| |
| |||||||
Log-Analyse und Auswertung: Windows 10 64bit : Verdacht auf MalewareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
21.09.2017, 17:49
| #1 |
 |  Windows 10 64bit : Verdacht auf Maleware Hiho, Ich wollte mir heute SUPER(c) runterladen. Ein Videoconverter Tool. Habe bei der Installation alle Haken entfernt von Fremdprogrammen, leider scheint das nicht funktioniert zu habe. Als die erste dubiose Installation kam, habe ich direkt alles abgebrochen, aber es wurde munter weiterinstalliert, bis ich 8-10 ungewollte Programme darauf hatte. Unter anderem DragonBoost, welches nach langem hin und her irgendwie deinstallieren konnte. Habe einige male Malewarebytes Antimaleware laufen lassen und hunderte Bedrohungen gefunden. Leider habe ich die Logs nicht gespeichert. Weite Scans lassen nach kurzer Zeit immer wieder vereinzelt eine Bedrohung finden. Windows Defender funktioniert garnicht mehr. Ich kann es öffnen, aber es sagt immer "Der Bedrohungsdienst wurde beendet, starten sie neu" Aber der Neustart Button macht nichts. Ebenso eine Schnellprüfung oder Vollständige Prüfung bleibt ohne erfolg, da nichts passiert, egal wie lange die Zeit läuft gescante Dateien bleibt bei 0. Im Browser öffnet sich auch hin und wieder ein neuer Tab mit Werbung. Bin gerade etwas am Verzweifeln. Ich hoffe da ist nicht noch mehr, da ich den PC nicht alleine nutze und da evtl schon länger was rumgeistert. frst Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017 durchgeführt von Hoshi (Administrator) auf HOSHI-PC (21-09-2017 18:39:09) Gestartet von C:\Users\Hoshi\Desktop Geladene Profile: Hoshi & (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService) Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe () C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Oculus VR) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (1VDQ) C:\Program Files (x86)\SDownloader\6PZUP.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify Web Helper] => C:\Users\Hoshi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-02-02] (Spotify Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify] => C:\Users\Hoshi\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-02-02] (Spotify Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [4UEZZE426ZCBI5S] => C:\Program Files (x86)\SDownloader\6PZUP.exe [1226752 2017-09-21] (1VDQ) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Hoshi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-02-02] (Spotify Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Hoshi\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-02-02] (Spotify Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [4UEZZE426ZCBI5S] => C:\Program Files (x86)\SDownloader\6PZUP.exe [1226752 2017-09-21] (1VDQ) HKU\S-1-5-21-1299527896-1211748070-1707534253-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation) HKU\S-1-5-21-1299527896-1211748070-1707534253-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe <==== ACHTUNG HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{44eab3ff-54e7-4179-9334-818557caa181}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{48087fcf-0f34-473d-98e4-623094e6d179}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{50f0966d-4c38-4772-9bc1-2e04e25500e9}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{53270d60-5f82-4144-bb10-31c955cd1d24}: [DhcpNameServer] 192.168.42.129 ManualProxies: Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2016-01-18] (DVDVideoSoft Ltd.) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF DefaultProfile: v835n1d8.default-1416499139358 FF ProfilePath: C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 [2017-09-21] FF user.js: detected! => C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\user.js [2017-09-21] FF Homepage: Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 -> www.google.de FF Extension: (anonymoX) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\client@anonymox.net.xpi [2017-08-29] FF Extension: (MEGA) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\firefox@mega.co.nz.xpi [2017-09-21] FF Extension: (FlashDisable) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2017-04-10] FF Extension: (Quick Searcher) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 [2017-09-21] FF Extension: (NoScript) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-12] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2016-01-18] [ist nicht signiert] FF Extension: (Video DownloadHelper) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09] FF Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08] FF Extension: (Bitdefender QuickScan) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-09-22] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2014-04-21] (Adobe Systems, Inc.) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1299527896-1211748070-1707534253-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hoshi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hoshi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-09-21] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default [2017-09-14] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-12] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12] CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03] CHR Extension: (Chrome Media Router) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [Datei ist nicht signiert] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark) S3 GalaxyClientService; D:\Games\GalaxyClient\GalaxyClientService.exe [532544 2017-09-08] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-07] (GOG.com) S4 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation) S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts) S2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [2977640 2017-09-12] (Electronic Arts) S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [207656 2016-12-13] (Oculus VR, LLC) R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [470480 2016-12-13] (Oculus VR) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-07-26] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-09-12] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies) R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] () S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] () ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2017-05-06] (Broadcom Corporation.) S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert] S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider) R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2017-05-25] (Disc Soft Ltd) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.) S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2016-09-29] (Logitech Inc.) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.) S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation) R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-09-21] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation) S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert] S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-11-09] () [Datei ist nicht signiert] R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-15] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) U4 aspnet_state; kein ImagePath S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-09-21 18:39 - 2017-09-21 18:39 - 000025269 _____ C:\Users\Hoshi\Desktop\FRST.txt 2017-09-21 18:39 - 2017-09-21 18:39 - 000000000 ____D C:\FRST 2017-09-21 18:37 - 2017-09-21 18:37 - 002399744 _____ (Farbar) C:\Users\Hoshi\Desktop\FRST64.exe 2017-09-21 18:17 - 2017-09-21 18:17 - 000002052 _____ C:\WINDOWS\System32\Tasks\0z8qp1lfDt 2017-09-21 17:49 - 2017-09-21 18:32 - 000465324 _____ C:\WINDOWS\ntbtlog.txt 2017-09-21 17:49 - 2017-09-21 18:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\wgfhygzl2oo 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1btjxe3pfv 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ky1ycpizc1m 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hj44pi4iij1 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\fslpzvplkzw 2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\3K1EP8FZTW 2017-09-21 17:46 - 2017-09-21 17:46 - 000000000 ____D C:\Program Files\794JJ2L8W9 2017-09-21 17:45 - 2017-09-21 18:17 - 000000002 _____ C:\END 2017-09-21 17:45 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\xjrqshsfear 2017-09-21 17:45 - 2017-09-21 17:45 - 000024658 _____ C:\WINDOWS\System32\Tasks\{79097F47-7A7D-0904-0B11-0F04040D1179} 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1k4v1fzjcg 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\WSH55IY5CO 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\SUGMCJMJDX 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\L4GUFS7VFF 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\{E4156CA0-47AD-493C-980B-63E02EA7C93A} 2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\{CF160C81-F78D-4A0C-BE47-AF22C8C533BE} 2017-09-21 17:44 - 2017-09-21 17:44 - 000024576 _____ C:\Users\Hoshi\AppData\Local\drtaaf.dll 2017-09-21 17:43 - 2017-09-21 18:17 - 000000306 __RSH C:\Users\Hoshi\ntuser.pol 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\rvv0f2joxp0 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hjvjanr5j10 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\h4hpycpiigw 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cvmm2xhahv1 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\aa3cy0c3vrw 2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\NTLYPTR4F0 2017-09-21 17:42 - 2017-09-21 17:47 - 000003476 _____ C:\WINDOWS\System32\Tasks\f371379892038d205abbfa586a4788d0 2017-09-21 17:42 - 2017-09-21 17:47 - 000003286 _____ C:\WINDOWS\System32\Tasks\088195c19b33f61100dd567039f0a39e 2017-09-21 17:42 - 2017-09-21 17:43 - 000000306 _____ C:\WINDOWS\Tasks\jJKowXmxzIFxIuj.job 2017-09-21 17:42 - 2017-09-21 17:42 - 000003214 _____ C:\WINDOWS\System32\Tasks\LSjUFtTofwjkxN 2017-09-21 17:42 - 2017-09-21 17:42 - 000002864 _____ C:\WINDOWS\System32\Tasks\jJKowXmxzIFxIuj2 2017-09-21 17:42 - 2017-09-21 17:42 - 000002626 _____ C:\WINDOWS\System32\Tasks\jJKowXmxzIFxIuj 2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL 2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\Users\Hoshi\AppData\Local\AdvinstAnalytics 2017-09-21 17:41 - 2017-09-21 17:44 - 000004608 _____ C:\WINDOWS\system32\mispaced.dll 2017-09-21 17:41 - 2017-09-21 17:41 - 000000000 ____D C:\Users\Public\Documents\XMUpdate 2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\jyqtpby3wrp 2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cf0aqfn3f2w 2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\1yqjmonlcdx 2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\2J4S1XCBYH 2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\0REZPKA8BK 2017-09-21 17:40 - 2017-09-21 17:44 - 000006656 _____ C:\WINDOWS\system32\mispacedx.dll 2017-09-21 17:40 - 2017-09-21 17:40 - 000004608 _____ C:\WINDOWS\SysWOW64\mispaced.dll 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\zh5avmoljgd 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ujkguhy3rb5 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ivuhqdpovve 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TVCTLBBTT8 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\R1VICQWYQE 2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\ShutdownTime 2017-09-21 17:39 - 2017-09-21 17:39 - 000140800 _____ C:\Users\Hoshi\AppData\Local\installer.dat 2017-09-21 17:39 - 2017-09-21 17:39 - 000016826 _____ C:\WINDOWS\System32\Tasks\Spin Driver Vuld 2017-09-21 17:39 - 2017-09-21 17:39 - 000011568 _____ C:\Users\Hoshi\AppData\Local\InstallationConfiguration.xml 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ErrorReporting 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cl2bnzogg1u 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\53uzogknheg 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TBUC85W4RM 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\CARPFHFJOG 2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\SDownloader 2017-09-21 17:35 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Local\PCBooster 2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\Documents\Aiseesoft Studio 2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Aiseesoft Studio 2017-09-20 22:10 - 2017-09-20 22:10 - 000537088 _____ C:\WINDOWS\ea25b50d8d77b75b0e1b47872ebc5b38.exe 2017-09-20 22:10 - 2017-09-20 22:10 - 000051624 _____ C:\WINDOWS\uninstaller.dat 2017-09-20 16:59 - 2017-09-20 17:01 - 004204032 _____ (crosire) C:\Users\Hoshi\Desktop\ReShade.exe 2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ C:\Users\Hoshi\AppData\Local\recently-used.xbel 2017-09-19 16:48 - 2017-09-19 16:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2017-09-18 17:33 - 2017-09-18 17:33 - 000000098 _____ C:\WINDOWS\SysWOW64\QuickTime.qtp 2017-09-18 17:33 - 2017-09-18 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime 2017-09-18 17:33 - 1999-07-13 20:02 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32qt.exe 2017-09-18 17:32 - 2017-09-18 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Time 2017-09-18 16:49 - 2017-09-19 19:20 - 000000000 ____D C:\Users\Hoshi\Documents\Project CARS 2017-09-18 16:49 - 2017-09-18 16:49 - 000000000 ____D C:\Users\Hoshi\Documents\wmd_symbol_cache 2017-09-17 20:26 - 2017-09-17 20:49 - 000000065 _____ C:\Users\Hoshi\Desktop\SL Foto Termine!.txt 2017-09-17 10:27 - 2017-09-17 10:29 - 021643807 _____ C:\Users\Hoshi\Desktop\Sound Fix v1.4.3.rar 2017-09-17 10:27 - 2017-09-17 10:28 - 021697338 _____ C:\Users\Hoshi\Desktop\Jaguar XJ220 v1.3.rar 2017-09-17 08:52 - 2017-09-17 09:35 - 000000000 ____D C:\Users\Hoshi\Documents\Assetto Corsa 2017-09-16 14:13 - 2017-09-16 14:13 - 000000000 ____D C:\Users\Hoshi\Desktop\Posen 2017-09-15 20:18 - 2017-09-15 20:21 - 000000000 ____D C:\Users\Hoshi\Documents\MindShow 2017-09-15 20:13 - 2017-09-15 20:13 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Mindshow 2017-09-15 19:43 - 2017-09-15 19:43 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Against Gravity 2017-09-15 15:52 - 2017-09-15 15:52 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Stress Level Zero 2017-09-13 20:38 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-13 20:38 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-09-13 20:38 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-13 20:38 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2017-09-13 20:38 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-13 20:38 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-13 20:38 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-13 20:38 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2017-09-13 20:38 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-09-13 20:38 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-13 20:38 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-09-13 20:38 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-13 20:38 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-13 20:38 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe 2017-09-13 20:38 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-09-13 20:38 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-13 20:38 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-13 20:38 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-13 20:38 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-13 20:38 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-13 20:38 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-13 20:38 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-09-13 20:38 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-09-13 20:38 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-13 20:38 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-09-13 20:38 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-13 20:38 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:38 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-13 20:38 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-09-13 20:38 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-09-13 20:38 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-13 20:38 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-09-13 20:38 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-13 20:38 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-13 20:38 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-13 20:38 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-13 20:38 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-13 20:38 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-13 20:38 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-09-13 20:38 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-13 20:38 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-13 20:38 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-13 20:38 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-13 20:38 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-13 20:38 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-13 20:38 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-13 20:38 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-09-13 20:38 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-13 20:38 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-13 20:38 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll 2017-09-13 20:38 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2017-09-13 20:38 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2017-09-13 20:38 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2017-09-13 20:38 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-13 20:38 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-09-13 20:38 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-13 20:38 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-13 20:38 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-13 20:38 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-13 20:38 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe 2017-09-13 20:38 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-13 20:38 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-09-13 20:38 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-13 20:38 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-13 20:38 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-13 20:38 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-09-13 20:38 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-13 20:38 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-09-13 20:38 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-13 20:38 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-13 20:38 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-13 20:38 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-09-13 20:38 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-13 20:38 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-09-13 20:38 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2017-09-13 20:38 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-13 20:38 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-09-13 20:38 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-09-13 20:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-09-13 20:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-13 20:34 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2017-09-13 20:34 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-13 20:34 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-13 20:34 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2017-09-13 20:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-13 20:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-13 20:33 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-09-13 20:33 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2017-09-13 20:33 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-13 20:33 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-09-13 20:33 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2017-09-13 20:33 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2017-09-13 20:33 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-13 20:33 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2017-09-13 20:33 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-09-13 20:33 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-13 20:33 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-09-13 20:33 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-09-13 20:33 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-13 20:33 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-13 20:33 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-09-13 20:33 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-13 20:33 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-13 20:33 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-13 20:33 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2017-09-13 20:33 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-13 20:33 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-13 20:33 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-09-13 20:33 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-09-13 20:33 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-13 20:33 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-13 20:33 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll 2017-09-13 20:33 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll 2017-09-13 20:33 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-09-13 20:33 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-13 20:33 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-13 20:33 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-13 20:33 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll 2017-09-13 20:33 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-09-13 20:33 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-13 20:33 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-13 20:33 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-13 20:33 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-13 20:33 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-13 20:33 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2017-09-13 20:33 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll 2017-09-13 20:33 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-13 20:33 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2017-09-13 20:33 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-13 20:33 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-13 20:33 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2017-09-13 20:33 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-13 20:33 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-13 20:33 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-13 20:33 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-13 20:33 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-13 20:33 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-13 20:33 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-13 20:33 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-13 20:33 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-13 20:33 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-13 20:33 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-13 20:33 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-09-13 20:33 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-13 20:33 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-13 20:33 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-09-13 20:33 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-09-13 20:33 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-09-13 20:33 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-13 20:33 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-13 20:33 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-09-13 20:33 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-13 20:33 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-13 20:33 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-13 20:33 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-13 20:33 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2017-09-13 20:33 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-09-13 20:33 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-13 20:33 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-09-13 20:32 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-13 20:32 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-13 20:32 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-13 20:32 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-13 20:32 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-13 20:32 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-13 20:32 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-09-13 20:32 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-09-13 20:32 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-13 20:32 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-09-13 20:32 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-13 20:32 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-13 20:32 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-09-13 20:32 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-09-13 20:32 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-13 20:32 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-13 