE}] => D:\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{E95B16E5-6E54-404B-864A-C3D5E82F39E5}] => D:\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{4B06FC8A-A5B9-416B-AB70-1100FA0C2C9D}] => D:\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [TCP Query User{2D5E9B56-FD7C-4D71-871D-8A95716D419C}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{8BC5115D-3876-4C78-8E0A-8B062F7F5479}E:\warcraft iii\war3.exe] => E:\warcraft iii\war3.exe
FirewallRules: [{AF4E9EF3-B3E0-475A-ADCC-4934F2365851}] => D:\Prince of Persia\Prince of Persia.exe
FirewallRules: [{9ADB38DE-162D-4AA3-8421-6ED153EBDEF2}] => D:\Prince of Persia\Prince of Persia.exe
FirewallRules: [{C313EF7B-3312-4C73-B45C-4F215E2DDFE6}] => D:\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{1BBE6291-4B67-4428-A6B2-EF25FA036FC5}] => D:\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [TCP Query User{3957A71D-F374-42A4-82EC-F54E31162431}D:\electronic arts\deadspace\deadspace.exe] => D:\electronic arts\deadspace\deadspace.exe
FirewallRules: [UDP Query User{28C11678-3FE6-44F2-BAC9-906C81604573}D:\electronic arts\deadspace\deadspace.exe] => D:\electronic arts\deadspace\deadspace.exe
FirewallRules: [TCP Query User{76D2DD88-F48C-4E28-9A59-AFD6BC4D957B}D:\electronic arts\deadspace\dead space.exe] => D:\electronic arts\deadspace\dead space.exe
FirewallRules: [UDP Query User{D1C93ADB-6154-4E1D-A17C-0012DFC4254D}D:\electronic arts\deadspace\dead space.exe] => D:\electronic arts\deadspace\dead space.exe
FirewallRules: [{35933EE3-F9AD-4334-A439-47B6D49479D5}] => C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{645483AD-43D2-44BD-8F03-20835B494638}] => C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{325A6244-9B92-46E4-B9AC-D6116E907431}] => C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{BC059A93-A380-453A-BD21-B7A58003BF11}] => C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{F52BE773-E851-4196-AD7C-B7E444AA7EEB}] => C:\Program Files\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{BA3C7D9F-F7C8-4E32-B0BA-3428A756C7DD}] => C:\Program Files\Steam\SteamApps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{34D6E995-FB14-4058-A1D0-345E8701F719}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{37EE1F71-B728-4F17-BAF2-452B7F870A33}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{15133073-817B-4729-94B9-7AAE23406460}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{752A253E-DE53-4B24-AADA-8345C76BA07F}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3714A085-66AD-4E71-BF6E-71AA78545D4D}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C27B4C30-292D-46E9-A90B-0BDED30AC2A9}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{31A67AF3-9FEB-4E65-BFFE-780B618AAE61}] => C:\Program Files\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{7694C910-321C-4770-A206-C26D65AE2430}] => C:\Program Files\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{2141C595-3A0D-42C8-9482-AFA254FE720B}] => C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{4493DC5D-D4D9-4602-91AF-D9CB92489154}] => C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{8D2693C9-53C3-4BA4-9375-A88E0977113B}D:\heroes of newerth\hon.exe] => D:\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{87AABD27-E609-4ECE-BEAA-518C7428EB9E}D:\heroes of newerth\hon.exe] => D:\heroes of newerth\hon.exe
FirewallRules: [{99634AC9-3115-4F1D-9914-B51BC762E627}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{80C7397A-6FF9-4068-B14F-326F7DB4E677}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{A1CD4298-0885-4A77-B540-8089DCE76B0C}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{C51CE07B-0494-4A6A-A89A-79D98A3CF732}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{C9AD272B-4A78-4E58-A4B6-6A39936C0BB1}] => C:\Program Files\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{A95E232C-B319-4BA0-9C65-1BED433C1622}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{F3209092-4D43-49CF-AF98-81F3FE8667DB}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{F4D9DF15-8DAA-4384-A9F6-CE9A828C6C56}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{2D6C2AC8-4F23-41D6-B5B2-1F6EADF26422}] => C:\Program Files\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{2E3A52B2-9761-4263-8CA3-6F563ECBFF07}] => D:\F.E.A.R\FEAR.exe
FirewallRules: [{656AEB94-F935-43A4-A4E3-122EC7132AE4}] => D:\F.E.A.R\FEAR.exe