20:32 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-13 20:32 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-13 20:32 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-13 20:32 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-13 20:32 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-13 20:32 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-13 20:32 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-13 20:32 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-09-13 20:32 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-13 20:32 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-13 20:32 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-13 20:32 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-13 20:32 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-13 20:32 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-13 20:32 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-13 20:32 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-09-13 20:32 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-13 20:32 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-13 20:32 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll 2017-09-13 20:32 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-13 20:32 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2017-09-13 20:32 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-09-13 20:32 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-09-13 20:32 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-09-13 20:32 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll 2017-09-13 20:32 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-09-13 20:32 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-13 20:32 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-09-13 20:32 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-09-13 20:32 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-13 20:32 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-13 20:32 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-09-13 20:32 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-13 20:32 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-13 20:32 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2017-09-13 20:32 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-13 20:32 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-13 20:32 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll 2017-09-13 20:32 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-13 20:32 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-13 20:32 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-13 20:32 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-13 20:32 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-09-13 20:32 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe 2017-09-13 20:32 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-09-13 20:32 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-09-13 20:32 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-13 20:32 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-09-13 20:32 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-13 20:32 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-13 20:32 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-13 20:32 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-13 20:32 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-13 20:32 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-09-13 20:32 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-09-13 20:32 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2017-09-13 20:32 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-13 20:32 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-13 20:32 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-13 20:32 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-13 20:32 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-13 20:32 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-09-13 20:32 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-13 20:32 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-09-13 20:32 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-13 20:32 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-09-13 20:31 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-13 20:31 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-13 20:31 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-09-13 20:31 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-09-13 20:31 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-13 20:31 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-09-13 20:31 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-09-13 20:31 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-09-13 20:31 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-09-13 20:31 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2017-09-13 20:31 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-09-13 20:31 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-09-13 20:31 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2017-09-13 20:31 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2017-09-13 20:31 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2017-09-13 20:31 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-13 20:31 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2017-09-13 20:31 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-09-13 20:31 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-09-13 20:31 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-09-13 20:31 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-13 20:31 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-13 20:30 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll 2017-09-13 19:33 - 2017-09-13 19:33 - 000000000 ____D C:\temp 2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Google 2017-09-12 16:44 - 2017-09-12 18:32 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-09-12 16:44 - 2017-09-12 16:44 - 000000000 ____D C:\Program Files\Virtual Desktop 2017-09-10 10:52 - 2017-09-10 11:30 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\com.nolimitscoaster.nolimits2 2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\Users\Hoshi\Documents\com.nolimitscoaster.nolimits2 2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\ProgramData\com.nolimitscoaster.nolimits2 2017-09-09 17:16 - 2017-09-09 17:16 - 000000000 ____D C:\Users\Hoshi\AppData\Local\E1 2017-09-09 13:53 - 2017-09-09 13:53 - 000000000 ____D C:\Users\Hoshi\M210Projects 2017-09-09 13:28 - 2017-09-09 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood [GOG.com] 2017-09-09 11:09 - 2017-09-09 11:34 - 000000000 ____D C:\Users\Hoshi\Desktop\Aufnahme Vorlagen 2017-09-09 09:04 - 2017-09-09 09:05 - 000000024 _____ C:\Users\Hoshi\Desktop\SL Hud verstecken.txt 2017-09-08 19:08 - 2017-09-08 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima series 2017-09-08 18:14 - 2017-09-08 18:14 - 000000000 ____D C:\Users\Hoshi\AppData\Local\DarkSoulsMapViewer 2017-09-08 17:54 - 2017-09-08 17:54 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Citor3 Entertainment Studio Oy 2017-09-08 17:40 - 2017-09-08 17:40 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\STUDIO MORI 2017-09-08 12:24 - 2017-09-08 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clive Barkers Undying [GOG.com] 2017-09-08 09:09 - 2017-09-08 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Suffering [GOG.com] 2017-09-07 11:18 - 2017-09-07 11:18 - 000003908 _____ C:\WINDOWS\SysWOW64\ST5UNST.003 2017-09-07 11:18 - 2017-09-07 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com] 2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein [GOG.com] 2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlaws [GOG.com] 2017-09-07 10:10 - 2017-09-07 10:11 - 000096730 _____ C:\WINDOWS\TRON 2.0 Killer App Mod Uninstall Log.txt 2017-09-06 15:55 - 2017-09-06 15:55 - 000001151 _____ C:\Users\Hoshi\Desktop\DTLite.exe - Verknüpfung.lnk 2017-09-06 15:03 - 2017-09-06 15:57 - 000000000 ____D C:\Users\Hoshi\Documents\OpenRA 2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\Documents\DAZ 3D 2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\ProgramData\DAZ 3D 2017-09-06 06:25 - 2017-09-06 06:25 - 000000979 _____ C:\Users\Hoshi\Desktop\DAZ Studio 4.9 (64-bit).lnk 2017-09-06 06:25 - 2017-09-06 06:25 - 000000000 ____D C:\Program Files\DAZ 3D 2017-09-05 20:22 - 2017-09-06 11:48 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library 2017-09-05 20:20 - 2017-09-05 20:20 - 000000000 ____D C:\Users\Public\Documents\DAZ 3D 2017-09-05 20:19 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAZ 3D 2017-09-05 20:19 - 2017-09-06 06:25 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2017-09-05 20:19 - 2017-09-05 20:19 - 000000949 _____ C:\Users\Hoshi\Desktop\DAZ Install Manager.lnk 2017-09-05 18:57 - 2017-09-05 18:57 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-09-05 18:55 - 2017-09-05 18:55 - 000000279 _____ C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk 2017-09-05 17:50 - 2017-09-05 17:50 - 000001106 _____ C:\Users\Hoshi\Desktop\dosbox.exe - Verknüpfung.lnk 2017-09-01 19:29 - 2017-09-05 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MadOnion.com 2017-08-31 17:51 - 2017-08-31 17:51 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Lighthouse Games Studio 2017-08-29 15:23 - 2017-08-29 15:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Bungie 2017-08-28 17:33 - 2017-08-28 17:33 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemur 2017-08-26 15:31 - 2017-08-26 15:31 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Acid Wizard Studio 2017-08-25 14:34 - 2017-08-22 00:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-08-25 14:34 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-08-25 14:33 - 2017-08-22 03:01 - 040240248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 035924600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 029019072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 023132184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 018849456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 012225984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 011692344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 010072768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 004162496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 003712024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 003590592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001292096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001289840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001008816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001007280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000690320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000617232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-08-24 16:01 - 2017-08-24 16:01 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Gaikai 2017-08-24 16:00 - 2017-08-24 16:15 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Sony Interactive Entertainment Network America LLC 2017-08-24 16:00 - 2017-08-24 16:00 - 000000000 ____D C:\Program Files\DIFX ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-09-21 18:36 - 2014-06-26 18:59 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-21 18:34 - 2017-04-14 09:04 - 000000000 ____D C:\Users\Hoshi 2017-09-21 18:33 - 2017-04-14 09:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-21 18:33 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-21 18:33 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2017-09-21 18:31 - 2017-04-14 09:17 - 006346694 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-21 18:31 - 2017-03-20 06:41 - 003188454 _____ C:\WINDOWS\system32\perfh007.dat 2017-09-21 18:31 - 2017-03-20 06:41 - 000859220 _____ C:\WINDOWS\system32\perfc007.dat 2017-09-21 18:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat 2017-09-21 18:17 - 2015-01-30 20:17 - 000000306 __RSH C:\ProgramData\ntuser.pol 2017-09-21 18:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration 2017-09-21 18:09 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Spin Driver Vuld 2017-09-21 17:47 - 2015-11-17 21:12 - 000000000 ____D C:\Users\Hoshi\AppData\Local\CrashDumps 2017-09-21 17:40 - 2017-04-14 09:13 - 000003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-09-21 17:40 - 2017-04-14 09:13 - 000003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-09-21 17:40 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-09-21 17:34 - 2014-03-19 20:22 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\vlc 2017-09-21 06:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-21 06:05 - 2017-04-14 09:13 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{91BA399B-E431-49C7-9B9A-A968D8719897} 2017-09-20 19:28 - 2017-04-14 09:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-20 17:21 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-20 16:33 - 2014-12-06 17:48 - 000000000 ____D C:\Users\Hoshi\AppData\Local\gtk-2.0 2017-09-20 16:33 - 2014-12-06 17:39 - 000000000 ____D C:\Users\Hoshi\.gimp-2.8 2017-09-20 06:04 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-19 21:08 - 2014-03-30 14:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\TS3Client 2017-09-18 19:11 - 2014-03-15 15:32 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Skype 2017-09-18 18:19 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Programme 2017-09-18 17:35 - 2015-12-13 09:21 - 000000000 ____D C:\Users\Hoshi\AppData\Local\ElevatedDiagnostics 2017-09-18 17:33 - 2014-05-11 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2017-09-16 14:13 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Games 2017-09-15 19:01 - 2014-03-15 16:33 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\UseNeXT 2017-09-15 18:27 - 2017-05-21 16:47 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Battle.net 2017-09-14 17:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-09-14 06:10 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-14 06:09 - 2017-04-14 09:03 - 005290080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-13 20:58 - 2017-03-20 06:41 - 000000000 ____D C:\WINDOWS\system32\de 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-13 20:57 - 2017-04-29 07:35 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Mixxx 2017-09-13 20:44 - 2014-03-15 17:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-13 20:43 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-13 20:43 - 2014-03-15 17:02 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-13 20:00 - 2014-03-19 18:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\uTorrent 2017-09-13 19:33 - 2016-10-01 09:25 - 000000000 ____D C:\Games 2017-09-13 18:10 - 2016-06-05 13:48 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Origin 2017-09-13 18:09 - 2014-03-15 15:20 - 000000000 ____D C:\ProgramData\Origin 2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-09-12 18:32 - 2014-05-17 19:23 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2017-09-12 18:31 - 2014-03-15 16:03 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2017-09-12 18:16 - 2015-07-03 19:19 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Google 2017-09-12 18:02 - 2014-03-15 16:03 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2017-09-12 18:02 - 2014-03-15 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-09-12 16:23 - 2014-03-15 14:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-09-12 16:23 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-09-11 20:25 - 2017-02-18 07:18 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Cronus 2017-09-10 19:43 - 2015-05-20 17:19 - 000000000 ____D C:\Users\Hoshi\Documents\The Witcher 3 2017-09-09 19:09 - 2014-03-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2017-09-09 19:09 - 2014-03-15 16:03 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-07 11:18 - 2016-04-16 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Gold [GOG.com] 2017-09-07 11:18 - 2014-06-16 17:24 - 000000390 _____ C:\WINDOWS\SysWOW64\ilent 2017-09-07 11:17 - 2017-07-18 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F.E.A.R. Platinum Collection [GOG.com] 2017-09-07 11:17 - 2016-12-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage [GOG.com] 2017-09-05 18:57 - 2017-05-23 16:41 - 000002237 _____ C:\Users\Hoshi\Desktop\Discord.lnk 2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\discord 2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Discord 2017-09-05 18:46 - 2017-07-16 08:25 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Thunder Lotus Games 2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-30 19:57 - 2015-11-02 18:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-29 05:56 - 2015-07-03 19:19 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-27 18:17 - 2017-07-19 20:18 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Firestorm 2017-08-26 15:28 - 2017-05-25 16:10 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAEMON Tools Lite 2017-08-26 10:12 - 2016-03-19 10:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-25 15:05 - 2014-03-22 15:08 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Blizzard Entertainment 2017-08-25 14:35 - 2017-04-14 09:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 14:35 - 2017-04-14 09:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 14:35 - 2017-04-14 09:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 14:35 - 2017-04-14 09:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 14:35 - 2017-04-14 09:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 14:35 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-08-25 14:35 - 2016-07-07 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-08-25 14:34 - 2016-03-19 18:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-08-23 20:41 - 2017-05-16 19:23 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2017-08-23 20:02 - 2014-06-29 18:51 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Funcom 2017-08-23 17:46 - 2014-07-06 19:01 - 000000000 ____D C:\Users\Hoshi\AppData\Local\id software 2017-08-22 03:01 - 2017-04-06 18:29 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-08-22 03:01 - 2017-04-06 18:26 - 004210360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-08-22 03:01 - 2017-04-06 18:26 - 000046453 _____ C:\WINDOWS\system32\nvinfo.pb 2017-08-22 01:10 - 2017-04-14 09:04 - 006463424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-08-22 01:10 - 2017-04-14 09:04 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-07-18 20:03 - 2016-07-18 20:03 - 000006144 _____ () C:\Program Files (x86)\com.htc.vive.setup.bilogclient 2015-12-26 23:05 - 2015-12-27 14:56 - 000000297 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Login.ini 2015-12-26 23:06 - 2015-12-27 16:12 - 000001427 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Options.ini 2016-08-14 16:25 - 2016-08-14 16:32 - 000000224 _____ () C:\Users\Hoshi\AppData\Roaming\highScores.txt 2015-09-21 14:52 - 2015-09-21 14:52 - 000000099 _____ () C:\Users\Hoshi\AppData\Roaming\LauncherSettings_live.cfg 2015-09-21 14:44 - 2015-09-21 14:44 - 000010525 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_live.bin 2015-09-21 14:43 - 2015-09-21 14:43 - 000000040 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-11-15 21:03 - 2015-12-02 22:37 - 000003317 _____ () C:\Users\Hoshi\AppData\Roaming\VoiceMeeterDefault.xml 2015-01-30 20:11 - 2016-12-03 10:20 - 000010752 _____ () C:\Users\Hoshi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-09-21 17:44 - 2017-09-21 17:44 - 000024576 _____ () C:\Users\Hoshi\AppData\Local\drtaaf.dll 2017-09-21 17:39 - 2017-09-21 17:39 - 000011568 _____ () C:\Users\Hoshi\AppData\Local\InstallationConfiguration.xml 2017-09-21 17:39 - 2017-09-21 17:39 - 000140800 _____ () C:\Users\Hoshi\AppData\Local\installer.dat 2016-10-19 11:53 - 2016-10-19 11:53 - 000000291 _____ () C:\Users\Hoshi\AppData\Local\ledConfiguration.config 2016-10-19 11:53 - 2016-12-25 12:58 - 000000737 _____ () C:\Users\Hoshi\AppData\Local\NvidiaLEDVisualizer.config 2016-03-15 17:36 - 2016-03-26 20:52 - 000000600 _____ () C:\Users\Hoshi\AppData\Local\PUTTY.RND 2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ () C:\Users\Hoshi\AppData\Local\recently-used.xbel 2016-07-31 13:54 - 2017-04-02 16:11 - 000007659 _____ () C:\Users\Hoshi\AppData\Local\Resmon.ResmonCfg 2014-12-23 13:43 - 2014-12-23 13:43 - 000004999 _____ () C:\ProgramData\auqrgqib.ttw 2017-04-14 09:04 - 2017-04-14 09:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2015-10-04 09:56 - 2017-05-04 18:25 - 000000257 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2017-04-08 22:13 - 2017-04-08 22:13 - 000000016 _____ () C:\ProgramData\mntemp Einige Dateien in TEMP: ==================== 2017-09-21 17:38 - 2017-09-21 17:38 - 002633728 _____ (EFGSoft Corporation) C:\Users\Hoshi\AppData\Local\Temp\msclean.exe 2017-07-29 11:05 - 2017-07-19 00:38 - 000758472 _____ (NVIDIA Corporation) C:\Users\Hoshi\AppData\Local\Temp\nvSCPAPI.dll 2017-05-22 18:10 - 2017-08-10 00:21 - 000873136 _____ (NVIDIA Corporation) C:\Users\Hoshi\AppData\Local\Temp\nvSCPAPI64.dll 2017-08-16 17:31 - 2017-08-10 00:21 - 000368576 _____ (NVIDIA Corporation) C:\Users\Hoshi\AppData\Local\Temp\nvStInst.exe 2017-09-21 17:36 - 2017-09-21 17:37 - 006112768 _____ () C:\Users\Hoshi\AppData\Local\Temp\s2s.exe 2017-09-21 17:39 - 2017-09-21 17:41 - 010466209 _____ ( ) C:\Users\Hoshi\AppData\Local\Temp\sg3.6.0.0.exe 2017-08-10 16:55 - 2017-08-10 16:56 - 000337920 _____ () C:\Users\Hoshi\AppData\Local\Temp\SkypeSetup.exe 2017-09-21 17:38 - 2017-09-21 17:38 - 001199825 _____ () C:\Users\Hoshi\AppData\Local\Temp\unins000.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-09-15 14:00 ==================== Ende von FRST.txt ============================ |
|
21.09.2017, 17:51
| #2 |
| | Windows 10 64bit : Verdacht auf Maleware addition_1
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Hoshi (21-09-2017 18:39:31)
Gestartet von C:\Users\Hoshi\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-14 07:15:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1299527896-1211748070-1707534253-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1299527896-1211748070-1707534253-503 - Limited - Disabled)
Gast (S-1-5-21-1299527896-1211748070-1707534253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1299527896-1211748070-1707534253-1002 - Limited - Enabled)
Hoshi (S-1-5-21-1299527896-1211748070-1707534253-1000 - Administrator - Enabled) => C:\Users\Hoshi
Mcx1-HOSHI-PC (S-1-5-21-1299527896-1211748070-1707534253-1005 - Limited - Enabled) => C:\Users\Mcx1-HOSHI-PC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Chair in a Room: Greenwater (HKLM\...\Steam App 427760) (Version: - Wolf & Wood Interactive Ltd)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{151974E9-9B16-47DC-8B57-5684A1E42127}) (Version: 12.1.1.151 - Adobe Systems, Inc)
Aeon (HKLM\...\Steam App 543390) (Version: - Illusion Ranger)
Agents of Mayhem (HKLM\...\Steam App 304530) (Version: - Deep Silver Volition)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
American Truck Simulator (HKLM\...\Steam App 270880) (Version: - SCS Software)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{AFADB5DC-3ABC-421F-9DAD-BDABE511258B}) (Version: 4.0.51117.1 - Microsoft Corporation)
Arizona Sunshine (HKLM\...\Steam App 342180) (Version: - Vertigo Games)
Art of Fight (HKLM\...\Steam App 531270) (Version: - Raptor-Lab)
Assetto Corsa (HKLM\...\Steam App 244210) (Version: - Kunos Simulazioni)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos)
Axiom Verge (HKLM\...\Steam App 332200) (Version: - Thomas Happ Games LLC)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Battlezone (HKLM\...\Steam App 312650) (Version: - Rebellion)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
Bullets And More VR - BAM VR (HKLM\...\Steam App 525640) (Version: - Koenigz)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version: - Infinity Ward)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version: - )
Clive Barker's Undying (HKLM-x32\...\1207659191_is1) (Version: 2.1.0.9 - GOG.com)
Cloudlands : VR Minigolf (HKLM\...\Steam App 425720) (Version: - Futuretown)
Cmoar VR Cinema (HKLM\...\Steam App 527160) (Version: - Cmoar Studio)
Comedy Night (HKLM\...\Steam App 665360) (Version: - Lighthouse Games Studio)
Conan Exiles (HKLM\...\Steam App 440900) (Version: - Funcom)
Conarium (HKLM\...\Steam App 313780) (Version: - Zoetrope Interactive)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH)
CoolSoft VirtualMIDISynth 1.14.1 (HKLM-x32\...\CoolSoft VirtualMIDISynth) (Version: 1.14.1.0 - CoolSoft)
Cronus PRO 1.20 (HKLM-x32\...\Cronus PRO) (Version: 1.20 - CronusMAX Team)
CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.6.43412 - CtrlAltStudio)
Cyberduck (HKLM-x32\...\{27F61226-4F73-4617-BEDF-DBCB5C6D35D3}) (Version: 5.0.3.20504 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{be4c3b9a-7362-4e8b-a310-225db8ff97d6}) (Version: 5.0.3.20504 - iterate GmbH)
Dangerous Golf (HKLM\...\Steam App 405500) (Version: - Three Fields Entertainment)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version: - Double Fine Productions)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.71) (Version: 1.1.0.71 - DAZ 3D)
Dead Effect 2 VR (HKLM\...\Steam App 646200) (Version: - BadFly Interactive, a.s.)
DeliPlayer (HKLM-x32\...\DeliPlayer2) (Version: - )
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Discord (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.298 - Discord Inc.)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
DOOM (HKLM\...\Steam App 379720) (Version: - id Software)
Dotfuscator and Analytics Community Edition 5.19.0 (HKLM-x32\...\{4C5B1DD0-7E8E-4972-9247-818E6D030552}) (Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Duck Season (HKLM\...\Steam App 503580) (Version: - Stress Level Zero)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version: - Frontier Developments)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
EVERSPACE™ (HKLM\...\Steam App 396750) (Version: - ROCKFISH Games)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.6 - GOG.com)
Fast Action Hero (HKLM\...\Steam App 534000) (Version: - Sirius Sam)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firestorm-Release (HKLM-x32\...\Firestorm-Release) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.1.119 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.21.610 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Full Throttle Remastered (HKLM\...\Steam App 228360) (Version: - Double Fine Productions)
Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)
G4E (HKLM-x32\...\{D42540BE-EB5A-9420-8101-6D87DCDACD9E}) (Version: 1.7 - UNKNOWN) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.7 - UNKNOWN)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Games (HKLM\...\{55956d7b-35e0-49fa-8343-7adc8e1eb34b}.sdb) (Version: - )
Ghost of a Tale (HKLM\...\Steam App 417290) (Version: - SeithCG)
Ghost Town Mine Ride & Shootin' Gallery (HKLM\...\Steam App 459010) (Version: - Spectral Illusions)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth VR (HKLM\...\Steam App 348250) (Version: - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GORN (HKLM\...\Steam App 578620) (Version: - Free Lives)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HCS VoicePacks Deutsch AURORA version 2.0 (HKLM-x32\...\{D53FEFBB-C717-403A-8246-D8F2BFC507DA}_is1) (Version: 2.0 - HCS VoicePacks Ltd)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version: - Ninja Theory)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games)
ILLUSION HoneySelect (HKLM-x32\...\{1F709DAC-507B-47DA-B04F-367EF5AA20B4}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
INSIDE (HKLM\...\Steam App 304430) (Version: - Playdead)
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Island 359 (HKLM\...\Steam App 476700) (Version: - CloudGate Studio, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Job Simulator (HKLM\...\Steam App 448280) (Version: - Owlchemy Labs)
John Wick Chronicles (HKLM\...\Steam App 382360) (Version: - Starbreeze Studios)
Karnage Chronicles (HKLM\...\Steam App 611160) (Version: - Nordic Trolls)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.66 (HKLM-x32\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes)
Layers of Fear (HKLM-x32\...\Steam App 391720) (Version: - Bloober Team SA)
Lethal VR (HKLM\...\Steam App 532270) (Version: - Three Fields Entertainment)
Lethe - Episode One (HKLM\...\Steam App 407780) (Version: - KoukouStudios)
Lockdown: Stand Alone (HKLM\...\Steam App 513270) (Version: - Viversion)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MAGIX Common Components 1 (HKLM-x32\...\{7A8B2204-574B-42A2-A3DC-52AE142D197F}) (Version: 1.2.0.0 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fonts Package 1 (HKLM-x32\...\{3859AC53-3C30-4885-AA6B-5DAC442AC871}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fonts Package 2 (HKLM-x32\...\{BCE30F6A-D172-4A2A-94FC-65B6749FDBC7}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM\...\{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{81F7511B-CB79-40CB-B173-35292038A84D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\MX.{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\MX.{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\MX.{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\MX.{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{310EA489-7C68-407E-A246-D600398647F8}) (Version: 15.0.0.107 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{7751963F-7D88-4626-BEFE-9A848F7400B4}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{AA6874A6-C7EB-42D5-B434-A86B75E00F32}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{D02B20D4-DA3E-4542-ADFD-D2B0BC8A1E84}) (Version: 15.0.0.102 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\MX.{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\MX.{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\MX.{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MakeMKV v1.10.2 (HKLM-x32\...\MakeMKV) (Version: v1.10.2 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel's Guardians of the Galaxy: The Telltale Series (HKLM\...\Steam App 579950) (Version: - Telltale Games)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.8 - Electronic Arts)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62607.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62607.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindshow (HKLM\...\Steam App 382000) (Version: - Mindshow, Inc.)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Monster Maze VR (HKLM\...\Steam App 543600) (Version: - 4 Fun Studio)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{FA0599C5-C083-41BE-8AEA-E8EB9070D128}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{6B088B33-748B-4AFD-B6D1-841F298B5D52}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
My Game Long Name (HKLM\...\UDK-6a43523d-137c-4ffe-8432-fea0f9ad936e) (Version: - Epic Games, Inc.)
Nature Treks VR (HKLM\...\Steam App 587580) (Version: - John Carline)
Nero Burning ROM 2014 (HKLM-x32\...\{AB51F94A-8AA0-4F96-81B1-0446BA681083}) (Version: 15.0.02700 - Nero AG)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version: - Infinitap Games)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NewBlue Titler Pro Express For Magix (HKLM\...\NewBlue Titler Pro Express For Magix) (Version: 1.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
nGlide 1.03 (HKLM-x32\...\nGlide) (Version: 1.03 - Zeus Software)
NightCry (HKLM\...\Steam App 427660) (Version: - Nude Maker)
Nock: Hidden Arrow (HKLM\...\Steam App 525210) (Version: - CodeBison Games)
NoLimits 2 Roller Coaster Simulation (HKLM\...\Steam App 301320) (Version: - Ole Lange)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.0 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Observer (HKLM\...\Steam App 514900) (Version: - Bloober Team SA)
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM\...\{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM\...\{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM\...\{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 2.1.0.24 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outlast 2 (HKLM\...\Steam App 414700) (Version: - Red Barrels)
Outlaws (HKLM-x32\...\1425302464_is1) (Version: 2.1.0.11 - GOG.com)
Overload (HKLM\...\Steam App 448850) (Version: - Revival Productions, LLC)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paranormal Activity: The Lost Soul (HKLM\...\Steam App 467660) (Version: - VRWERX)
Pavlov VR (HKLM\...\Steam App 555160) (Version: - davevillz)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version: - Frictional Games)
Pierhead Arcade (HKLM\...\Steam App 435490) (Version: - Mechabit Ltd)
Planet Coaster (HKLM\...\Steam App 493340) (Version: - Frontier Developments)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
Pool Nation VR (HKLM\...\Steam App 269170) (Version: - Cherry Pop Games)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Prey (HKLM\...\Steam App 480490) (Version: - Arkane Studios)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PS4 Remote Play (HKLM-x32\...\{079C8DC3-767F-46CF-B871-14D21FCC2890}) (Version: 2.0.0.02211 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Quantum Break (HKLM\...\Steam App 474960) (Version: - Remedy Entertainment)
Quell 4D (HKLM\...\Steam App 534230) (Version: - Rubycone)
Quest 5.6.1 (HKLM-x32\...\Quest_is1) (Version: 5.6.1 - Alex Warren)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Raw Data (HKLM\...\Steam App 436320) (Version: - Survios)
Realms of the Haunting (HKLM-x32\...\Realms of the Haunting_is1) (Version: - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Rec Room (HKLM\...\Steam App 471710) (Version: - Against Gravity)
Redneck Rampage Collection (HKLM-x32\...\1207658674_is1) (Version: 2.1.0.12 - GOG.com)
Redout (HKLM\...\Steam App 517710) (Version: - 34BigThings srl)
Resident Evil: Operation Raccoon City (HKLM-x32\...\{43430FA1-388E-4359-A6DB-DA1000048401}) (Version: 1.0.0004.132 - CAPCOM U.S.A, INC) Hidden
Return to Castle Wolfenstein (HKLM-x32\...\1441704976_is1) (Version: 2.0.0.2 - GOG.com)
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
Rez Infinite (HKLM\...\Steam App 636450) (Version: - Monstars Inc.)
Rick and Morty: Virtual Rick-ality (HKLM\...\Steam App 469610) (Version: - Owlchemy Labs)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rising Storm 2: Vietnam (HKLM\...\Steam App 418460) (Version: - Antimatter Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Roslyn Language Services - x86 (HKLM-x32\...\{6A7F37C9-1E37-3A9A-93D4-09BBEB4BD343}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Saints Row: The Third (HKLM\...\Steam App 55230) (Version: - Volition)
Secret World Legends (HKLM\...\Steam App 215280) (Version: - Funcom)
Serious Sam VR: The First Encounter (HKLM\...\Steam App 552450) (Version: - Croteam VR)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version: - Flying Wild Hog)
SHOUTcast DNAS (remove only) (HKLM-x32\...\SCDNAS) (Version: - )
Sin (HKLM-x32\...\Sin) (Version: - )
Sin Gold (HKLM-x32\...\GOGPACKSINGOLD_is1) (Version: 2.0.0.9 - GOG.com)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SlimDX Redistributable (June 2010) (HKLM-x32\...\{354D00E0-C7C9-4BC1-BC12-08C4977AA827}) (Version: 2.0.10.43 - SlimDX Group)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Soldier of Fortune - Community Edition 6.1 (HKLM-x32\...\Soldier of Fortune - Community Edition 6.1) (Version: - )
Sonic Mania (HKLM\...\Steam App 584400) (Version: - Christian Whitehead)
Soundscape VR (HKLM\...\Steam App 636930) (Version: - Groove Science)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version: - )
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version: - Streum On Studio)
Spirits of Xanadu (HKLM-x32\...\Steam App 312230) (Version: - Good Morning, Commander)
Spotify (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Spotify (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Battlefront™ II Closed Alpha (HKLM-x32\...\{d32f9b53-3a06-4720-bc64-c56f0fe8256a}) (Version: 1.0.0.0 - Electronic Arts)
STASIS (HKLM\...\Steam App 380150) (Version: - THE BROTHERHOOD)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteamDolls VR Demo (HKLM\...\Steam App 528690) (Version: - The Shady Gentlemen)
STRAFE® (HKLM\...\Steam App 442780) (Version: - Pixel Titans)
Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version: - Rogue Entertainment)
SUPERHOT VR (HKLM\...\Steam App 617830) (Version: - SUPERHOT Team)
SVRVIVE: The Deus Helix (HKLM\...\Steam App 509540) (Version: - SVRVIVE Studios)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
System Shock 2 (HKLM\...\Steam App 238210) (Version: - Irrational Games)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version: - Telltale Games)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{48992F68-BEE6-35D8-89AC-6A81406F1096}) (Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Terminator Future Shock + SkyNET version 1.0 (HKLM-x32\...\{AC9D63E6-A090-49E3-95CA-9CAA6706AEAF}_is1) (Version: 1.0 - Bethesda Softworks)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Brookhaven Experiment (HKLM\...\Steam App 440630) (Version: - Phosphor Games)
The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\GOGPACKRIDDICK_is1) (Version: 2.0.0.10 - GOG.com)
The Gallery - Episode 1: Call of the Starseed (HKLM\...\Steam App 270130) (Version: - Cloudhead Games ltd.)
The Klub 17 (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Klub-7) (Version: 7.5.0 - Team WRK17)
The Klub 17 (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Klub-7) (Version: 7.5.0 - Team WRK17)
The Lab (HKLM\...\Steam App 450390) (Version: - Valve)
The Solus Project (HKLM\...\Steam App 313630) (Version: - Hourences)
The Suffering (HKLM-x32\...\1268478205_is1) (Version: 1.0.1 - GOG.com)
The Unwelcomed (HKLM\...\Steam App 504560) (Version: - The Unwelcomed Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
theBlu (HKLM\...\Steam App 451520) (Version: - Wevr, Inc.)
TheWaveVR (HKLM\...\Steam App 453000) (Version: - TheWaveVR)
Thief 3 Sneaky Upgrade SDB (HKLM\...\{61271900-d6b0-4da5-801b-7127a8713df1}.sdb) (Version: - )
Thief 3 Sneaky Upgrade version 1.1.5.2 (HKLM-x32\...\{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1) (Version: 1.1.5.2 - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.9 - Electronic Arts, Inc.)
Tormentum - Dark Sorrow (HKLM\...\Steam App 335000) (Version: - OhNoo Studio)
TrackMania² Canyon (HKLM\...\Steam App 228760) (Version: - Nadeo)
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
TypeScript Power Tool (HKLM-x32\...\{7FBEE165-A653-4B2A-A93A-4643794E22A8}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{D7C8A95B-B1EE-43B1-837D-C73D1321FEBA}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ulead MediaStudio Pro 8.0 (HKLM-x32\...\{A6E71574-2126-4E95-816E-32B2411C94BA}) (Version: 8.0 - Ulead Systems, Inc.)
Ultima Underworld 2 (HKLM-x32\...\1207662473_is1) (Version: 2.1.0.20 - GOG.com)
Ultimate Booster Experience (HKLM\...\Steam App 499620) (Version: - GexagonVR)
Uninvited: MacVenture Series (HKLM\...\Steam App 343810) (Version: - Zojoi)
Unknown Pharaoh (HKLM\...\Steam App 576100) (Version: - 4 Fun Studio)
Unreal Gold (HKLM-x32\...\1207658679_is1) (Version: 2.1.0.6 - GOG.com)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vanishing Realms (HKLM\...\Steam App 322770) (Version: - Indimo Labs LLC)
Vasco da Gama 9 HD Essential (HKLM-x32\...\{132A1B32-8C6A-416C-B7FB-7D4CD54C18DE}) (Version: 9.00.0000 - MotionStudios)
Vertigo (HKLM\...\Steam App 465430) (Version: - Zach Tsiakalis-Brown)
Virtual Desktop (HKLM\...\Steam App 382110) (Version: - Guy Godin)
Virtual Desktop Service (HKLM\...\{2F1A2C04-7695-47E1-B69E-B2B5B2038C39}) (Version: 1.5.1 - Guy Godin)
Visual Basic 5.0 (C:\WINDOWS\system32\) #3 (HKLM-x32\...\ST5UNST #3) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #4 (HKLM-x32\...\ST5UNST #4) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #5 (HKLM-x32\...\ST5UNST #5) (Version: - )
Visual Basic 5.0 (C:\Windows\system32\) (HKLM-x32\...\ST5UNST #2) (Version: - )
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version: - )
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
Vita 2 (HKLM\...\{39B956AD-00E8-4561-B6CC-7E91BDEDB0AF}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Concert Grand LE (HKLM\...\{0501DF32-8054-41E0-A1D1-B6BEAB54CACF}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vita Drum Engine (HKLM\...\{E5494279-4C0C-4220-9B41-A6BC89D6A92E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (HKLM\...\{D14FE00B-0E75-462A-936A-C9483A20D0D0}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
Vita Power Guitar (HKLM\...\{69F05894-87A2-4E92-A6E3-EE8937D09CC0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceAttack version 1.5.12 (HKLM-x32\...\{D6EDF6DB-029E-4A34-A3A0-D960CB0FCB2A}_is1) (Version: 1.5.12 - VoiceAttack.com)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
vorpX (HKLM-x32\...\{C136D0CC-9077-4979-801E-6B5A956EED6A}_is1) (Version: 17.1.3.0 - Animation Labs)
VRporize - VR FPS (HKLM\...\Steam App 498970) (Version: - Mercury Aerospace Industries)
VS Update core components (HKLM-x32\...\{5F7870A1-0586-313E-A9FF-3249DCE9F63A}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version: - Aldin Dynamics)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Wheel of Time (HKLM-x32\...\Wheel of Time) (Version: - )
White Night (HKLM-x32\...\Steam App 301560) (Version: - OSome Studio)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windlands (HKLM\...\Steam App 428370) (Version: - Psytec Games Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
|
|
21.09.2017, 17:52
| #3 |
| | Windows 10 64bit : Verdacht auf Maleware addition_2
__________________Code:
ATTFilter ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08060686-DA7A-4F81-903F-5EF5846EBC46} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10FB4821-8293-4FB8-93AC-ED877096D358} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {15CEA677-3D1C-403A-8EE5-9C536AE36655} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {25D5A32A-8909-4F96-8028-6E97C19E9277} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3356136B-5DA8-4E2C-94F1-D934C3FFD02A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33D241F7-FCC1-4696-BA50-24F80B532744} - System32\Tasks\{EA0A359E-2C55-46AC-83DB-0F986B25B53B} => C:\Windows\system32\pcalua.exe -a E:\WMEncoder64.exe -d E:\
Task: {39B3A4D0-967A-4B83-8FAE-BFC9CCF78C7C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {3C768F76-478B-4129-836E-66BBD535DF4B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CA1C205-5779-4D65-9B79-03CA693A49ED} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-05-10] (MAGIX Software GmbH)
Task: {3DEA7F3E-A5EB-45F0-9421-D9F66008ED63} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {3F26B3E2-B93D-49BD-BC7E-5F720B51C994} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {415F7118-E84D-43AD-B678-2809A265ACDD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {520A4ED2-9B29-4873-B2CA-FEA9273674C4} - \{4DD1B416-1A2D-4675-A6D6-8083878E9DE3} -> Keine Datei <==== ACHTUNG
Task: {52FD4488-82FE-4FC3-A835-7330FDE39B8B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58E0F5EB-6F42-4B37-A50A-952C0182547B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A2D88F9-D511-4485-A81D-E9539F5865C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D12D0DE-7C2D-43EB-88A7-25C081D80C44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6509C4C3-BDFD-4861-ABD9-95C391A5DA45} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {674D3F7E-07C8-42A4-AD10-F21331870E05} - \Red Giant Link -> Keine Datei <==== ACHTUNG
Task: {67D99D18-6635-4D3E-869B-A89F58F4E0BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {6A9B91BB-C2E4-43F0-A903-2F8119DDC143} - System32\Tasks\Spin Driver Vuld => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Spin Driver Vuld\Spin Driver Vuld.dll",Nejpqk <==== ACHTUNG
Task: {6ACACBFB-34D5-4E50-99F6-7C2E8F65870B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DFFA0FA-204A-4DB6-A32D-36551F60CD88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {71CC4BE9-738E-4546-A312-5370DAC238D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {72C2654C-0345-4427-92A1-203E5906A350} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73233123-6EEE-441F-ACD7-AC9AC6C2D30B} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\Users\\Hoshi\\AppData\\Roaming\\ErrorReporting\\ermgr.exe
Task: {7EE287C4-2286-41C0-8590-B925FB2DD061} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {802BD126-ED9C-4502-8D98-7D2D98679DE2} - System32\Tasks\jJKowXmxzIFxIuj2 => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {8426F389-7EEE-48D3-86F8-A0B7F68C0351} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A11B9D7-5D1C-41EA-B4D4-112D27F98D33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9502FC37-4BF3-4187-97DB-BB885F817B28} - System32\Tasks\{540C4F0A-AFE9-41B0-8BED-770ADCAFCFDD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/de/abandoninstall?page=tsMain
Task: {97496AF1-1EE8-4D66-924B-88673C3D7419} - System32\Tasks\jJKowXmxzIFxIuj => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {99A9C2AC-D3E0-4337-B0E6-3AFB38E4A179} - System32\Tasks\f371379892038d205abbfa586a4788d0 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1" <==== ACHTUNG
Task: {9F4B56CC-50E0-44AF-946B-932FF1BB8876} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {ADEAE2A2-DBBC-4FEA-AE2B-1ACCCCA9F22C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B2170479-C9ED-4E5A-BC64-4F7CA71C8180} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B265853E-1EB9-4490-8346-026981D861F1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B689586B-9669-4E4E-84F2-2174ACB35C72} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B7290E7F-96E2-49E1-94BC-17D8FC712ACF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF0E8690-E916-421C-925C-8EF2FB370D68} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {CFFD267D-0E96-4AE1-B8E2-62A0C9DF92B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D61F55A8-B0BB-4781-80FD-8F7B16E7EA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E025C148-A5D4-4254-AAA8-1B4360B2374B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {E6B257D7-040D-4610-AFE5-4256956C9B14} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAE39C83-0CAA-4312-907A-1243969BAB66} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {ED55E21A-57DB-4591-8F95-58F0658945D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F1879657-BA06-438A-82B8-D2379034C86A} - System32\Tasks\LSjUFtTofwjkxN => rundll32 "C:\Program Files (x86)\ICBaloCIDxXU2\MUWtfQsPOcBXV.dll",#1
Task: {F2A52317-F2C1-4630-87BC-E12B2FFC7496} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F5132FA3-CAD1-4315-BF63-D7542912C7C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F75A3443-BF9D-4B1D-BAB0-DA6B05C232BC} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-HOSHI-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {F81964E0-FEBD-4F08-A908-0ED367B4B50C} - System32\Tasks\0z8qp1lfDt => C:\Program Files (x86)\mML019nslc\updengine.exe <==== ACHTUNG
Task: {FC7911CA-4CA6-4249-A2B5-D3C065E61A89} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC8098E2-47F8-48D3-A990-2172097B9ABA} - System32\Tasks\{1B9BAEFE-CA33-481C-8FAF-AF1A3509FC73} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield - Bad Company 2\Cleanup.exe" -c uninstall_game -autologging
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\jJKowXmxzIFxIuj.job => C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Hoshi\Desktop\Games\InLucysEyes.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\InLucysEyes\InLucysEyes.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\Desktop\Games\TenebrisLake.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\TenebrisLake.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-19 21:54 - 2017-07-19 21:54 - 000330208 _____ () C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
2014-12-26 23:05 - 2011-07-28 18:06 - 000297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-12 16:13 - 2017-07-07 08:15 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-12 16:13 - 2017-07-07 08:15 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-12-26 23:05 - 2011-07-27 12:53 - 000360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2017-09-21 17:41 - 2017-09-21 17:44 - 000004608 _____ () C:\WINDOWS\system32\mispaced.dll
2014-03-15 14:20 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:98353363 [132]