FirewallRules: [{676ADBF2-1798-4815-9B7A-49FB3CE901C8}] => D:\F.E.A.R\FEARMP.exe
FirewallRules: [{8BAB504C-4E98-4A56-A928-3828454483B1}] => D:\F.E.A.R\FEARMP.exe
FirewallRules: [TCP Query User{E7AF5D4F-EF15-4A40-A03E-3443AF39AA9A}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{5C6519CA-8BB6-4337-B94E-7F8FF6A379C6}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{E5A8D9E6-2A8A-4DC6-B98E-C2D98076786A}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{43A26C19-0EE3-40AD-A046-29CD1BACA4B2}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{2FF589EC-9F9B-44EC-9715-75E83491C73D}D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [UDP Query User{B78212E9-3466-4B51-B568-F39DD06EEAE5}D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => D:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [{ADE60596-8BDF-443E-AC4B-8B4ED51290E3}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0002D1DF-8D83-401F-8915-F378E9DB6864}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{D8A390AD-4E3A-4332-9AFA-83AA3A78E957}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{EC343EE4-3123-4FC2-A343-B35F5E1D2862}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{1DB9693B-C1BF-4603-98DA-05B61DF94278}E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [UDP Query User{EFEC7492-6516-412A-93B7-7086CF135772}E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe] => E:\magic 2014 — duels of the planeswalkers\dotp_d14.exe
FirewallRules: [TCP Query User{479A26BB-6461-498D-94A3-D0361FE5032D}D:\dead island\deadislandgame_x86_rwdi.exe] => D:\dead island\deadislandgame_x86_rwdi.exe
FirewallRules: [UDP Query User{A23471E0-459A-472F-8BE2-F62199E28B32}D:\dead island\deadislandgame_x86_rwdi.exe] => D:\dead island\deadislandgame_x86_rwdi.exe
FirewallRules: [{F9C77335-EA3F-4A95-996E-FCF0C6D65114}] => C:\Program Files\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{00C66733-C1CF-4075-B11D-FAB7D2EBC2A5}] => C:\Program Files\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [TCP Query User{54566374-E743-460B-B0CD-AE04F8580DDD}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{8EB29137-663B-4786-99A0-7F87EFEC6F39}D:\anno 1404\tools\anno4web.exe] => D:\anno 1404\tools\anno4web.exe
FirewallRules: [{6ED7DA77-7316-40D0-98E1-23F6A7D76E45}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F74AF459-9A7D-4916-B29D-68D60D479973}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6A7003E2-F5BD-4C6E-97CB-4BB597FCF57C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B8623E96-5E41-455D-9BA3-FECA9C84F24A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{03D54A90-E92D-4874-B66F-C00BC1F02DEC}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{E94D12D0-334B-4DB9-844C-CF9EF14555CC}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [TCP Query User{2EA24E4C-060D-4E7E-AED0-C010241D8658}C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe] => C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{BA7EE73D-26E4-4222-B24F-6531175CC604}C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe] => C:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [{E7C36135-BB2D-430B-A799-5CCB7B502170}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6D42EDEF-A367-4083-9CAF-4AE03FE79D27}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7F7C8B25-BAC4-457E-960D-E6D784CECBE9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F43A1D6E-3E8A-4344-8005-9617EA62A696}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8300EB33-51CC-4E18-830B-E54FF15E32AA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8EB3947B-0581-43E1-B85D-161DD0361F25}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8DB85C6-E2AB-4A3E-99A5-A0FEC926F3BD}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2526CDAC-79F6-43C5-B444-0201B7760886}] => D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2B74999D-72A7-48B1-B017-1B4A0C907CF7}] => D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D97A092E-7E32-48BF-A899-8C1CF2211A4E}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A9318A99-42EF-4BCF-9F67-E5578DF5E66D}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E830A068-1AED-44C6-9CCD-5147B4985FCD}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0B40C744-0F8A-4070-84B2-01EA4B761D88}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0CCC8685-6953-4D7C-88CF-0228E715D581}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6ECD6B26-F0EA-4902-8D5B-6418A2988466}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{424CFC3F-541B-40B8-B3BA-533F8141A0EF}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4DA40D0E-5DB9-423D-9DBB-8AE84BBFC74B}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C1E2AC4E-68CF-441F-BDC8-2096423AF90F}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{06F4D475-06BB-4F37-B510-0D10C112ACCD}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{82A1CC89-879B-419E-A0BB-CAB5B4F2E3F1}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A639A706-06D1-4995-AF32-0819A7B8EA39}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{81CF0714-56EF-4029-9BBE-4AF2568997C8}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{45BF4069-9800-4429-9AC2-1D33A6C53B73}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{427BD3D2-36BD-42F6-8B0E-02F8D25EFD94}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{9F4D8942-34B1-4BF5-B25B-284C7C946315}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{FF31A829-99CB-46D3-B745-2EE89F9AC1C7}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B67AA204-A108-43B6-8CA9-5BB4D041E18D}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B9FDFC38-182C-421E-8C50-D706EDC2B143}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{2A12023F-72B2-42C9-AE6D-F7234F2D7F03}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{B5727E9B-59A1-40F8-B58E-150491FB1B77}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{7F858E23-BE14-464E-8943-74B886D4EB87}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{011DB4AA-14F7-401D-899C-DBE0E97985B0}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{3F84FDB6-88B9-4F90-BECB-B25B4017FD17}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{554933FE-3FBB-4DC7-8569-E77624DD64D1}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{6039FDD4-4F1A-4559-8891-110F635F5753}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\dota.exe
FirewallRules: [{15F9F389-8A75-40D6-8857-7E0F5C809ABA}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{54CF5F3A-00CA-49BE-8D9B-4DA5F39F10DF}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{40D2E168-3BAE-4AA2-81CF-D82A55B9F36A}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B1BF2F1B-DF6F-4BB0-A0B1-DAB19763857F}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2625B82F-F62C-4ED8-81D1-A6B3DE020AD1}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E855FF44-F6FE-414B-A49F-95A2FD31E473}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8EF8DC26-B0B7-4372-BA4D-E5D5235CF300}] => D:\SteamLibrary\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{0DC1F4B9-533B-466E-A10A-27205540D45B}] => D:\SteamLibrary\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{1EE76C8D-11FE-46D3-A3BB-7CBCF21B275B}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30166ED7-E497-44E1-A972-F8E3F12DD937}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC05E1FE-DF9F-41EC-BA6D-C3EFCC53381B}] => D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{4A456AAD-2571-420F-B11C-2C10EE36EB7A}] => D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{84DA8FF2-C2C3-44A3-80F1-13B8529DBD13}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{50DAE296-9717-4D15-99AB-E1F3ACC53D69}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{FC100A19-B707-48B4-BE6C-495C826880B7}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{6146C5BE-7933-43E5-965A-A63D298E1F06}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{609FA4C8-8255-4C1E-94C2-F2DC4103E261}] => C:\Program Files\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{17845C48-00CA-40BF-8D42-EF7D68CC25D3}] => C:\Program Files\Steam\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{DD7050DC-1D14-4494-AEEB-516343E13068}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{33EED445-7A34-4041-88A4-7C58E5DE269B}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{79006F9F-ADCD-4B97-BA87-DE9CD7D93E8C}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{C21D905D-49DF-4BA8-8BDB-1737D4BAA0FF}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{92573FDE-B00A-4BF5-9085-FFA09DB1E119}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{5A243312-8610-4171-88FA-C17FAACEDD91}] => D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{2CDDA180-1AD4-49AD-A4EB-16C0F27CF125}] => C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{7EE2999D-6458-4AD3-AE17-0E518FEC5C06}] => C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{29F87D8C-E47D-483C-AD05-B1EFD7C7424A}] => C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{A37F1082-576E-44B1-9B3B-48A260460E0F}] => C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{80CC07D9-64A8-4DF2-A589-822701962296}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F85DA0A2-E516-4A64-8F20-1F4E5F8F0673}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{72891B8E-6973-4CAC-8989-3E938A84F5A6}] => D:\StarCraft II\StarCraft II.exe