AlternateDataStreams: C:\Users\Hoshi\AppData\Local\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\skype.com -> hxxps://apps.skype.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-09-07 10:11 - 000000027 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hoshi\AppData\Roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Hoshi\AppData\Roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-1299527896-1211748070-1707534253-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: LogitechQuickCamRibbon => "D:\Programme\Logitech\Webcam\Logitech WebCam Software\LWS.exe" /hide
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{BA585EE1-A7F9-49C7-88D7-522B7C9DC59D}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E0DC3C0F-8A5A-4950-B29C-A9CC62B6E5CA}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{702407FC-570B-48B7-B575-F088B82F5FD7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DEEF9EE1-3254-466A-98B9-C6EF05212ACD}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{19C290C3-9D18-4F16-B042-EFF275DA013C}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [TCP Query User{A632B5B6-D96A-4EA2-A892-8626A8AF81A8}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [UDP Query User{1E455C75-FB8D-483B-91A4-B8C11BE4C869}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [TCP Query User{813295F7-78FC-4553-AC43-715C5B7879F5}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [{3C3D2E69-5741-4D9C-8BA6-F881ECC18C21}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AA3B8C49-6083-48B9-AE89-19BC7C9097E3}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AC96AE27-8529-497D-8B66-FCC05C1371F3}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{A7801E9D-E656-4A15-A6D0-32B372633B3A}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{F90A37A4-FB13-402B-B550-8F4E250A6235}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{003666E4-1942-464C-8684-9E3839ACA7ED}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{5D395514-FDFF-41A2-9CD5-AEF110564C5E}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{DD6D3136-65A5-46F7-B3F2-9309062D411C}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{6B0A2104-10B4-44D9-83FF-602956979021}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{2EA87923-BA90-4961-B89D-8193B1BA93B7}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{4C28E660-F41C-4E65-BE80-7BCCA081576B}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{97BEA2F2-001B-4D94-A00B-9C1B06EBD466}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{E97CCF0D-855F-4E08-91CD-B3B76D5ECE85}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{ADA15F69-55DB-43BD-8F88-F6183D6DCE81}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{E0CEF3DC-4FAE-458D-9748-B22736715E69}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [{9813278E-1BE2-419A-BF40-0A0AFC5DE0FC}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [UDP Query User{1FDBA183-7457-486A-8B59-C110F9C0AA2B}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{DFF78058-8AF5-447D-9241-DAAD9F1A1678}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{4223108D-1598-41A0-9C7D-C98C2C7E8CF0}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{D6FE4E3D-1689-4D1C-8769-66E136EB5BFD}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{07F2908B-71B8-4032-8FCA-9B9F60CD886D}] => (Allow) OVRServer_x64.exe
FirewallRules: [{68A4192E-0BCE-4E38-B01C-7D04950BB40B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{0F30DC54-5C6A-4862-9E20-9CA261B83F8B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{4806CE95-7DBE-4F03-9E01-0E8C5E15CE1B}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{9B495424-3E3E-48C7-9734-B427D7AA5148}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{56D51920-A5CD-4085-B0AE-E21ED31050B7}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{778CDE73-7D13-4DAC-A715-F9998C193F4C}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{16FBA39D-A8FB-4368-AE02-748CFDC4C0BB}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8F1A9D38-4640-4CAE-B1B3-6B1659F740EE}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{DE830C2D-2792-4793-B8C3-03EE4268374A}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{69B2D7B0-0B35-4D67-870F-B80D5DA11976}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{C02F1FD2-BE14-4B1D-820D-88F3FB6CADED}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{349FF32B-00CD-4466-BD48-49EC3ECF16E1}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{67B64759-2152-491A-B7FD-5F2D77A134C5}] => (Allow) OculusClient.exe
FirewallRules: [{B354CDB8-59FB-4AD5-B91B-1FE9E59160DA}] => (Allow) OculusClient.exe
FirewallRules: [{1E2E29D8-EDB5-4745-9273-0E2B44C2BA12}] => (Allow) OculusVR.exe
FirewallRules: [{B3B70576-2AA5-479D-BB33-ED66BF047058}] => (Allow) OculusVR.exe
FirewallRules: [{BD2E0371-BC51-40C5-8AC5-994147DFF03C}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{70CC2275-610A-4F6B-BD23-E5BFA14550B0}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{A3E91647-CBBA-4C2A-8966-4A9D1953C275}] => (Allow) OVRServer_x64.exe
FirewallRules: [{CFC50AAE-31A2-464D-B8EC-1440BC8AF75F}] => (Allow) OVRServer_x64.exe
FirewallRules: [{5DDA393E-C726-404A-B6BE-C81B852BE85E}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{AE7789AE-2746-4886-8A8C-0A9611145455}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{C0FA4152-1304-4909-9983-0E0B4DF8231E}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{F0B60581-18FA-4DA4-A857-7074717EFEB2}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{36C15119-7D97-4269-8318-0A54BF0699CE}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{15EFFFD8-2995-4D7A-8A1D-D55F0FBD3F00}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [UDP Query User{1F46EB63-73BB-49B7-B16A-AAABA83463D3}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [TCP Query User{DF38C388-6EF5-40E2-ABB5-7A7806CB462F}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [{2EC97B86-1219-49A0-A7A2-7391D7E3E416}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{4D349B1F-5DAA-4F16-B516-B91CF9D6E1C3}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{333A85DC-E692-4A7C-AC1E-923930542B8D}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{0A0E4521-8BE0-499A-A7CC-2D14A50E7945}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{FDAD1FE0-97EC-4D00-97CF-48EB0C58EF09}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{40561B9E-A123-4908-B83A-3C88C57B5391}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{CC04E9D0-241D-4D79-A268-A88497F20AD3}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{2EECEE85-CFEE-4509-9F24-B1B03D3EE827}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [UDP Query User{45EB9ED9-0CAA-453D-B4D9-06B7B2FEBB5C}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{800CB73E-7CA2-463E-8EE9-3C87FF3734FA}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{50A12DFF-801A-4AF4-9920-7E5B463506CD}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{54606CA1-DA6B-4AF5-967A-E12F76C20ABC}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [{BF733EBD-02BE-4B5C-8C19-2FA8AF6ADEB7}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{B673414B-67A0-4DE7-8BA7-4910EA606C90}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{9FC42CE6-3FA4-466E-B7B5-E497154C3240}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{53723693-0DAF-4DE7-9B73-9154E45330ED}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DBD75664-BE69-4222-985F-4C52ACDD34DA}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{3FB2591D-93B5-4808-AD14-D34BBF3C9876}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{291A965C-E12B-4661-B704-83E8743BB52C}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{9E376CE6-426A-4E7E-B116-65B088452225}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{43037CC1-0C70-40A3-8BEA-6392BC9CA3CD}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{3F8F8D1C-5E0A-4FE8-81D4-0E90A5304A85}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [UDP Query User{2933B71E-AD92-47FB-9833-2943E612033A}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{7C1C116D-BB06-4F08-9FF8-06F1BCAF6231}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{65A88DF4-D55D-4D10-B267-092E4E81595E}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{61AB9D3C-7E2C-498E-B4C0-403D0D38CE33}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{1B64888E-6A42-422E-ADCA-E1AC56995ED7}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{7C71C520-0138-4A51-8DAF-2DC62ACAFFC2}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{53ED8D1A-8BED-457E-AE41-F08A40127E3C}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{BD6E9A75-9511-45A6-BB74-05CD434D17F6}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{DE5A1E59-8DB6-4619-AA85-79AC39691117}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{5695F430-0FE8-48C1-A594-CF8C4FD0704A}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{B5DA8A5E-4D4F-4C20-95F3-6B65B41ACD8E}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A4C7EA8-EA75-4249-8A13-A5DFD9404043}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C96678AE-C5EB-4085-A06B-F142B7C9CF80}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [{0D6113C4-FD38-466D-BA47-3844AB491F38}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [UDP Query User{16FB7109-76B1-49E7-AD78-62CAB08F652C}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [TCP Query User{F31A3F18-2596-450D-B0E2-3D2B785BEF25}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [{5005CEA3-87E3-4E58-9E27-AB3FD75FBC88}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{DE4E352D-3ADD-436E-BAA1-BE95D3987B52}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{2E4E90F2-95CF-425D-8541-030B3D462F85}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{477BC455-D26F-420D-B5FB-7C3F96B3A73D}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{06865A7F-2F3F-4008-AECF-96E39B11738D}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AA3DC80E-C831-4309-B0F4-A176BFF7030C}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AFFA8C04-DCAA-48EC-AE74-2AD45EF733FF}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{2F642C70-E2AE-4442-8001-EA9124030D71}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{4E547210-56DD-436D-AFB6-26132F63F1C3}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [{5AEACF73-9594-4924-9B2E-0EAA5121E625}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [UDP Query User{44EAC687-8C54-4322-8240-F8FB63E03101}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{24758668-2959-4BC3-8E2C-3E9E455E6734}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{5D898310-DB54-49ED-830B-05F242D1F421}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{0466309B-407F-4D69-91E6-86BEAFE9DBEB}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8AEE8D01-CF01-47AE-AD5D-714D7BE7D820}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{342EA1E1-2E21-4A09-8C9D-95D4D0B61526}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{0F13B3E5-0FC1-4D38-A9EC-6B8004EC0738}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{72B3B364-082E-4265-B78D-10FD766E99DB}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{2ED621BB-621E-4F5B-9EEE-2445F798F417}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38EAF7FD-1387-4B2F-B071-A3050E0E7B52}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41BA33BD-41ED-4667-B5EC-850C760D7EC4}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{96FE98B7-8520-4C4B-889D-95A849A6406C}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{8F614056-23CF-4179-8110-CBF96615B056}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{92DEB061-DDBE-4317-9756-EED6E50B36C1}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{41E6B432-E1F9-4489-B50C-C3CFA89580CB}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{43D853E6-AAA5-4C78-8271-3DE5C476A900}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{3D4D3D55-258A-4452-8354-59A0C9B95BE9}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CF90FD8C-9D02-4F83-87A8-86DE8BF0703E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{3B74ADF1-6A43-4401-AB32-EF15C1D49194}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{4E54BFCF-03A4-4547-A53D-82440801A87A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{260AA3E5-85E1-4FE5-8534-D2CA83BB43AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3EC2834-8773-4B20-A2D9-841BF8179FDF}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{633BF3E0-7616-4F0C-BD34-D7AE38CF71C2}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{F523341D-D024-479A-B1C6-09E174003418}] => (Allow) D:\Programme\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{94207D91-6307-48BA-886A-841FBC51410E}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{2F2FD238-9218-4E73-8DA4-6FA41E0506C3}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{F55B01C6-BA46-4D72-BA01-DC0F62B2D9DE}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{4656B89B-E5B0-492F-AA56-97C9CB624605}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [UDP Query User{025F09C2-9AA1-4ADF-A604-9FA5A3FA0A64}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [TCP Query User{4AB9BA08-A5C6-4079-9E58-21E9E7D66539}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [{BFF87F05-85B8-4FAB-A7BC-80B7D7ACB251}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{41F30114-6E1E-4DC6-A988-5235C132E4D3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [UDP Query User{09B31CFA-B2D4-4E9C-846A-9E6AE61A437F}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{59421173-7EB5-4508-9C9F-3ED146289E5B}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{32F1DDE8-CC4C-4320-A8A4-1C75F90D4BB4}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [TCP Query User{2B62BCA7-11D4-4AD8-B437-2DE1EAD40A50}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [UDP Query User{241742FE-2949-4E72-81E5-122D323D76F4}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [TCP Query User{009A6B4B-3F84-4965-99B0-AC627E9AB743}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [{410F8931-7BED-4D99-A248-881443D2BA43}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{FAB3AE78-C3C6-4DD4-A657-2D7D3A467C0F}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{B0D3FAB3-C04F-4761-8C97-FA0822243D3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D596AB4C-67A5-4F2C-8910-D45D23F07516}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F7A5C9A-2A1B-4FC7-94F6-93EDAECD75D4}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{17931943-1054-49E9-8E44-15C4ED0E76EC}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{1627D254-2807-47E5-A965-8EF14D291E95}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{372C07F2-7E64-4845-BD0D-18F42729A021}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9EE86F79-EA28-48E7-BDF7-DA3CB5CB0EB2}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{0C0096FD-BC19-4204-9414-C50767846395}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{E8CCB980-186C-4786-9D43-AAF5F521C015}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [TCP Query User{7B0BBD21-DD89-4546-A8E6-92CF642CFF29}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{B4BEBBEE-A2AB-4C62-BA1A-3E947E8618D0}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{F7A90859-ECB9-4126-9CF8-32AEF926581A}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [UDP Query User{118013CC-E8F7-4503-92F8-BED165808AE7}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [TCP Query User{24A0B1AA-132B-4576-965E-6044AAE7FE03}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [{5561E420-4BC8-44A8-9F33-AA239310F2C3}] => (Allow) LPort=41780
FirewallRules: [{EF206F0E-4EAA-4E2E-97A8-722315EF974A}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{92763FF7-CD31-49A4-AD1D-3C59426CE645}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{339CA568-B0BA-476E-8647-E398FD154305}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6AA3EA4-AE5F-4147-9477-C983C17F78B3}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A09E3AB7-BA3F-49B3-A93D-F50DEF8265E6}] => (Allow) D:\Programme\Skype\Phone\Skype.exe
FirewallRules: [{F7C0F58A-218F-41E3-B1F3-5E65CC3A3F50}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{8602E317-6CEA-4200-89BA-4F8E48E3414E}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [TCP Query User{9606A9D6-6A6A-40C7-AE58-17B18A3111E1}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [UDP Query User{48C77771-399E-4E63-BA0F-5C9A89A5F366}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [TCP Query User{549B6F9D-C048-4E95-99A2-3A377AAA0748}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{672FCE63-7931-4363-B2E8-7C5890F947CB}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{444E3619-2165-4B6B-A277-9CC0BC7B53B0}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{48AAD65B-32EF-4142-931D-684DA033FE0D}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{0302EA2C-2C88-4C68-8BC4-C486414C6275}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{655D0F0E-A538-45A5-83ED-0D949E232624}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{55CA69B3-FD1A-4886-909A-0C86C229B07F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{595038C8-42B8-42A8-9DF8-1D679DCC7DBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E36AEE6-C7C2-4509-B7D9-1BB0E1F03EB1}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{68BB8839-299B-4D34-A527-FF5F23ED4D04}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{0273119C-7CAF-4396-A5AF-768B82E424E2}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{CACF1BA0-AB61-46E3-A4F6-E3FD55C94A29}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{B63306D8-F01B-4802-A5E9-6F36E2474501}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{22654D19-A692-4892-84F9-A6C46B8C6DAD}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{60339C49-0A25-4CD0-83D0-DEE32E2FDB0B}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{E69CBCFB-4693-4382-AB15-14D323B3B0E1}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{9193D3C6-6FBF-441D-BB2F-0C08BEB4E77C}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [{9DF8030F-3EF7-4A6C-918E-3D3DA0F83D6B}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [TCP Query User{367DB655-BB17-4BC1-AE31-F20ED49E3A88}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [UDP Query User{44C3E241-DED9-4E29-9063-06F33DD095ED}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [TCP Query User{D16373C4-962B-46AE-87F9-922D3DA20533}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [UDP Query User{FBF4100B-242E-4171-930C-AF872ABC032A}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [TCP Query User{4D2FE12B-90B6-4D54-A289-A724E7B95289}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [UDP Query User{D3B9D8DA-2FFC-48E4-82B4-FB2E4BBDCA12}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [{ED38B62B-7340-44D8-ACD2-C203EDDA1151}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{A5F656B5-3F31-4FFC-BCC4-95FAB832FD48}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [TCP Query User{927C9C71-D614-4C26-B61A-A882E3817A70}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [UDP Query User{227C1F1C-3189-442E-84DC-6CC2E2E3E94B}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [TCP Query User{9D6AA729-9DA7-4763-89DE-52AF6DFC31EF}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{4D15A1ED-0497-41FE-9D0E-FAD00BF9D30E}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{AB34BC04-FF41-4337-9BD5-48D5A1B017E4}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{A54CB64D-E750-414A-A14B-A1C2AA0CC560}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{1771F40C-6EE8-4EA8-BFB0-F8C879A7DA49}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [{425D082B-2A4C-4FC6-8E3C-B11A884517AF}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [TCP Query User{43996D90-1975-4368-BED9-232501810761}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8F2DE0C-F2D8-4BFB-B7FA-5725E9CA96E2}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C2B64B6A-1A45-4904-B911-8F4163D80E33}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{628C846B-37A4-43FA-8300-C2ABD8505CE3}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{2B306573-B82C-45B6-B744-9BFF24454263}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{02897BD8-93C8-4E39-9236-8581E64CA400}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{4243E46D-D91C-4899-B34D-2D0D9664912D}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{FAE9A318-685E-4CB8-A119-FC59DD4334CF}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{DBC819B9-E417-416A-BA9A-674662BF83AB}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{F20DCC84-A9D8-40AA-AFE7-B206053EDF38}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{6633A870-73F0-4F52-919E-D7A72822C841}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{69BC39B0-41F0-419B-BB20-14A374665975}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{82729D87-7959-4CA7-AA2F-9E5286114411}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [{C9C8859F-6322-41D1-AD05-B11D9DF4B04E}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [TCP Query User{1AA0FBF9-4330-4FF4-85DF-789C47018191}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{473BDA27-3954-4B5C-8221-8377E36B9CD2}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{B6368D2F-877F-4CE7-86EA-42CD059F4519}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5EE59C3F-2D0D-4CED-840B-2BA998195FCA}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{C586A06C-0DA9-4744-80FD-2C40DC65522C}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E575F97D-B64E-4E35-B30C-038822ECDED3}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [TCP Query User{69BFF41F-D1C1-4691-9FE1-B6DAE78B9AFD}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [UDP Query User{AD1889AD-5410-4C90-BFB2-372B345CE1D2}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [{8A3B0A28-A44F-4C11-8E0D-3B16592AB8B4}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{945066F8-25B0-4FB2-8A01-FB556A39BF1C}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{5E4A151B-2E94-4040-B1BB-8202B658D7E5}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E73C3B66-59DC-4ADE-B5B1-0CCB9E5F15F1}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{C9C602B9-4B3D-4FA5-9D6F-61E42E613097}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FB9ECD72-CABE-4824-9AAB-E4A6F0E35D84}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EEB40E47-F1C4-4656-9C5C-2FEB1392B4DF}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [{9FCEF941-FA77-4150-BE2B-839A321CA27C}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [TCP Query User{62808090-BA71-4AE1-B049-85362774AAF2}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [UDP Query User{A2D3775C-19DD-4124-819B-5F534032CFA0}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{7F75C914-E50D-40B1-BB92-746FC9CCEDD2}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{D59DAF58-5343-49CB-A91C-6C96689546F1}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{62528508-75BE-47CA-9277-836908DF1719}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{3D3D0C0E-CC29-4785-BD54-CAF08252381C}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{8DC2D8B5-DB4B-40D1-97AE-6D4D2CDA677E}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{EA82A72A-0783-4376-86DE-66D463A97A0C}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{35D7E367-0ED3-4F47-8441-3A6A3F3561DC}] => (Allow) D:\Programme\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{6E0600B2-815E-48A0-B4AD-A5EAB1543BDB}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{7AC56B85-1415-4007-8E96-1361E1FABDE3}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{D95A68C3-537C-40C1-A744-442B4D5879B8}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{EF2BBEFC-1876-4BFA-B930-628D8649EA01}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{5C208156-3201-4BFD-9561-FF74F18CE96D}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [{651B32F7-67BE-427E-AED8-2E8B3D3929B7}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [TCP Query User{F680A4FB-8640-40DB-AED3-5FF14EB3BE73}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [UDP Query User{9D8568A2-6021-4089-A7E5-B899BE3AA6A2}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [TCP Query User{5297F42D-5675-4819-B80D-1F8FE92D8792}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [UDP Query User{52D31D87-A22B-4B4E-AFFB-41D5FE61C3E7}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [TCP Query User{84A070A8-9FCE-4BA1-907C-311A264759F3}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{B261384C-83D2-4BBA-B1CB-1A09E9C005B8}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{149DCA28-7E08-4F6B-9642-4643C987479B}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{BF0B939D-91E1-4C1A-9C14-D46A9ADB71A3}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{70A71F66-CF4A-4F7D-9E11-A0B39DB3DFBD}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [{B87CA62F-C948-4990-81A5-3C8273F90ECF}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [TCP Query User{733AD380-6942-42B0-96A4-4C928D10A842}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [UDP Query User{4FC4F02E-DA30-4A2F-ADC6-2421F3C86C51}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [{F173D9E2-CFC5-456C-B772-38970156E8B5}] => (Allow) D:\Programme\MAGIX\Video deluxe Premium\2017\Videodeluxe.exe