FirewallRules: [{877E8F2A-4FCC-4F3B-8C84-31AC17955B9F}] => D:\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{DA32A0DD-BF06-4ECB-88FB-AEE3AB1BD04D}D:\starcraft ii\versions\base28667\sc2.exe] => D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{00D049C8-486B-46C5-9E1E-8389825AA167}D:\starcraft ii\versions\base28667\sc2.exe] => D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{8669CF9C-D6AA-4FFC-A938-41D4A2C70FF7}] => C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{EE2E86A6-E17A-4143-88A0-F7B3A72968B4}] => C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{8E8D3A44-97EC-4F20-8EC9-2AB50868D22D}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{EAA7D2F3-9BD7-402D-A287-5C011007C5E4}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{951FB2FB-BF2D-4E2B-830A-8785A44D3BE8}] => D:\SteamLibrary\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{774D7E95-09DE-4013-A033-743F01985CA6}] => D:\SteamLibrary\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{758887FF-E66F-41D1-ACBD-9579807F8660}] => D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{3D190ED8-B9BA-4553-AB7B-FB9B7A8E4BF2}] => D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{995ABA57-A52D-4069-8912-C42646A77089}] => D:\SteamLibrary\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{4EEE7BFC-4EC0-4107-949B-4C5D7B79F957}] => D:\SteamLibrary\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{C971B5C5-BD6E-441A-9EA1-507B6076B720}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{D6074904-862C-4554-A23F-89C9689B26BA}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{30B6605E-BBC0-499C-B5BD-83AC0E112D49}] => D:\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{F85B2AF1-5B87-47B3-B55E-AF2B7107D286}] => D:\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{BE2DCE7D-6214-4EDE-9741-8E7609E16F6A}] => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8B74A210-B2D8-4C02-845E-985183A5BDD2}] => D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C77E2011-0C90-4091-A8CA-0F4BC034D559}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{3F230923-FD6D-4276-AF44-69D53AC56E9C}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{6BB7CA3A-0D66-4C8D-B140-AB57EB226B6C}] => D:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{07F3836B-EEA0-443E-88A8-24171ABD6B89}] => D:\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{33E4EBF0-3E01-46C4-87B3-D5649F72E0A9}] => D:\SteamLibrary\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{43F9DE32-5A97-4EC4-8E30-78CF44F7A23D}] => D:\SteamLibrary\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{1A715213-B909-407A-9128-C3165E06CB55}] => D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{A61A572F-C336-4B37-B4EE-F9C814A6B31B}] => D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [TCP Query User{9CDADCF9-080E-4A60-97C9-F3491FC59F90}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{E2E72813-7AAF-44EA-A0EA-7D39808C6C6C}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{6107C44F-815D-491B-ABBE-0880B8DB4674}] => D:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6FE3DE32-2EDF-49E9-9875-151F06021F96}] => D:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2BC8FAFA-A36C-42C5-8C04-E1E98634BD52}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B1DDB7A1-5F00-47B0-BD20-F1B07913A585}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{0161E88A-B633-4727-9EBB-D8C984965C67}] => D:\SteamLibrary\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{400E3C14-E9BD-4807-AA0C-34AD9A234AA5}] => D:\SteamLibrary\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{ACAFB545-0BB9-4ACA-81DB-901322E5BF9B}D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{A2685D1A-E981-4F0A-80B8-2FCB6684758F}D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{B531253E-1173-4050-8D30-EBC135058B52}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{D03A3FEC-42B3-49D9-9BE5-283019D0EAD8}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{2F2A6484-443A-4248-913B-EFB82947825E}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{7CB1CCB0-B700-4001-82C1-8D31F86EE48E}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [{DC48228E-8534-4FD1-AAD3-F64AD8AAADDD}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{F7D9B3A2-C90D-4175-8357-EFE17746245A}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CB6A84B-4BE5-43C4-81AF-A6CFA54C5344}] => D:\SteamLibrary\SteamApps\common\FlatOut\flatout.exe
FirewallRules: [{F0BB7343-63EE-4C2A-B8E8-F9127B1962F0}] => D:\SteamLibrary\SteamApps\common\FlatOut\flatout.exe
FirewallRules: [{9EFF69BE-3522-464F-8E98-D7F78A95D20D}] => D:\SteamLibrary\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{C956A2DD-953A-4BC8-912E-87CF7306BAD6}] => D:\SteamLibrary\SteamApps\common\Tropico 3\tropico3.exe
FirewallRules: [{0F98A126-DE04-4906-A44D-27936D5DC5BC}] => D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{9BFFD0E1-5F62-4989-B4FE-85C98DEC1DD8}] => D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4D63FCA0-9D2B-41BB-9AA2-A00F9A59671C}] => D:\SteamLibrary\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{23C372F5-DAFE-4976-BC18-89758A42AD04}] => D:\SteamLibrary\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{6D6D4FF2-79B0-4A22-BE9F-1F578281F258}] => D:\SteamLibrary\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [{B030D5BE-74E6-4A3D-A9FC-CBE466E7EB8A}] => D:\SteamLibrary\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [TCP Query User{544C29AD-E24E-4123-BC07-336342A1DE7A}C:\program files\geneious\jre\bin\java.exe] => C:\program files\geneious\jre\bin\java.exe
FirewallRules: [UDP Query User{3315995D-4CFB-4739-9AF4-3547769F7148}C:\program files\geneious\jre\bin\java.exe] => C:\program files\geneious\jre\bin\java.exe
FirewallRules: [{E1BEBB8B-CAE6-46A1-B2DB-61F66CC5F54D}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{035AE7C9-7F8F-42A1-92DC-ED8DFCEEC774}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{06A413F3-D3F1-48F2-9760-0846EA05AB3D}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{C2CD5402-7C0C-41F6-AE4A-05154EE8F187}] => D:\SteamLibrary\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [TCP Query User{F431765F-4205-4544-BC27-D6546082A2BE}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{3AF5D673-39EB-40F7-9896-44B8A2D41E84}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{ACB7A484-EC4B-45F1-8BF7-A8C6B8504E9C}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{C70643F1-CC41-4DFF-8018-366F43C81DCF}D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => D:\leagueoffaggots\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{29C5102E-B2B2-4415-B047-C978F5C3B91B}] => D:\SteamLibrary\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{9DA54B2A-5177-4D9F-BA44-10905B78EA1B}] => D:\SteamLibrary\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{A5AED074-D454-4AF1-A16B-80C3E630B350}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{256E15DB-D5A1-418D-A07D-4BB47A8AE342}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1DE54C33-6145-4A29-9425-926C623988FB}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2.exe
FirewallRules: [{4D6CAFC6-854A-405D-A839-838D4117C466}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2.exe
FirewallRules: [{4C58F486-2DD8-418E-A44A-BB7314344B93}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2Config.exe
FirewallRules: [{AD56DF24-935F-402A-9713-60D51B06E78E}] => D:\SteamLibrary\SteamApps\common\Port Royale 2\PR2Config.exe
FirewallRules: [TCP Query User{0E99E21F-00A0-4DCA-8712-E568FE89ACCF}C:\programdata\battle.net\agent\agent.3632\agent.exe] => C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{C1841E25-07B5-44A5-96FF-367CCD8A0F01}C:\programdata\battle.net\agent\agent.3632\agent.exe] => C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [{7A47B7FE-95E9-4598-9B00-36CA7C5C02C7}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{732378E6-6A02-4EC4-B807-40D3723038B7}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [TCP Query User{61F1E079-0AB6-4C3E-B356-9792ED776D4C}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A92D1A85-EE4B-408B-AE89-4506C8D1D9C0}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8D80575E-B390-488B-8DE1-C899CA4C3408}D:\heroes of the storm\versions\base34659\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34659\heroesofthestorm.exe