FirewallRules: [{58565BAD-4103-4768-A22D-6A83399860EE}] => (Allow) D:\Programme\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{B0F4AF05-3445-4E86-84ED-F9668F3EA52B}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{B6D46762-9437-4F7E-804C-595364ADB56E}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{DD9EDFC0-4384-42B2-99D5-8C17E4DDD7AC}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{A0600D8F-500A-4A44-89C6-282349CAE307}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{536D9FE2-FE06-430D-8696-DC1327D02F34}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{5A496D68-2EF3-43AD-98E3-578B7BA30874}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{B13220B0-F27B-4818-A76B-284143317672}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{3543073A-B8AB-453D-A4D3-190625845506}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{69CD8989-CD16-4562-BE3F-0988730932F3}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{CC1CF894-3B6A-4DC2-969F-3509EEE2C8B7}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{2F57496C-28BB-4BA2-B0DC-E8DBBA7A674B}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{3A10685A-A365-481C-8512-71D553076AD1}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [TCP Query User{946362F4-2735-432C-A060-BD80CF30C175}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{36F60D16-C06C-4788-8120-C002ADB1A518}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [{50693B02-4980-454A-A2CD-C8AB00019487}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{D76891D4-8F80-44F1-A92E-A0FE7048C49A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{05C68A71-80C1-403E-9342-74CDFA2EB76A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{0BCB9B89-43C3-4687-A311-87DCF4725AC3}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{D61C37A6-ACC2-4494-96D8-897F554884E1}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{AC54F4D6-CCD8-4350-81A7-4122051063DB}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{724031A4-8631-4BA6-9B14-5C43D6C27B7A}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [{4F12E286-9A42-491E-BD48-5BE45805DF6F}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [TCP Query User{63EBF6ED-4320-4FD6-8349-76A314057E9B}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [UDP Query User{89DFC2DE-0D85-469A-8D40-ECEB29072155}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [{F6CFAD45-14D9-4F70-AE82-84915128CE6D}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{EB40392A-35B2-4B49-86CF-EB7327563DF7}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{B5D68DF0-AF23-431D-B345-C5278F6310D2}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{D12E3BDC-FA1F-4993-B187-17D842A92D49}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{EF42FFA6-F63B-4B18-B056-65AED7E3C817}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{949C85A8-693A-4505-9C65-2483077C2F59}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{118F724E-B0C9-484C-AA54-724951D58103}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{639D79C9-CEE6-4D37-9D37-41C7742D6476}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{113DDC4D-4A14-41D5-B79D-9286B9A6DE47}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{2EE7EFEE-59FF-4C8D-9838-2B2B9E00270C}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{5EF4F8B9-60AD-42E1-AB4A-2035E242CEE5}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{C8894B04-9B96-490B-B2F2-A8DA33112482}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{BC6E0C8F-343B-4209-8906-8701893745CD}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{E9AC4963-ED0F-429D-A657-A4247022DEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{5A22F760-CBCC-4E82-ACA1-F3E13E75C79E}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{97E90E47-6DFE-4D02-B6F7-2D529C9DCF92}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [{6478ACBE-A9BD-4004-99AE-5BC6F47E9A6E}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{78CF89E7-5691-4AD3-ACD0-EA5EF3E3ADB0}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{F994B6B6-3EF4-4BBE-AB52-770328BFBED1}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{FC8B8C65-D63E-454C-B8CA-8E5FEC275AC6}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{DA2A7636-FE20-4A55-8405-38F2A9800092}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{EA799577-B0B7-424D-81CE-CDFA03C9E253}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{2714EDEE-7A10-426D-9FD0-30151409B09B}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{1FEFAA6C-A74C-481F-8428-D872D4DF5A5A}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{943C1A90-26A3-46C8-B75A-6AB5FE4D9C63}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [{07764B6D-4A71-4707-862F-E2FCE2E941CD}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [TCP Query User{7E4F6977-CF90-458B-92F3-F84E646B614E}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [UDP Query User{BAD65C73-1242-446C-A7F2-425E8F1CA7C2}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [{FD6BCDDE-5D4D-4827-B8C0-07C5B6758FA3}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{45C6038B-B8D4-4DF9-8A9A-11BE0F587F4C}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{453D71D6-A585-44FD-85D5-2D73EDFC22B6}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{4BD1F834-69C3-4E05-8297-006053B83D13}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{789904E8-F71E-46A3-9B7B-76616E723997}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [{060AE121-401D-4ACC-8F5A-B5C264428BDC}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [TCP Query User{A10DC358-53EF-4B81-A409-6BE1CDA4CC1B}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [UDP Query User{4DA529DA-158D-45FE-9090-FE15CC0B46D7}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [TCP Query User{EB037A9C-4274-40DA-B348-5751821FEE09}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{64F17405-13C2-4CA1-BE0F-B4B4EBA822B8}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{039CE7D6-8615-4867-9B7D-5D77171CF046}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D5172F7E-49E6-4DDF-9DA9-AF66C81B5A55}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D2F00B33-3AA8-42D5-9B14-C767CFF32944}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [{AB5457CE-D7FE-4B34-B463-B155F14F96BD}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [TCP Query User{B77F38D4-CF61-44FA-BA53-BA1EFB7D5A95}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [UDP Query User{DE476809-6F31-461C-89B2-CFE16D7151EF}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [TCP Query User{70925235-EB3E-41A8-AAEA-F7560E1D8AE9}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [UDP Query User{BB5A0FCE-F704-4643-91FA-E3AEF49E2C0C}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [{E3DCA5F5-CFB9-49E6-A6D2-1E04C6C5BE44}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{8AC401C8-0D9E-486D-AD97-16F5B10C104D}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{1C79891E-9065-4FC7-BFEB-6D285BEED6DD}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{085103B3-52BB-4322-9116-5F92D990C16D}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{28C28A74-2BF9-4BBA-8801-DBE9B3113DD3}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{9BE9FEF8-B749-421F-AC97-368EC7D7282E}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{F2850B57-519D-46CA-A1C2-6C613C0B0F3A}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{15886ADE-5178-4380-ADAB-65B3A03C449F}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{5707A4E9-4AB0-4ADC-95A6-8891A2D6147B}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{F4D66E58-5638-4F67-8A31-62AEA5572057}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{8324771A-96C6-4F9B-90DA-195A875C5631}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{F03EA227-673C-4D1D-A045-93429F4F96CB}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{F98C6DC3-DAF4-4D89-9EC0-32A20474D749}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{DEFC3B7B-4E63-430B-9F73-CED9B3360B00}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{B04F755E-73A7-4B19-A716-0B4936931199}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{971CC691-F9C0-4BE8-BDED-8815C6A6245D}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{80DE5553-410B-43C9-8FEF-E43891C78DAF}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{D5BDF78C-85D8-4E56-926C-CC2D7364646A}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{63DFEBFC-390C-40DE-933A-9F2DADAD8AFD}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{57D0E3A8-0AB2-48D7-AB64-E3FC8289ABF8}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{03B14AAC-85A3-4E1E-AAE6-D67BB763AB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{5534C200-0E52-4CCC-BA98-DF0D25966303}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{319E1CFA-96F9-4765-B13D-2832EBC9F79E}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [{090C80C9-EF2A-4BCC-B274-DA738B85FF47}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [TCP Query User{D0852806-9B67-4849-B393-5BCFD73B4217}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [UDP Query User{732894AA-62DA-493F-BA78-A65544A6C539}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [{214564AF-BBA3-4E81-B17D-1F06B5D3AFD0}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{0B95A94E-567C-43B4-B71B-3B85B8188330}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{B33FB518-0761-4C24-8867-F0B7B14F323F}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{B76F326A-FE12-49DD-99D3-B8B83F95A4A2}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{CF53888A-5C8C-44A9-96E7-8D2A2C391893}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{E602716D-68E2-4725-97C8-C0555B0FF6BE}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{835F90F4-C74A-48E4-BD7B-7B7F3EB26BB1}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{DE0ABF26-0839-44EA-9D69-ACA0A016BDA7}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B8FEEE15-4AA9-48C5-BA8F-0D61F0142CC5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BCD32AD3-5CF5-4EAA-B4BB-6B822714DD3E}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{2DE48180-C6D5-4C8B-B588-4E81E239B1A5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{139CD6E0-7156-45DD-80E7-9F30BCC3DAEC}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4896923D-EA5C-492C-84A1-6FBE349C275C}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{6EBE3F0D-A166-408B-8DFC-80271D263B06}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{AA95A789-ABF7-49FA-BC2C-E8105DCD445E}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DBFA4C21-FBA5-440E-A8AF-C5E9777BABAE}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{56526727-9FF2-4767-8A86-67202932C05A}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F8C628C4-D6B5-414D-889E-EE364CFBC7D7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B2F7A213-0B26-408B-9612-A5BE7520ED6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3AE1DE3A-8510-4A06-AA23-71A1A52679DB}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{313E92A5-5595-4288-A364-63B4C3B819E5}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [{34DD1EF5-DC69-4975-B0F4-78E0875E130B}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{67B2ECF1-9635-4060-80A8-E1D5452EA396}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{7A7CD880-69B3-4C3E-9647-5C3623C65E61}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{12B14AFB-878D-4FDA-A577-802F39490F85}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{47916F8C-0CAE-45DA-A7B4-985DA7C8F929}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [{9458BBAC-9252-4758-829F-79275BB8B2F9}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [TCP Query User{BDFDC57C-8BC9-4E79-B023-615557F08A78}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [UDP Query User{3F3D8A05-33CD-47CF-84C2-F977A40F537D}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [{00EC267C-F337-4CA1-AC15-822CA9CCB469}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{E86DD9EE-B256-4BBB-BE9C-C368494796F7}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [TCP Query User{CDF47A81-5308-4252-9667-38D9AB0D8061}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [UDP Query User{6F3E0A19-AC02-489E-89E6-5BF15BCCDDC2}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [{78F1101F-9872-4F30-919B-44FEF97AFA23}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{4A2A88E2-91E7-4949-88FC-A05F0BDAF2F7}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{DA1AB053-B838-4905-9B9F-CAF4FFD52AB5}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{23A99FAD-E518-4010-83FE-710A6E211B96}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{24359B6A-EE2C-4D5C-ABA5-6BF6CAC91504}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AA6C628-7FB9-4F30-BB92-BDCF89F2181A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B270495-D3DF-42B2-B552-52B9EE687746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB7EE3A6-58A2-4ED9-90AD-3136049D6ED4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C89A8AB6-BCD9-4DC5-885F-DB0E8A508471}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{C3C6DF70-4CA9-430C-A8FF-FEEC9584346C}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{61C7FA33-4FA8-496A-804E-6F769606FD0A}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{14F4F47C-8305-4C7A-B552-AA5062DF3F14}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{81A6E9C9-CCA8-48DC-A19C-4425F738518E}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{794C269B-691B-4E72-847D-6BEAA1613019}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{2D1CC264-2E8C-4447-BF39-A770356FF620}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{6286C5FE-F448-4712-9198-65EA02C81ADC}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{D2C7216F-2F71-4D31-BBFA-CB24B6010AD4}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{025100DE-0293-4589-A81C-417A0604AB7F}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{E3A69345-E1C6-435C-962C-6C54065DD035}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{9FE21E23-0DDA-4020-952F-D1EE6C97D97B}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{5014089B-AA20-40A0-BF72-A740F366A674}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{142D2C28-298C-4B34-B67F-4CCA94E45CE1}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{7813EC58-1DAF-4FFE-976A-80172154651E}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{CF67956E-6D20-4DE6-9ACB-2A3B6DC3AB41}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{699458AF-2F8D-48F1-8B2B-BA8454D8236C}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{ABFA37DD-029F-4272-A197-06762C110EB8}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{089F274A-3139-40E8-8F03-1BE0BB9EAE7D}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{2113B080-14B0-4BAE-9C02-A410FE21B061}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{C0292D33-04A7-4511-A144-216679F9FFD4}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{D922841A-A90B-4235-89DF-426FB99D355F}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0800D4EE-74FF-4BFD-8430-5E5ED922607B}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{CEACACE7-4640-4865-B504-F16A3ED17000}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{9CDAE3DE-33F2-4E84-A6EA-809402CA701B}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{0B4B05AB-250A-412E-9969-0586E560F06E}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{BC8A2FB2-90B9-47DB-A552-489AE165B13D}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{C3E2BBA9-A4B6-4FC8-9A79-8864D9775545}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{DA2A4F4D-F1E8-462A-B8EA-380E5D196DD2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{02761161-C56D-453C-85F6-7D6D33393B5D}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
05-09-2017 18:50:03 Removed Robert D. Anderson & the legacy of Cthulhu
07-09-2017 11:15:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
07-09-2017 11:15:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
09-09-2017 10:15:30 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
12-09-2017 16:23:20 Entfernt Max Payne 3
16-09-2017 13:26:14 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/21/2017 06:33:37 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 06:33:36 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 06:33:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Hoshi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.SecHealthUI_cw5n1h2txyewy!SecHealthUI“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/21/2017 06:25:18 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 06:16:59 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 05:47:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: c599f06f9ff37444c99b60561433d5f7.exe, Version: 13.14.1.34, Zeitstempel: 0x57c9dbc2
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00062ec8
ID des fehlerhaften Prozesses: 0x2e78
Startzeit der fehlerhaften Anwendung: 0x01d332f0fcd63163
Pfad der fehlerhaften Anwendung: C:\Program Files\088195c19b33f61100dd567039f0a39e\c599f06f9ff37444c99b60561433d5f7.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ff8b8eea-182f-4e1b-865d-04e60e18a49f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/21/2017 05:47:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: c599f06f9ff37444c99b60561433d5f7.exe, Version: 13.14.1.34, Zeitstempel: 0x57c9dbc2
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00062ec8
ID des fehlerhaften Prozesses: 0x3844
Startzeit der fehlerhaften Anwendung: 0x01d332f0f6bba092
Pfad der fehlerhaften Anwendung: C:\Program Files\088195c19b33f61100dd567039f0a39e\c599f06f9ff37444c99b60561433d5f7.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 73b24f58-93de-4fdc-8dca-49dd1f44ff4f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/21/2017 05:47:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: c599f06f9ff37444c99b60561433d5f7.exe, Version: 13.14.1.34, Zeitstempel: 0x57c9dbc2
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00043d7e
ID des fehlerhaften Prozesses: 0x1db0
Startzeit der fehlerhaften Anwendung: 0x01d332f0edce72fb
Pfad der fehlerhaften Anwendung: C:\Program Files\088195c19b33f61100dd567039f0a39e\c599f06f9ff37444c99b60561433d5f7.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 0fd6e04d-873a-46b2-a750-e6698fd196f8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/21/2017 05:47:28 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 05:47:26 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (09/21/2017 06:33:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/21/2017 06:33:13 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/21/2017 06:33:10 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1084" in DCOM, als der Dienst "TermService" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{F9A874B6-F8A8-4D73-B5A8-AB610816828B}
Error: (09/21/2017 06:33:06 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/21/2017 06:33:05 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1084" in DCOM, als der Dienst "TermService" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{F9A874B6-F8A8-4D73-B5A8-AB610816828B}
Error: (09/21/2017 06:33:03 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (09/21/2017 06:33:03 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (09/21/2017 06:33:03 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (09/21/2017 06:33:03 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (09/21/2017 06:33:03 PM) (Source: DCOM) (EventID: 10005) (User: Hoshi-PC)
Description: Fehler "1084" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
CodeIntegrity:
===================================
Date: 2017-09-21 17:43:23.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:43:23.245
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:43:22.779
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:43:22.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:28:55.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:28:55.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:13:32.693
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 17:13:32.692
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 16:28:50.596
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-21 16:28:50.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16314.71 MB
Verfügbarer physikalischer RAM: 13374.82 MB
Summe virtueller Speicher: 32698.71 MB
Verfügbarer virtueller Speicher: 29523.37 MB
==================== Laufwerke ================================
Drive b: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:102.52 GB) NTFS
Drive c: () (Fixed) (Total:223.03 GB) (Free:48.44 GB) NTFS
Drive d: () (Fixed) (Total:1464.84 GB) (Free:191.17 GB) NTFS
Drive e: () (Fixed) (Total:398.17 GB) (Free:71.99 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7D0DF0DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7D0DF0CB)
Partition 1: (Not Active) - (Size=1464.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 873A098D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 21.09.2017 Suchlaufzeit: 18:36 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.09.21.07 Rootkit-Datenbank: v2017.09.13.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Hoshi Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 434950 Abgelaufene Zeit: 5 Min., 24 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 Adware.IStartSurf, C:\Users\Hoshi\AppData\Local\Temp\is-K06PA.tmp\is-K06PA.tmp.exe, , [a76412a58e1bec4a7666dd11c23fca36], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
21.09.2017, 19:55
| #4 |
| | Windows 10 64bit : Verdacht auf Maleware Windows Defender Code:
ATTFilter Ebene Datum und Uhrzeit Quelle Ereignis-ID Aufgabenkategorie Fehler 21.09.2017 20:29:17 Microsoft-Windows-Windows Defender 2001 Keine "Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen. Neue Signaturversion: Vorherige Signaturversion: 1.251.1222.0 Updatequelle: Microsoft Center zum Schutz vor Schadsoftware Signaturtyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: Vorherige Modulversion: 1.1.14104.0 Fehlercode: 0x800704e8 Fehlerbeschreibung: Der Remotecomputer ist nicht verfügbar. Weitere Informationen zur Behebung von Netzwerkproblemen finden Sie in der Windows-Hilfe. " Fehler 21.09.2017 20:29:17 Microsoft-Windows-Windows Defender 2001 Keine "Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen. Neue Signaturversion: Vorherige Signaturversion: 1.251.1222.0 Updatequelle: Microsoft Center zum Schutz vor Schadsoftware Signaturtyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: Vorherige Modulversion: 1.1.14104.0 Fehlercode: 0x800704e8 Fehlerbeschreibung: Der Remotecomputer ist nicht verfügbar. Weitere Informationen zur Behebung von Netzwerkproblemen finden Sie in der Windows-Hilfe. " Fehler 21.09.2017 20:29:17 Microsoft-Windows-Windows Defender 2001 Keine "Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen. Neue Signaturversion: Vorherige Signaturversion: 1.251.1222.0 Updatequelle: Microsoft Center zum Schutz vor Schadsoftware Signaturtyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: Vorherige Modulversion: 1.1.14104.0 Fehlercode: 0x800704e8 Fehlerbeschreibung: Der Remotecomputer ist nicht verfügbar. Weitere Informationen zur Behebung von Netzwerkproblemen finden Sie in der Windows-Hilfe. " Informationen 21.09.2017 20:27:31 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-1CG2L.tmp\up.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 20:27:08 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-1CG2L.tmp\up.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:24:49 Microsoft-Windows-Windows Defender 1001 Keine "Die Windows Defender Antivirus-Überprüfung wurde fertig gestellt. Überprüfungs-ID: {C8298AC2-D534-4FAC-8851-68DEE1E484A6} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: Hoshi-PC\Hoshi Überprüfungszeit: 0:04:45" Informationen 21.09.2017 20:20:08 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:20:03 Microsoft-Windows-Windows Defender 1000 Keine "Die Windows Defender Antivirus-Überprüfung wurde gestartet. Überprüfungs-ID: {C8298AC2-D534-4FAC-8851-68DEE1E484A6} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Überprüfungsressourcen: Benutzer: Hoshi-PC\Hoshi" Warnung 21.09.2017 20:19:49 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:12396,ProcessStart:131504820268709030 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);process:_pid:15980,ProcessStart:131504822420186573 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Prozessname: C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0 Name: BrowserModifier:Win32/Soctuseer!excl ID: 237119 Schweregrad: Hoch Kategorie: Browserveränderer Pfad: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\088195c19b33f61100dd567039f0a39e\ Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:10280,ProcessStart:131504819433135227;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:12396,ProcessStart:131504820268709030;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: Prozessname: C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 20:19:17 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:4056,ProcessStart:131504822438507742 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:45:08 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);process:_pid:15980,ProcessStart:131504822420186573 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:45:08 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0 Name: BrowserModifier:Win32/Soctuseer!excl ID: 237119 Schweregrad: Hoch Kategorie: Browserveränderer Pfad: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\088195c19b33f61100dd567039f0a39e\ Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:45:08 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0 Name: BrowserModifier:Win32/Soctuseer!excl ID: 237119 Schweregrad: Hoch Kategorie: Browserveränderer Pfad: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\088195c19b33f61100dd567039f0a39e\ Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:45:08 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\VoAhouq3n\VoAhouq3n.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\IG53WBKU5F\Sho9libi.exe Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:45:05 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);process:_pid:15980,ProcessStart:131504822420186573 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Users\Hoshi\AppData\Local\Temp\Pcpy1x0ok\Pcpy1x0ok.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:45:05 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0 Name: BrowserModifier:Win32/Soctuseer!excl ID: 237119 Schweregrad: Hoch Kategorie: Browserveränderer Pfad: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\088195c19b33f61100dd567039f0a39e\ Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:45:05 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:4056,ProcessStart:131504822438507742 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:45:03 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\c:\program files\088195c19b33f61100dd567039f0a39e\ = 0x0 Neuer Wert: " Warnung 21.09.2017 17:44:55 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-GRUB6.tmp\up.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Users\Hoshi\AppData\Local\Temp\is-URS6K.tmp\Pcpy1x0ok.tmp Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:44:12 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\VoAhouq3n\VoAhouq3n.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\IG53WBKU5F\Sho9libi.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:44:09 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:44:09 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0 Name: BrowserModifier:Win32/Soctuseer!excl ID: 237119 Schweregrad: Hoch Kategorie: Browserveränderer Pfad: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\088195c19b33f61100dd567039f0a39e\ Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:44:06 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:2836,ProcessStart:131504822391030590 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\nZBYX8kqI\netstream.exe Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:44:02 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:2836,ProcessStart:131504822391030590 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\nZBYX8kqI\netstream.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:43:26 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\f371379892038d205abbfa586a4788d0.xml = 0x0" Informationen 21.09.2017 17:43:25 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1 = 0x0" Informationen 21.09.2017 17:43:22 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:12396,ProcessStart:131504820268709030 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:43:22 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:10280,ProcessStart:131504819433135227;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: Prozessname: Unknown Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:43:22 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:12396,ProcessStart:131504820268709030;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: Prozessname: C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Aktion: Nicht verfügbar Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:43:20 Microsoft-Windows-Windows Defender 2011 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen veraltete Signaturen verworfen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\fb16a834c86d7ccf21850189f4d4c0d3b7e813a8 Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:35:56 Grund der Entfernung: Automatisch Persistenzgrenztyp: Dauer Persistenzgrenze: 3000000" Informationen 21.09.2017 17:43:20 Microsoft-Windows-Windows Defender 2011 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen veraltete Signaturen verworfen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\fb16a834c86d7ccf21850189f4d4c0d3b7e813a8 Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:35:56 Grund der Entfernung: Automatisch Persistenzgrenztyp: Dauer Persistenzgrenze: 3000000" Informationen 21.09.2017 17:42:10 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\c:\program files\088195c19b33f61100dd567039f0a39e\ = 0x0" Warnung 21.09.2017 17:42:10 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe;containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\is-48N6P.tmp\up.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\shutdowntime.exe->(inno#000002);file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:10280,ProcessStart:131504819433135227;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:41:56 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\ea25b50d8d77b75b0e1b47872ebc5b38.exe = 0x0" Informationen 21.09.2017 17:41:56 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files\088195c19b33f61100dd567039f0a39e = 0x0" Informationen 21.09.2017 17:41:56 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\uninstaller.dat = 0x0" Informationen 21.09.2017 17:41:56 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\system32\drivers\ca411eda88aa6e27faf3faffca1124f5.sys = 0x0" Warnung 21.09.2017 17:41:49 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\H9qYxhfC2\netstream.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:12396,ProcessStart:131504820268709030;process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:41:44 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:41:44 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-6BU2F.tmp\YX678.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe;process:_pid:2088,ProcessStart:131504819130369842 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:40:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\db4dadada3d04f3352df45798202d1125a4b7ea0 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:40:41 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:40:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\db4dadada3d04f3352df45798202d1125a4b7ea0 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:40:41 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:40:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\af2ec3e0cfd78bbd6f76da7260d6a7ce1e9b36bf Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:40:32 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:40:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\af2ec3e0cfd78bbd6f76da7260d6a7ce1e9b36bf Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:40:32 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Warnung 21.09.2017 17:40:56 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Bunitu.R!bit&threatid=2147720067&enterprise=0 Name: TrojanProxy:Win32/Bunitu.R!bit ID: 2147720067 Schweregrad: Schwerwiegend Kategorie: Trojaner - Proxyserver Pfad: process:_pid:12396,ProcessStart:131504820268709030 Erkennungsursprung: Unbekannt Erkennungstyp: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:40:47 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: containerfile:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe->(inno#000004);process:_pid:14876,ProcessStart:131504819699467513 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\YRjyzsNCW\YRjyzsNCW.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:40:42 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-6BU2F.tmp\YX678.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe;process:_pid:2088,ProcessStart:131504819130369842 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:40:42 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\BKtW7Erl5\netstream.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Users\Hoshi\AppData\Local\Temp\P5AJ6MC03B\Sho9libi.exe Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\WINDOWS\Temp\ieFYcOrvRDhDUnVO = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files (x86)\TQoarIXzU = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\OVRLibraryService\AppData\LocalLow\zwMRXEuCYLuhR = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdlphncgdlaajddhdginocbkndmceaml = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files (x86)\CKCpTyVyQIE = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Mcx1-HOSHI-PC\AppData\Local\Temp\bJDxxkuCsoIGprfpO = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Hoshi\AppData\Local\Temp\bJDxxkuCsoIGprfpO = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\OVRLibraryService\AppData\Local\Temp\bJDxxkuCsoIGprfpO = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files (x86)\ICBaloCIDxXU2 = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Mcx1-HOSHI-PC\AppData\LocalLow\zwMRXEuCYLuhR = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Users\Hoshi\AppData\LocalLow\zwMRXEuCYLuhR = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files (x86)\Mozilla Firefox\browser\features\{5C3FD6D1-9185-4195-B5E1-FAB622427F59} = 0x0" Informationen 21.09.2017 17:40:17 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\C:\Program Files (x86)\AvMVIUoBwtUn = 0x0" Informationen 21.09.2017 17:40:04 Microsoft-Windows-Windows Defender 5007 Keine "In der Konfiguration von Windows Defender Antivirus wurde eine Änderung erkannt. Falls dies unerwartet ist, überprüfen Sie die Einstellungen, da die Änderung möglicherweise von Schadsoftware verursacht wurde. Bisheriger Wert: Neuer Wert: HKLM\SOFTWARE\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\225451 = 0x6" Warnung 21.09.2017 17:39:58 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\is-6BU2F.tmp\YX678.exe;file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe;process:_pid:2088,ProcessStart:131504819130369842 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:39:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\a28b4a42659986dcb3d74f7c8a4afcdce3f163a5 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:39:57 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:39:58 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\a28b4a42659986dcb3d74f7c8a4afcdce3f163a5 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:39:57 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Warnung 21.09.2017 17:39:53 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\BKtW7Erl5\netstream.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Users\Hoshi\AppData\Local\Temp\P5AJ6MC03B\Sho9libi.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:39:53 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe;process:_pid:2088,ProcessStart:131504819130369842 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:39:51 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe;process:_pid:2088,ProcessStart:131504819130369842 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:39:14 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\BKtW7Erl5\netstream.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Hoshi-PC\Hoshi Prozessname: C:\Users\Hoshi\AppData\Local\Temp\P5AJ6MC03B\Sho9libi.exe Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:38:49 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\speedownloader.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:38:43 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\6e6d7d5fd7c09b667bf50fecb366d731f217500c Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:38:40 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:38:43 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\6e6d7d5fd7c09b667bf50fecb366d731f217500c Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:38:40 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:38:42 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\d0efc2f8f5c01648d77273e1dba2fa7aa0ebc4df Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:38:40 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:38:42 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\d0efc2f8f5c01648d77273e1dba2fa7aa0ebc4df Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:38:40 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:36:51 Microsoft-Windows-Windows Defender 1000 Keine "Die Windows Defender Antivirus-Überprüfung wurde gestartet. Überprüfungs-ID: {CEC76C46-3546-49C7-A5EB-CCE8C7A71678} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Überprüfungsressourcen: Benutzer: Hoshi-PC\Hoshi" Informationen 21.09.2017 17:36:29 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x80508023 Fehlerbeschreibung: Auf dem Gerät wurde keine Schadsoftware oder andere potenziell unerwünschte Software gefunden. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:36:28 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:36:28 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe;process:_pid:9484,ProcessStart:131504817609445057 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Aktion: Quarantäne Aktionsstatus: No additional actions required Fehlercode: 0x00000000 Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet. Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:36:27 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe;process:_pid:9484,ProcessStart:131504817609445057 Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Warnung 21.09.2017 17:36:23 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:36:23 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\43d6f3b6f1d30fc1b275c6cf1500496ca03a894e Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:20 Persistenzgrenztyp: Dauer Persistenzgrenze: 864000000" Informationen 21.09.2017 17:36:23 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\43d6f3b6f1d30fc1b275c6cf1500496ca03a894e Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:20 Persistenzgrenztyp: Dauer Persistenzgrenze: 864000000" Informationen 21.09.2017 17:36:23 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4795e74b629641a33e9873b97d515fbc5e480985 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:19 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:36:23 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4795e74b629641a33e9873b97d515fbc5e480985 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:19 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Warnung 21.09.2017 17:36:03 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.A!cl&threatid=2147718513&enterprise=0 Name: Trojan:Win32/Fuery.A!cl ID: 2147718513 Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\Hoshi\AppData\Local\Temp\163239140\ic-0.20dc7523649674.exe Erkennungsursprung: Lokaler Computer Erkennungstyp: FastPath Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Signaturversion: AV: 1.251.1222.0, AS: 1.251.1222.0, NIS: 117.12.0.0 Modulversion: AM: 1.1.14104.0, NIS: 2.1.13804.0" Informationen 21.09.2017 17:36:03 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\b1d2dd5fe602992310bc70ba8c2c6aced6766619 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:00 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:36:03 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\b1d2dd5fe602992310bc70ba8c2c6aced6766619 Version der dynamischen Signatur: 1.251.1222.1 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:36:00 Persistenzgrenztyp: VDM-Version Persistenzgrenze: 1.251.1222.1" Informationen 21.09.2017 17:36:00 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiSpyware Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\fb16a834c86d7ccf21850189f4d4c0d3b7e813a8 Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:35:56 Persistenzgrenztyp: Dauer Persistenzgrenze: 3000000" Informationen 21.09.2017 17:36:00 Microsoft-Windows-Windows Defender 2010 Keine "Von Windows Defender Antivirus wurden mithilfe des Diensts für dynamische Signaturen zusätzliche Signaturen zum Schutz des Computers abgerufen. Aktuelle Signaturversion: 1.251.1222.0 Signaturtyp: AntiVirus Benutzer: \ Aktuelle Modulversion: 1.1.14104.0 Typ der dynamischen Signatur: Signaturupdate Persistenzpfad: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\fb16a834c86d7ccf21850189f4d4c0d3b7e813a8 Version der dynamischen Signatur: 0.0.0.0 Erstellungszeitstempel der dynamischen Signatur: 21.09.2017 15:35:56 Persistenzgrenztyp: Dauer Persistenzgrenze: 3000000" Informationen 21.09.2017 17:26:27 Microsoft-Windows-Windows Defender 1001 Keine "Die Windows Defender Antivirus-Überprüfung wurde fertig gestellt. Überprüfungs-ID: {72E2EACE-C8C8-43A2-9F86-C29F74C058D0} Überprüfungstyp: Antimalware Überprüfungsparameter: Benutzerdefinierte Überprüfung Benutzer: Hoshi-PC\Hoshi Überprüfungszeit: 0:00:00" Informationen 21.09.2017 17:26:26 Microsoft-Windows-Windows Defender 1000 Keine "Die Windows Defender Antivirus-Überprüfung wurde gestartet. Überprüfungs-ID: {72E2EACE-C8C8-43A2-9F86-C29F74C058D0} Überprüfungstyp: Antimalware Überprüfungsparameter: Benutzerdefinierte Überprüfung Überprüfungsressourcen: file:_E:\3d-converter.exe Benutzer: Hoshi-PC\Hoshi" Informationen 21.09.2017 17:13:31 Microsoft-Windows-Windows Defender 1013 Keine "Von Windows Defender Antivirus wurden Verlaufsinformationen zu Schadsoftware oder anderer potenziell unerwünschter Software entfernt. Zeit: 06.09.2017 17:13:31 Benutzer: NT-AUTORITÄT\SYSTEM " Informationen 21.09.2017 17:13:31 Microsoft-Windows-Windows Defender 1000 Keine "Die Windows Defender Antivirus-Überprüfung wurde gestartet. Überprüfungs-ID: {8BCB44DC-B1D0-467A-BFF6-D462EBF2ABD9} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Überprüfungsressourcen: Benutzer: NT-AUTORITÄT\SYSTEM" |
|
22.09.2017, 02:44
| #5 |
| /// Malwareteam   | Windows 10 64bit : Verdacht auf Maleware Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 "Verdacht" ist gut, hier gibts einiges zu tun  Schritt: 1 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
22.09.2017, 18:11
| #6 |
| | Windows 10 64bit : Verdacht auf Maleware "einiges zu tun"... da hab ich wohl den Jackpot erwischt.  Wie ist das mit der weiteren Benutzung des PCs? Darf ich in der Zeit Clients wie Steam oder Battle.net benutzen, da diese ja Logins benötigen, oder andere Onlinespiele? Spiele im Allgemein oder meine Grafik/Video Programme?Hier die Logfile Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.09.22.01
rootkit: v2017.09.13.01
Windows 10 x64 NTFS
Internet Explorer 11.608.15063.0
Hoshi :: HOSHI-PC [administrator]
22.09.2017 06:19:17
mbar-log-2017-09-22 (06-19-17).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 436916
Time elapsed: 10 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Hoshi\AppData\Local\drtaaf.dll (Trojan.ProxyAgent) -> Delete on reboot. [b3b6c9ee3f6a95a1ff4af5f918e9dd23]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.09.22.01
rootkit: v2017.09.13.01
Windows 10 x64 NTFS
Internet Explorer 11.608.15063.0
Hoshi :: HOSHI-PC [administrator]
22.09.2017 06:34:11
mbar-log-2017-09-22 (06-34-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 436413
Time elapsed: 9 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.09.22.05
rootkit: v2017.09.13.01
Windows 10 x64 NTFS