FirewallRules: [UDP Query User{479D4095-B4A3-4067-A1E5-63AB76B6677D}D:\heroes of the storm\versions\base34659\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34659\heroesofthestorm.exe
FirewallRules: [{25814D4B-7FB0-4977-8176-64D1B4189537}] => D:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E60EBBEC-643F-4832-B231-2F92BDBBBD5D}] => D:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{36A225D5-0DCE-4CA7-9FFD-281F95BF4ED2}D:\heroes of the storm\versions\base34846\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [UDP Query User{AEFA2525-A07B-458A-ADEA-5769E5D1CBA1}D:\heroes of the storm\versions\base34846\heroesofthestorm.exe] => D:\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [{BDF8D20F-5CBC-4088-B4F0-A392A204CF1E}] => D:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win32\spacegame-Win32-Shipping.exe
FirewallRules: [{5E83B031-F4B2-4185-86A5-368D1A15EBF6}] => D:\SteamLibrary\SteamApps\common\Space\spacegame\Binaries\Win32\spacegame-Win32-Shipping.exe
FirewallRules: [TCP Query User{047B1566-774C-429E-ABAB-CC49EF8FCA1B}J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe] => J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe
FirewallRules: [UDP Query User{F914C1CE-3E32-47AF-9CDD-2D36EB310D3F}J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe] => J:\neuer ordner\dawn of war - soulstorm( ua)\soulstorm.exe
FirewallRules: [{6D1ACC45-9F70-4DA1-B05C-1147602D5E54}] => D:\SteamLibrary\SteamApps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{5A864CF4-BFBC-477B-97BE-9892DB08F2D5}] => D:\SteamLibrary\SteamApps\common\Heroes of Might and Magic 5 Tribes of the East\bin\H5_Game.exe
FirewallRules: [{EA6DF6D6-CB19-4126-A88C-C474053699C6}] => D:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E000B7E1-28A3-4432-B4CF-309743AE1097}] => D:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{72649A71-3A3D-4B71-9D32-65EFAA51C600}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{8BDA8251-F3A8-4EC0-98CB-387395CE1417}] => C:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{DC5A2A6D-544B-4136-B89E-2BF1C5BBBE95}] => D:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A404998B-5CEE-41CA-97E1-DE0FC75A48B6}] => D:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{1533A207-FC63-4DC3-8C07-1A5C6C174F85}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{200D00AF-302D-4372-920E-CAE13137C349}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{38FC7F71-43E1-494D-B03F-306B0CA53B86}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{06028079-7D6E-4245-BEB9-31461143C1E5}] => D:\SteamLibrary\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{616F6893-4E18-4C14-9A2B-5500E1F924A4}] => D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{1B731D39-69CC-47A8-9FC6-DC44DF3C54F0}] => D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{15063A19-85EE-4727-813D-C289F2F6B9D4}] => D:\SteamLibrary\SteamApps\common\FORCED\forced.exe
FirewallRules: [{B8CE4CAA-C90B-4E9F-9E7E-7B765156E4EA}] => D:\SteamLibrary\SteamApps\common\FORCED\forced.exe
FirewallRules: [TCP Query User{328CC877-0893-421D-B394-531CAD8829D6}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [UDP Query User{B9C9CE43-33B0-472D-A130-496FE49D101C}D:\guitar hero iii\gh3.exe] => D:\guitar hero iii\gh3.exe
FirewallRules: [TCP Query User{6EF491DD-2F6A-46DF-9F62-FFDF1174B30A}C:\program files\origin games\battlefield 1942\bf1942.exe] => C:\program files\origin games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{21F8353D-6428-40E8-B89B-71AC6BCCF35C}C:\program files\origin games\battlefield 1942\bf1942.exe] => C:\program files\origin games\battlefield 1942\bf1942.exe
FirewallRules: [{872EDA9D-867A-4570-810D-F67E5CF91432}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\game\bin\win32\dota2.exe
FirewallRules: [{B297B775-A4D8-4826-B4FF-2FBD2E69F20F}] => C:\Program Files\Steam\SteamApps\common\dota 2 test\game\bin\win32\dota2.exe
FirewallRules: [{43B8EA4A-25B6-42BB-BF32-67DA5BACA8FA}] => D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{04CA5D54-8B64-4B65-A92D-95FF3D2D39A5}] => D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{D59329B1-90F0-442C-AF2A-949D7231B585}] => D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E335F702-257B-4926-9D86-D56455FB2092}] => D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4549A8FE-FEE9-4357-A01A-1F442A68B506}D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe] => D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe
FirewallRules: [UDP Query User{1F0C80EC-7A72-44BA-BC98-C00C825A72A3}D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe] => D:\steamlibrary\steamapps\common\herosiege\bin\hero_siege.exe
FirewallRules: [{E70CAF05-C6A0-47AD-8C65-EFCA63F8BA50}] => D:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A6764B57-0F89-4C87-AC32-EE046870566A}] => D:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [TCP Query User{6B2C9904-891D-4A42-B1A1-5D30F2D90DC9}E:\facturio\bin\win32\factorio.exe] => E:\facturio\bin\win32\factorio.exe
FirewallRules: [UDP Query User{A187DEF5-1832-4764-AFE9-2A24053B3EC1}E:\facturio\bin\win32\factorio.exe] => E:\facturio\bin\win32\factorio.exe
FirewallRules: [{581679F6-2E40-424F-B726-CF667C36AB4E}] => D:\SteamLibrary\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{16196621-4246-443A-A53C-EF4C9FB340C8}] => D:\SteamLibrary\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A3D0FBF0-ADC6-419B-9C24-0D5A5E0B9251}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{95B728D6-ED61-483D-B422-77AB79BBB06C}] => D:\SteamLibrary\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{1CD1CBCF-35CA-40C0-B067-7F0A0388D218}] => D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{415CBA82-0084-4C63-9D99-DC65C7AA1CC2}] => D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{016B7276-5C6B-4835-892D-CD9D56106F11}] => D:\SteamLibrary\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{DBB57A73-8468-4C33-B3F0-7F0FFBA8A000}] => D:\SteamLibrary\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{BD17C3E2-66BB-4FB8-9478-65BFCCCF6E91}] => D:\SteamLibrary\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{F3673393-C89A-4A5D-8A1B-EA5755A71AD3}] => D:\SteamLibrary\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{19BDB955-AE1A-465A-AFE9-A5D33DE291FB}] => D:\SteamLibrary\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{0023FA3D-000D-4E46-A97A-0CF62D905EEE}] => D:\SteamLibrary\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{AA4703E4-ACC3-44C5-A189-01CA44693A13}] => D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{9A8AF813-1935-41AE-AC46-C0DA272E20BA}] => D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [TCP Query User{4049540C-3097-48EF-93AA-7B73F9E8ECE8}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{CD5B3767-B067-4E2F-8D62-E63E9E3BEF4B}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{3C8B210F-DACE-43DF-BB1D-BDE10121C527}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{6024E61B-6113-4AA2-84F4-DF512CD99824}H:\warcraft iii\war3.exe] => H:\warcraft iii\war3.exe
FirewallRules: [{79983646-B3CE-42E2-BDED-A28BD3E71342}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{D896A99E-3E9C-4610-9B15-A8F3C2FD905A}] => D:\SteamLibrary\SteamApps\common\Unturned\Unturned_BE.exe
FirewallRules: [{65CA188F-C33F-4AE7-9E16-AC6280F71CA0}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{47B2F51E-8815-4975-8ABC-C5041A1008F2}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{806F10C8-EB6E-46E0-AEA0-B37AD0BC6A72}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{D277D33D-0E25-40C9-9377-EAC19BC5904B}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{BF4163B0-38B5-4132-9060-E7A7270B7850}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{F56EBC97-BB39-4B63-8072-BDD43D4383ED}] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{1738AD56-5E67-4483-B8D5-47D57FB5570B}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{45B790B0-BCA2-45AB-A12A-6B1285CD2AF6}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AE9893EA-4645-44DB-9A8A-6C3029ECAA66}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5230E1C2-A3CE-4239-9472-469A4815AE28}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{99833048-AB94-4326-B482-9A4D808667D2}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1B5765B9-4170-44F8-BE14-1E0EAAF30085}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
==================== Wiederherstellungspunkte =========================
15-12-2016 16:38:11 Geplanter Prüfpunkt