Internet Explorer 11.608.15063.0
Hoshi :: HOSHI-PC [administrator]
22.09.2017 18:51:09
mbar-log-2017-09-22 (18-51-09).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 437344
Time elapsed: 9 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Hoshi\AppData\Local\Temp\nZBYX8kqI\netstream.exe (Ransom.Cerber) -> Delete on reboot. [f27b1c9be1c8f93d5ed98866857c6b95]
C:\Users\Hoshi\AppData\Local\Temp\ZdYydE73t\ZdYydE73t.exe (Adware.Wajam) -> Delete on reboot. [fa73e8cfe9c06cca3a8a0fe14cb505fb]
C:\Users\Hoshi\AppData\Local\Temp\so24j8f5O\so24j8f5O.exe (Adware.Wajam) -> Delete on reboot. [5617783f3277e1556361aa4634cdc838]
C:\Windows\ea25b50d8d77b75b0e1b47872ebc5b38.exe (Adware.Wajam) -> Delete on reboot. [90dd6057f5b4bb7bee7607e88879e61a]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
https://drive.google.com/open?id=0B-dJOMZu93--LXRZREs1NkdyODQ |
|
22.09.2017, 23:43
| #7 |
| /// Malwareteam | Windows 10 64bit : Verdacht auf Maleware ja ganz ruhig da, 2 mal hätte gereicht. Das hilft in deinem Fall eh noch nicht besonders. Aber bekommen wir alles hin. Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CloseProcesses:
Emptytemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [4UEZZE426ZCBI5S] => C:\Program Files (x86)\SDownloader\6PZUP.exe [1226752 2017-09-21] (1VDQ)
FF user.js: detected! => C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\user.js [2017-09-21]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\wgfhygzl2oo
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1btjxe3pfv
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ky1ycpizc1m
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hj44pi4iij1
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\fslpzvplkzw
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\3K1EP8FZTW
2017-09-21 17:46 - 2017-09-21 17:46 - 000000000 ____D C:\Program Files\794JJ2L8W9
2017-09-21 17:45 - 2017-09-21 18:17 - 000000002 _____ C:\END
2017-09-21 17:45 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\xjrqshsfear
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1k4v1fzjcg
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\WSH55IY5CO
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\SUGMCJMJDX
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\L4GUFS7VFF
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\{E4156CA0-47AD-493C-980B-63E02EA7C93A}
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\{CF160C81-F78D-4A0C-BE47-AF22C8C533BE}
2017-09-21 17:44 - 2017-09-21 17:44 - 000024576 _____ C:\Users\Hoshi\AppData\Local\drtaaf.dll
2017-09-21 17:43 - 2017-09-21 18:17 - 000000306 __RSH C:\Users\Hoshi\ntuser.pol
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\rvv0f2joxp0
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hjvjanr5j10
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\h4hpycpiigw
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cvmm2xhahv1
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\aa3cy0c3vrw
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\NTLYPTR4F0
2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\Users\Hoshi\AppData\Local\AdvinstAnalytics
2017-09-21 17:41 - 2017-09-21 17:44 - 000004608 _____ C:\WINDOWS\system32\mispaced.dll
2017-09-21 17:41 - 2017-09-21 17:41 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\jyqtpby3wrp
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cf0aqfn3f2w
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\1yqjmonlcdx
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\2J4S1XCBYH
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\0REZPKA8BK
2017-09-21 17:40 - 2017-09-21 17:44 - 000006656 _____ C:\WINDOWS\system32\mispacedx.dll
2017-09-21 17:40 - 2017-09-21 17:40 - 000004608 _____ C:\WINDOWS\SysWOW64\mispaced.dll
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\zh5avmoljgd
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ujkguhy3rb5
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ivuhqdpovve
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TVCTLBBTT8
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\R1VICQWYQE
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-09-21 17:39 - 2017-09-21 17:39 - 000140800 _____ C:\Users\Hoshi\AppData\Local\installer.dat
2017-09-21 17:39 - 2017-09-21 17:39 - 000016826 _____ C:\WINDOWS\System32\Tasks\Spin Driver Vuld
2017-09-21 17:39 - 2017-09-21 17:39 - 000011568 _____ C:\Users\Hoshi\AppData\Local\InstallationConfiguration.xml
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ErrorReporting
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cl2bnzogg1u
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\53uzogknheg
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TBUC85W4RM
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\CARPFHFJOG
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\SDownloader
2017-09-21 17:35 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Local\PCBooster
2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\Documents\Aiseesoft Studio
2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Aiseesoft Studio
2017-09-21 18:09 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Spin Driver Vuld
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> Keine Datei
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
Task: {25D5A32A-8909-4F96-8028-6E97C19E9277} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3DEA7F3E-A5EB-45F0-9421-D9F66008ED63} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {520A4ED2-9B29-4873-B2CA-FEA9273674C4} - \{4DD1B416-1A2D-4675-A6D6-8083878E9DE3} -> Keine Datei <==== ACHTUNG
Task: {674D3F7E-07C8-42A4-AD10-F21331870E05} - \Red Giant Link -> Keine Datei <==== ACHTUNG
Task: {6A9B91BB-C2E4-43F0-A903-2F8119DDC143} - System32\Tasks\Spin Driver Vuld => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Spin Driver Vuld\Spin Driver Vuld.dll",Nejpqk <==== ACHTUNG
Task: {73233123-6EEE-441F-ACD7-AC9AC6C2D30B} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\Users\\Hoshi\\AppData\\Roaming\\ErrorReporting\\ermgr.exe
Task: {802BD126-ED9C-4502-8D98-7D2D98679DE2} - System32\Tasks\jJKowXmxzIFxIuj2 => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {8A11B9D7-5D1C-41EA-B4D4-112D27F98D33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {97496AF1-1EE8-4D66-924B-88673C3D7419} - System32\Tasks\jJKowXmxzIFxIuj => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {99A9C2AC-D3E0-4337-B0E6-3AFB38E4A179} - System32\Tasks\f371379892038d205abbfa586a4788d0 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1" <==== ACHTUNG
C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1
Task: {B2170479-C9ED-4E5A-BC64-4F7CA71C8180} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B689586B-9669-4E4E-84F2-2174ACB35C72} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CFFD267D-0E96-4AE1-B8E2-62A0C9DF92B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F1879657-BA06-438A-82B8-D2379034C86A} - System32\Tasks\LSjUFtTofwjkxN => rundll32 "C:\Program Files (x86)\ICBaloCIDxXU2\MUWtfQsPOcBXV.dll",#1
Task: {F81964E0-FEBD-4F08-A908-0ED367B4B50C} - System32\Tasks\0z8qp1lfDt => C:\Program Files (x86)\mML019nslc\updengine.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\jJKowXmxzIFxIuj.job => C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll
C:\Program Files (x86)\TQoarIXzU
C:\Program Files (x86)\ICBaloCIDxXU2
AlternateDataStreams: C:\ProgramData\TEMP:98353363 [132]
AlternateDataStreams: C:\Users\Hoshi\AppData\Local\Temp:$DATA [16]
file: C:\Windows\eHome\McrMgr.exe
cmd: dir "C:\Program Files (x86)" /a
cmd: dir "C:\Program Files" /a
cmd: dir "C:\Users\Hoshi\AppData\Roaming" /a
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths
powershell: Get-ChildItem -Path cert:\LocalMachine\Disallowed -recurse | Format-List -Property *
powershell: Get-ChildItem -Path cert:\CurrentUser\Disallowed -recurse | Format-List -Property *
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... Geändert von burningice (22.09.2017 um 23:48 Uhr) |
|
23.09.2017, 06:20
| #8 |
| | Windows 10 64bit : Verdacht auf Maleware fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-09-2017
durchgeführt von Hoshi (23-09-2017 07:15:35) Run:1
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
Emptytemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschr�nkung <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschr�nkung <==== ACHTUNG
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [4UEZZE426ZCBI5S] => C:\Program Files (x86)\SDownloader\6PZUP.exe [1226752 2017-09-21] (1VDQ)
FF user.js: detected! => C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\user.js [2017-09-21]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\wgfhygzl2oo
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1btjxe3pfv
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ky1ycpizc1m
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hj44pi4iij1
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\fslpzvplkzw
2017-09-21 17:47 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\3K1EP8FZTW
2017-09-21 17:46 - 2017-09-21 17:46 - 000000000 ____D C:\Program Files\794JJ2L8W9
2017-09-21 17:45 - 2017-09-21 18:17 - 000000002 _____ C:\END
2017-09-21 17:45 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\xjrqshsfear
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\q1k4v1fzjcg
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\WSH55IY5CO
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\SUGMCJMJDX
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\L4GUFS7VFF
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\{E4156CA0-47AD-493C-980B-63E02EA7C93A}
2017-09-21 17:44 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\{CF160C81-F78D-4A0C-BE47-AF22C8C533BE}
2017-09-21 17:44 - 2017-09-21 17:44 - 000024576 _____ C:\Users\Hoshi\AppData\Local\drtaaf.dll
2017-09-21 17:43 - 2017-09-21 18:17 - 000000306 __RSH C:\Users\Hoshi\ntuser.pol
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\rvv0f2joxp0
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\hjvjanr5j10
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\h4hpycpiigw
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cvmm2xhahv1
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\aa3cy0c3vrw
2017-09-21 17:43 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\NTLYPTR4F0
2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-09-21 17:42 - 2017-09-21 17:42 - 000000000 ____D C:\Users\Hoshi\AppData\Local\AdvinstAnalytics
2017-09-21 17:41 - 2017-09-21 17:44 - 000004608 _____ C:\WINDOWS\system32\mispaced.dll
2017-09-21 17:41 - 2017-09-21 17:41 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\jyqtpby3wrp
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cf0aqfn3f2w
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\1yqjmonlcdx
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\2J4S1XCBYH
2017-09-21 17:40 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\0REZPKA8BK
2017-09-21 17:40 - 2017-09-21 17:44 - 000006656 _____ C:\WINDOWS\system32\mispacedx.dll
2017-09-21 17:40 - 2017-09-21 17:40 - 000004608 _____ C:\WINDOWS\SysWOW64\mispaced.dll
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\zh5avmoljgd
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ujkguhy3rb5
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ivuhqdpovve
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TVCTLBBTT8
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\R1VICQWYQE
2017-09-21 17:39 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-09-21 17:39 - 2017-09-21 17:39 - 000140800 _____ C:\Users\Hoshi\AppData\Local\installer.dat
2017-09-21 17:39 - 2017-09-21 17:39 - 000016826 _____ C:\WINDOWS\System32\Tasks\Spin Driver Vuld
2017-09-21 17:39 - 2017-09-21 17:39 - 000011568 _____ C:\Users\Hoshi\AppData\Local\InstallationConfiguration.xml
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\ErrorReporting
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\cl2bnzogg1u
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\53uzogknheg
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\TBUC85W4RM
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files\CARPFHFJOG
2017-09-21 17:38 - 2017-09-21 18:09 - 000000000 ____D C:\Program Files (x86)\SDownloader
2017-09-21 17:35 - 2017-09-21 18:09 - 000000000 ____D C:\Users\Hoshi\AppData\Local\PCBooster
2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\Documents\Aiseesoft Studio
2017-09-21 17:28 - 2017-09-21 17:28 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Aiseesoft Studio
2017-09-21 18:09 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Spin Driver Vuld
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> Keine Datei
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
Task: {25D5A32A-8909-4F96-8028-6E97C19E9277} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3DEA7F3E-A5EB-45F0-9421-D9F66008ED63} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {520A4ED2-9B29-4873-B2CA-FEA9273674C4} - \{4DD1B416-1A2D-4675-A6D6-8083878E9DE3} -> Keine Datei <==== ACHTUNG
Task: {674D3F7E-07C8-42A4-AD10-F21331870E05} - \Red Giant Link -> Keine Datei <==== ACHTUNG
Task: {6A9B91BB-C2E4-43F0-A903-2F8119DDC143} - System32\Tasks\Spin Driver Vuld => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Spin Driver Vuld\Spin Driver Vuld.dll",Nejpqk <==== ACHTUNG
Task: {73233123-6EEE-441F-ACD7-AC9AC6C2D30B} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\Users\\Hoshi\\AppData\\Roaming\\ErrorReporting\\ermgr.exe
Task: {802BD126-ED9C-4502-8D98-7D2D98679DE2} - System32\Tasks\jJKowXmxzIFxIuj2 => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {8A11B9D7-5D1C-41EA-B4D4-112D27F98D33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {97496AF1-1EE8-4D66-924B-88673C3D7419} - System32\Tasks\jJKowXmxzIFxIuj => rundll32 "C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll",#1
Task: {99A9C2AC-D3E0-4337-B0E6-3AFB38E4A179} - System32\Tasks\f371379892038d205abbfa586a4788d0 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1" <==== ACHTUNG
C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1
Task: {B2170479-C9ED-4E5A-BC64-4F7CA71C8180} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B689586B-9669-4E4E-84F2-2174ACB35C72} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CFFD267D-0E96-4AE1-B8E2-62A0C9DF92B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F1879657-BA06-438A-82B8-D2379034C86A} - System32\Tasks\LSjUFtTofwjkxN => rundll32 "C:\Program Files (x86)\ICBaloCIDxXU2\MUWtfQsPOcBXV.dll",#1
Task: {F81964E0-FEBD-4F08-A908-0ED367B4B50C} - System32\Tasks\0z8qp1lfDt => C:\Program Files (x86)\mML019nslc\updengine.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\jJKowXmxzIFxIuj.job => C:\Program Files (x86)\TQoarIXzU\UtQPcX.dll
C:\Program Files (x86)\TQoarIXzU
C:\Program Files (x86)\ICBaloCIDxXU2
AlternateDataStreams: C:\ProgramData\TEMP:98353363 [132]
AlternateDataStreams: C:\Users\Hoshi\AppData\Local\Temp:$DATA [16]
file: C:\Windows\eHome\McrMgr.exe
cmd: dir "C:\Program Files (x86)" /a
cmd: dir "C:\Program Files" /a
cmd: dir "C:\Users\Hoshi\AppData\Roaming" /a
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths
powershell: Get-ChildItem -Path cert:\LocalMachine\Disallowed -recurse | Format-List -Property *
powershell: Get-ChildItem -Path cert:\CurrentUser\Disallowed -recurse | Format-List -Property *
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Policies\Google => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\Windows\CurrentVersion\Run\\4UEZZE426ZCBI5S => Wert erfolgreich entfernt
C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\user.js => erfolgreich verschoben
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
C:\Users\Hoshi\AppData\Roaming\wgfhygzl2oo => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\q1btjxe3pfv => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\ky1ycpizc1m => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\hj44pi4iij1 => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\fslpzvplkzw => erfolgreich verschoben
C:\Program Files\3K1EP8FZTW => erfolgreich verschoben
C:\Program Files\794JJ2L8W9 => erfolgreich verschoben
C:\END => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\xjrqshsfear => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\q1k4v1fzjcg => erfolgreich verschoben
C:\Program Files\WSH55IY5CO => erfolgreich verschoben
C:\Program Files\SUGMCJMJDX => erfolgreich verschoben
C:\Program Files\L4GUFS7VFF => erfolgreich verschoben
C:\Program Files\{E4156CA0-47AD-493C-980B-63E02EA7C93A} => erfolgreich verschoben
C:\Program Files (x86)\{CF160C81-F78D-4A0C-BE47-AF22C8C533BE} => erfolgreich verschoben
"C:\Users\Hoshi\AppData\Local\drtaaf.dll" => nicht gefunden.
C:\Users\Hoshi\ntuser.pol => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\rvv0f2joxp0 => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\hjvjanr5j10 => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\h4hpycpiigw => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\cvmm2xhahv1 => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\aa3cy0c3vrw => erfolgreich verschoben
C:\Program Files\NTLYPTR4F0 => erfolgreich verschoben
C:\WINDOWS\SysWOW64\SSL => erfolgreich verschoben
C:\Users\Hoshi\AppData\Local\AdvinstAnalytics => erfolgreich verschoben
C:\WINDOWS\system32\mispaced.dll => erfolgreich verschoben
C:\Users\Public\Documents\XMUpdate => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\jyqtpby3wrp => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\cf0aqfn3f2w => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\1yqjmonlcdx => erfolgreich verschoben
C:\Program Files\2J4S1XCBYH => erfolgreich verschoben
C:\Program Files\0REZPKA8BK => erfolgreich verschoben
C:\WINDOWS\system32\mispacedx.dll => erfolgreich verschoben
C:\WINDOWS\SysWOW64\mispaced.dll => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\zh5avmoljgd => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\ujkguhy3rb5 => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\ivuhqdpovve => erfolgreich verschoben
C:\Program Files\TVCTLBBTT8 => erfolgreich verschoben
C:\Program Files\R1VICQWYQE => erfolgreich verschoben
"C:\Program Files (x86)\ShutdownTime" => nicht gefunden.
C:\Users\Hoshi\AppData\Local\installer.dat => erfolgreich verschoben
C:\WINDOWS\System32\Tasks\Spin Driver Vuld => erfolgreich verschoben
C:\Users\Hoshi\AppData\Local\InstallationConfiguration.xml => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\ErrorReporting => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\cl2bnzogg1u => erfolgreich verschoben
C:\Users\Hoshi\AppData\Roaming\53uzogknheg => erfolgreich verschoben
C:\Program Files\TBUC85W4RM => erfolgreich verschoben
C:\Program Files\CARPFHFJOG => erfolgreich verschoben
"C:\Program Files (x86)\SDownloader" => nicht gefunden.
C:\Users\Hoshi\AppData\Local\PCBooster => erfolgreich verschoben
C:\Users\Hoshi\Documents\Aiseesoft Studio => erfolgreich verschoben
C:\Users\Hoshi\AppData\Local\Aiseesoft Studio => erfolgreich verschoben
C:\Program Files\Spin Driver Vuld => erfolgreich verschoben
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MRAICQCMenu => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{7C9E7B90-88EC-4852-AC7A-C938268A5D04} => Schlüssel nicht gefunden.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25D5A32A-8909-4F96-8028-6E97C19E9277} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D5A32A-8909-4F96-8028-6E97C19E9277} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DEA7F3E-A5EB-45F0-9421-D9F66008ED63} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DEA7F3E-A5EB-45F0-9421-D9F66008ED63} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{520A4ED2-9B29-4873-B2CA-FEA9273674C4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{520A4ED2-9B29-4873-B2CA-FEA9273674C4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4DD1B416-1A2D-4675-A6D6-8083878E9DE3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{674D3F7E-07C8-42A4-AD10-F21331870E05} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{674D3F7E-07C8-42A4-AD10-F21331870E05} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Red Giant Link => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6A9B91BB-C2E4-43F0-A903-2F8119DDC143} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A9B91BB-C2E4-43F0-A903-2F8119DDC143} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Spin Driver Vuld => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Spin Driver Vuld => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73233123-6EEE-441F-ACD7-AC9AC6C2D30B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73233123-6EEE-441F-ACD7-AC9AC6C2D30B} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\ErrorReporting => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{802BD126-ED9C-4502-8D98-7D2D98679DE2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802BD126-ED9C-4502-8D98-7D2D98679DE2} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\jJKowXmxzIFxIuj2 => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jJKowXmxzIFxIuj2 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A11B9D7-5D1C-41EA-B4D4-112D27F98D33} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A11B9D7-5D1C-41EA-B4D4-112D27F98D33} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97496AF1-1EE8-4D66-924B-88673C3D7419} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97496AF1-1EE8-4D66-924B-88673C3D7419} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\jJKowXmxzIFxIuj => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jJKowXmxzIFxIuj => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99A9C2AC-D3E0-4337-B0E6-3AFB38E4A179} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99A9C2AC-D3E0-4337-B0E6-3AFB38E4A179} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\f371379892038d205abbfa586a4788d0 => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f371379892038d205abbfa586a4788d0 => Schlüssel erfolgreich entfernt
"C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1" => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2170479-C9ED-4E5A-BC64-4F7CA71C8180} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2170479-C9ED-4E5A-BC64-4F7CA71C8180} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B689586B-9669-4E4E-84F2-2174ACB35C72} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B689586B-9669-4E4E-84F2-2174ACB35C72} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFFD267D-0E96-4AE1-B8E2-62A0C9DF92B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFFD267D-0E96-4AE1-B8E2-62A0C9DF92B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1879657-BA06-438A-82B8-D2379034C86A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1879657-BA06-438A-82B8-D2379034C86A} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\LSjUFtTofwjkxN => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LSjUFtTofwjkxN => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F81964E0-FEBD-4F08-A908-0ED367B4B50C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F81964E0-FEBD-4F08-A908-0ED367B4B50C} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\0z8qp1lfDt => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0z8qp1lfDt => Schlüssel erfolgreich entfernt
C:\WINDOWS\Tasks\jJKowXmxzIFxIuj.job => erfolgreich verschoben
"C:\Program Files (x86)\TQoarIXzU" => nicht gefunden.