20-12-2016 01:29:30 DirectX wurde installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/22/2016 08:37:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\Trine 2\tools\luac_x64.exe".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/22/2016 08:35:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\EFLC\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/22/2016 03:48:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x728
Startzeit der fehlerhaften Anwendung: 0x01d25b90d6c85213
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 1e9be133-c7f1-11e6-91aa-20cf3093393a
Error: (12/22/2016 03:48:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0x01d25b90d69c11ef
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: 1b409071-c7f1-11e6-91aa-20cf3093393a
Error: (12/21/2016 03:48:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x72c
Startzeit der fehlerhaften Anwendung: 0x01d25b1739c6277a
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 00652c28-c728-11e6-9014-20cf3093393a
Error: (12/21/2016 03:48:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0x01d25b17382102d4
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: ff2af685-c727-11e6-9014-20cf3093393a
Error: (12/20/2016 07:48:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Uplay\The Crew (Worldwide)\TheCrew.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/20/2016 03:19:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x73c
Startzeit der fehlerhaften Anwendung: 0x01d2594694263501
Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c030a2d4-c65a-11e6-8b83-20cf3093393a
Error: (12/20/2016 03:19:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x517f3953
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e00b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002bdc
ID des fehlerhaften Prozesses: 0x6fc
Startzeit der fehlerhaften Anwendung: 0x01d2594694000f5d
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: bacc04b7-c65a-11e6-8b83-20cf3093393a
Error: (12/20/2016 01:29:28 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {0d314f33-e2bc-487f-a2cd-17bf238721fc}
Systemfehler:
=============
Error: (12/22/2016 03:48:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/21/2016 03:48:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/21/2016 12:20:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/21/2016 12:20:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/21/2016 12:14:05 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (12/21/2016 12:13:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/21/2016 12:13:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/21/2016 12:13:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/21/2016 12:13:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/21/2016 12:13:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3198.18 MB
Verfügbarer physikalischer RAM: 1072.73 MB
Summe virtueller Speicher: 6394.68 MB
Verfügbarer virtueller Speicher: 3361.36 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:294.04 GB) (Free:125.67 GB) NTFS
Drive d: () (Fixed) (Total:392.66 GB) (Free:51.3 GB) NTFS
Drive e: () (Fixed) (Total:244.71 GB) (Free:218.58 GB) NTFS
Drive f: (BIOSHOCK) (CDROM) (Total:4.38 GB) (Free:0 GB) UDF
Drive g: (SPORE) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive h: () (Fixed) (Total:232.88 GB) (Free:92.24 GB) NTFS
Drive j: (MEMUP 1TB) (Fixed) (Total:931.51 GB) (Free:623.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 101FB8C2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=294 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=637.4 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 24C249AC)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 000E0861)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
MfG Oddel |
|
22.12.2016, 20:42
| #14 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Externes Backuplaufwerk VirusZitat:
 Die installierte Java-Version entfernen und mit der aktuellen ersetzen.  Wir haben es geschafft!  Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Kauf-Empfehlung:  Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Externes Backuplaufwerk Virus |
| adobe, antivirus, avira, computer, cpu-z, defender, desktop, error, festplatte, firefox, flash player, home, mozilla, prozesse, registry, scan, services.exe, software, stick, svchost.exe, system, teamspeak, udp, virus, windows, windows xp |
Linear-Darstellung