"C:\Program Files (x86)\ICBaloCIDxXU2" => nicht gefunden.
C:\ProgramData\TEMP => ":98353363" ADS erfolgreich entfernt.
C:\Users\Hoshi\AppData\Local\Temp => ":$DATA" ADS erfolgreich entfernt.
========================= file: C:\Windows\eHome\McrMgr.exe ========================
"C:\Windows\eHome\McrMgr.exe" => nicht gefunden.
====== Ende von File: ======
========= dir "C:\Program Files (x86)" /a =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 3A2A-1B4A
Verzeichnis von C:\Program Files (x86)
23.09.2017 07:15 <DIR> .
23.09.2017 07:15 <DIR> ..
15.03.2017 11:49 <DIR> AC3Filter
02.11.2015 18:18 <DIR> Adobe
12.12.2015 14:27 <DIR> AppInsights
12.09.2017 18:02 <DIR> Battlelog Web Plugins
16.07.2016 15:07 <DIR> Bonjour
18.07.2016 20:03 6.144 com.htc.vive.setup.bilogclient
23.07.2017 12:40 <DIR> Common Files
18.02.2017 07:17 <DIR> CronusPRO
18.03.2017 23:01 174 desktop.ini
19.07.2014 18:25 <DIR> DivX Pro VFW
11.12.2015 15:23 <DIR> Elgato
23.12.2014 13:42 <DIR> Firebird
02.02.2016 18:42 <DIR> FreeCodecPack
31.05.2016 19:06 <DIR> Futuremark
03.07.2015 19:19 <DIR> Google
12.12.2015 13:41 <DIR> GtkSharp
12.09.2017 16:23 <DIR> InstallShield Installation Information
30.09.2016 06:27 <DIR> Intel
13.09.2017 20:58 <DIR> Internet Explorer
10.11.2015 17:51 <DIR> Java
06.08.2016 09:53 <DIR> LAV Filters
23.06.2017 14:30 <DIR> MAGIX
28.03.2016 03:42 <DIR> Malwarebytes Anti-Malware
05.02.2016 19:54 <DIR> Microsoft ASP.NET
07.07.2014 16:52 <DIR> Microsoft CAPICOM 2.1.0.2
20.08.2014 20:45 <DIR> Microsoft Chart Controls
17.07.2015 20:52 <DIR> Microsoft DirectX SDK (June 2010)
07.03.2015 12:44 <DIR> Microsoft Games for Windows - LIVE
12.12.2015 14:12 <DIR> Microsoft Help Viewer
12.12.2015 14:17 <DIR> Microsoft Office365 Tools
12.12.2015 14:28 <DIR> Microsoft SDKs
15.06.2017 07:08 <DIR> Microsoft Silverlight
12.12.2015 14:22 <DIR> Microsoft SQL Server
12.12.2015 14:21 <DIR> Microsoft SQL Server Compact Edition
14.04.2017 09:15 <DIR> Microsoft Visual Studio 12.0
14.04.2017 09:15 <DIR> Microsoft Visual Studio 14.0
12.12.2015 14:30 <DIR> Microsoft Visual Studio Tools for Unity
12.12.2015 14:15 <DIR> Microsoft WCF Data Services
03.05.2014 10:39 <DIR> Microsoft XNA
14.04.2017 09:06 <DIR> Microsoft.NET
21.09.2017 20:24 <DIR> Mozilla Firefox
22.09.2017 06:33 <DIR> Mozilla Maintenance Service
29.03.2017 05:43 <DIR> Mozilla Thunderbird
29.12.2014 22:21 <DIR> Mplayer
14.04.2017 09:06 <DIR> MSBuild
19.09.2016 17:50 <DIR> MSECache
26.08.2015 16:45 <DIR> MSXML 4.0
29.06.2014 13:43 <DIR> Nero
26.12.2014 23:05 <DIR> NETGEAR
18.09.2015 17:50 <DIR> NewBlueFX
20.08.2017 18:50 <DIR> NVIDIA Corporation
05.04.2015 12:07 <DIR> OpenAL
18.03.2014 22:29 <DIR> Realtek
14.04.2017 09:59 <DIR> Reference Assemblies
18.06.2017 12:55 <DIR> Rockstar Games
16.07.2016 18:25 <DIR> Skype
06.08.2016 09:55 <DIR> Stereoscopic Player
20.01.2015 20:14 <DIR> SystemRequirementsLab
18.03.2014 22:30 <DIR> Temp
16.06.2014 19:31 <DIR> Total Immersion
14.04.2017 09:03 <DIR> Uninstall Information
15.11.2015 20:50 <DIR> VB
16.05.2015 09:06 <DIR> VS Revo Group
25.08.2017 14:34 <DIR> VulkanRT
30.12.2014 22:26 <DIR> WestwoodChat
30.12.2014 20:16 <DIR> WestwoodOnline
28.06.2017 06:44 <DIR> Windows Defender
12.12.2015 14:21 <DIR> Windows Kits
13.09.2017 20:58 <DIR> Windows Mail
25.08.2015 18:33 <DIR> Windows Media Components
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
13.09.2017 20:58 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
14.04.2017 09:06 <DIR> Windows Sidebar
18.03.2017 23:03 <DIR> WindowsPowerShell
22.08.2014 20:30 <DIR> Xiph.Org
29.06.2016 18:58 <DIR> XML Notepad 2007
22.08.2014 20:34 <DIR> Xvid
2 Datei(en), 6.318 Bytes
80 Verzeichnis(se), 61.289.345.024 Bytes frei
========= Ende von CMD: =========
========= dir "C:\Program Files" /a =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 3A2A-1B4A
Verzeichnis von C:\Program Files
23.09.2017 07:15 <DIR> .
23.09.2017 07:15 <DIR> ..
29.03.2014 11:47 <DIR> 7-Zip
18.11.2014 19:14 <DIR> AVAST Software
29.07.2016 20:20 <DIR> Bonjour
23.06.2017 15:33 <DIR> Common Files
06.09.2017 06:25 <DIR> DAZ 3D
18.03.2017 23:01 174 desktop.ini
24.08.2017 16:00 <DIR> DIFX
09.04.2016 14:29 <DIR> DVD Maker
11.12.2015 15:23 <DIR> Elgato
15.03.2014 14:09 <JUNCTION> Gemeinsame Dateien [C:\Program Files\Common Files]
28.04.2017 13:37 <DIR> Intel
13.09.2017 20:58 <DIR> Internet Explorer
23.07.2017 12:40 <DIR> Java
26.10.2015 20:03 <DIR> Logitech
19.10.2016 12:33 <DIR> Logitech Gaming Software
14.04.2017 09:06 <DIR> Microsoft Games
15.06.2017 07:08 <DIR> Microsoft Silverlight
12.12.2015 14:22 <DIR> Microsoft SQL Server
12.12.2015 14:21 <DIR> Microsoft SQL Server Compact Edition
12.12.2015 14:14 <DIR> Microsoft Visual Studio 12.0
14.04.2017 09:59 <DIR> MSBuild
23.06.2017 15:33 <DIR> NewBlueFX
20.08.2017 18:50 <DIR> NVIDIA Corporation
15.01.2017 09:21 <DIR> Oculus VR Runtime Drivers
15.03.2014 14:13 <DIR> Qualcomm Atheros
14.04.2017 09:04 <DIR> Realtek
14.04.2017 09:59 <DIR> Reference Assemblies
18.06.2017 12:54 <DIR> Rockstar Games
21.10.2016 21:05 <DIR> SteelSeries
26.05.2014 16:19 <DIR> SteelSeries Engine
13.02.2016 19:26 <DIR> Uninstall Information
13.04.2017 15:08 <DIR> UNP
15.11.2015 20:50 <DIR> VB
12.09.2017 16:44 <DIR> Virtual Desktop
15.03.2014 15:40 <DIR> VLC
28.06.2017 06:44 <DIR> Windows Defender
20.03.2017 06:43 <DIR> Windows Defender Advanced Threat Protection
13.09.2017 20:58 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
14.04.2017 09:15 <DIR> Windows NT
13.09.2017 20:58 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
14.04.2017 09:06 <DIR> Windows Sidebar
23.09.2017 07:04 <DIR> WindowsApps
18.03.2017 23:03 <DIR> WindowsPowerShell
1 Datei(en), 174 Bytes
48 Verzeichnis(se), 61.289.340.928 Bytes frei
========= Ende von CMD: =========
========= dir "C:\Users\Hoshi\AppData\Roaming" /a =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 3A2A-1B4A
Verzeichnis von C:\Users\Hoshi\AppData\Roaming
23.09.2017 07:15 <DIR> .
23.09.2017 07:15 <DIR> ..
25.08.2016 16:21 <DIR> .minecraft
18.04.2016 16:28 <DIR> .mono
02.08.2014 18:45 <DIR> AC3Filter
09.11.2015 17:56 <DIR> Adobe
12.05.2014 16:13 <DIR> Apple Computer
01.12.2014 19:16 <DIR> Arrowhead
14.08.2016 15:08 <DIR> Aspyr Media
18.12.2015 12:38 <DIR> Atari
15.06.2017 18:19 <DIR> Audacity
12.03.2015 19:28 <DIR> Awesomium
24.02.2015 19:38 <DIR> BadFlyInteractive
21.05.2017 16:48 <DIR> Battle.net
28.12.2015 21:09 <DIR> Bioshock2Steam
04.08.2017 14:57 <DIR> BioshockHD
27.12.2015 14:56 297 BreakingPoint_Login.ini
27.12.2015 16:12 1.427 BreakingPoint_Options.ini
29.08.2017 15:23 <DIR> Bungie
19.07.2014 18:26 <DIR> Capcom
10.09.2017 11:30 <DIR> com.nolimitscoaster.nolimits2
13.07.2015 17:26 <DIR> com.ohnoo.Tormentum
11.09.2017 20:25 <DIR> Cronus
28.01.2016 19:25 <DIR> Crystal Dynamics
23.08.2016 08:00 <DIR> CtrlAltStudio Viewer
16.07.2016 15:07 <DIR> Cyberduck
26.08.2017 15:28 <DIR> DAEMON Tools Lite
22.02.2015 20:28 <DIR> DarknessII
12.02.2016 15:05 <DIR> DarkSoulsII
13.04.2016 17:56 <DIR> DarkSoulsIII
06.09.2017 06:26 <DIR> DAZ 3D
04.02.2017 16:43 <DIR> descent-underground-launcher
05.09.2017 18:57 <DIR> discord
07.12.2014 12:41 <DIR> Disney Interactive Studios
29.05.2016 13:05 <DIR> DisneyInteractiveStudios
06.04.2015 20:41 <DIR> Doublefine
13.05.2017 11:26 <DIR> DVDVideoSoft
04.08.2017 13:23 <DIR> electron-quick-start
20.12.2016 20:48 <DIR> Elgato
29.05.2016 10:11 <DIR> Exanima
21.12.2016 20:37 <DIR> fatshark
22.08.2016 19:51 <DIR> FC-VR
26.03.2016 20:52 <DIR> FileZilla
19.07.2017 20:18 <DIR> Firestorm
23.06.2017 19:36 <DIR> Firestorm_x64
31.03.2017 20:17 <DIR> FlacSquisher
18.01.2015 22:30 <DIR> fltk.org
17.11.2016 21:24 <DIR> Frontier Developments
09.11.2015 17:59 <DIR> G4E
09.11.2015 18:15 <DIR> G4EDLC2
24.08.2017 16:01 <DIR> Gaikai
13.05.2015 20:44 <DIR> GameMill Entertainment
30.04.2014 22:48 <DIR> Games
09.10.2015 16:55 <DIR> GetRightToGo
03.06.2017 09:47 <DIR> GHISLER
12.09.2017 18:08 <DIR> Google
06.01.2016 19:27 <DIR> Gyazo
18.08.2016 20:44 <DIR> HandBrake
15.03.2014 19:35 <DIR> HeidiSQL
14.08.2016 16:32 224 highScores.txt
24.08.2014 10:24 <DIR> HomeSheepHome2
20.07.2016 16:57 <DIR> HTC
23.08.2014 19:47 <DIR> ImgBurn
15.03.2014 14:19 <DIR> InstallShield
15.03.2014 14:19 <DIR> Intel Corporation
16.07.2016 15:07 <DIR> iterate_GmbH
16.01.2015 23:51 <DIR> java
05.02.2015 21:16 <DIR> Joymasher
17.08.2014 18:16 <DIR> Kalypso Media
21.09.2015 14:52 99 LauncherSettings_live.cfg
15.03.2014 15:31 <DIR> Logishrd
15.03.2014 15:31 <DIR> Logitech
03.06.2015 19:42 <DIR> LucasArts
15.03.2014 15:18 <DIR> Macromedia
23.06.2017 14:31 <DIR> MAGIX
26.06.2014 18:59 <DIR> Malwarebytes
14.04.2017 09:12 <DIR> Microsoft
29.01.2015 18:32 <DIR> Milestone
15.01.2015 22:23 <DIR> MMFApplications
15.03.2014 14:25 <DIR> Mozilla
29.06.2014 13:44 <DIR> Nero
26.10.2016 20:52 <DIR> NVIDIA
07.08.2017 20:10 <DIR> obs-studio
10.03.2017 21:07 <DIR> Oculus
21.07.2016 19:13 <DIR> OculusClient
13.09.2017 18:10 <DIR> Origin
18.09.2015 17:49 <DIR> proDAD
12.04.2015 20:08 <DIR> QuickScan
17.04.2017 19:34 <DIR> Revive
22.02.2015 20:46 <DIR> ScummVM
25.09.2014 16:48 <DIR> SecondLife
10.05.2014 11:53 <DIR> SecuROM
09.11.2015 18:31 <DIR> Shooter
13.06.2015 14:42 <DIR> silenceofthesleep
18.01.2015 21:14 <DIR> Silverback Productions
18.09.2017 19:11 <DIR> Skype
24.08.2017 16:15 <DIR> Sony Interactive Entertainment Network America LLC
28.05.2017 10:14 <DIR> SpaceEngineers
08.09.2016 19:50 <DIR> Spore
02.02.2017 18:59 <DIR> Spotify
17.09.2016 19:34 <DIR> StarTrekPC
02.09.2014 20:27 <DIR> Steam
06.05.2016 09:29 <DIR> SteelSeries
06.08.2016 09:53 <DIR> Stereoscopic Player
24.04.2014 18:51 <DIR> StunlockStudios
30.08.2015 16:15 <DIR> Sun
16.07.2016 17:40 <DIR> TeamViewer
26.12.2015 22:56 <DIR> The Zombie Infection
21.09.2015 14:43 <DIR> theHunter
21.09.2015 14:44 10.525 TheHunterSettings_live.bin
21.09.2015 14:43 40 TheHunterSettings_steam_live.cfg
21.09.2015 14:40 <DIR> theHunterSteam
15.03.2014 15:14 <DIR> Thunderbird
18.09.2015 18:11 <DIR> Titler
23.12.2015 13:20 <DIR> TLDCEPC
19.09.2017 21:08 <DIR> TS3Client
25.08.2015 18:35 <DIR> Ulead Systems
12.12.2015 14:12 <DIR> Unity
22.09.2017 15:12 <DIR> UseNeXT
13.09.2017 20:00 <DIR> uTorrent
17.08.2014 15:37 <DIR> VBA-M
21.05.2016 19:43 <DIR> Vectec Software
10.07.2017 18:02 <DIR> vice
21.07.2016 06:41 <DIR> Virtual Desktop
22.09.2017 19:04 <DIR> vlc
10.09.2016 14:05 <DIR> VoiceAttack
02.12.2015 22:37 3.317 VoiceMeeterDefault.xml
28.05.2016 22:26 <DIR> Warner Bros. Interactive Entertainment
13.05.2015 20:32 <DIR> Wayforward Technologies
10.09.2016 18:39 <DIR> WEVR
20.10.2015 19:29 <DIR> Winamp
22.09.2017 20:12 <DIR> WingsSaveData
19.03.2014 20:22 <DIR> WinRAR
07.05.2015 17:30 <DIR> Yacht Club Games
7 Datei(en), 15.929 Bytes
127 Verzeichnis(se), 61.289.336.832 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
"C:\WINDOWS\uninstaller.dat"="0"
"C:\WINDOWS\ea25b50d8d77b75b0e1b47872ebc5b38.exe"="0"
"C:\WINDOWS\system32\drivers\ca411eda88aa6e27faf3faffca1124f5.sys"="0"
"C:\Program Files\088195c19b33f61100dd567039f0a39e"="0"
"C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1"="0"
"C:\WINDOWS\f371379892038d205abbfa586a4788d0.xml"="0"
=== Ende von ExportKey ===
========= Get-ChildItem -Path cert:\LocalMachine\Disallowed -recurse | Format-List -Property * =========
========= Ende von Powershell: =========
========= Get-ChildItem -Path cert:\CurrentUser\Disallowed -recurse | Format-List -Property * =========
PSPath : Microsoft.PowerShell.Security\Certificate::CurrentUser\Disallowed\9AAF24A4D6CA8CCDF64BBF916C
BC77512A9B0CA7
PSParentPath : Microsoft.PowerShell.Security\Certificate::CurrentUser\Disallowed
PSChildName : 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7
PSDrive : Cert
PSProvider : Microsoft.PowerShell.Security\Certificate
PSIsContainer : False
EnhancedKeyUsageList : {Codesignatur (1.3.6.1.5.5.7.3.3)}
DnsNameList : {Adobe Systems Incorporated}
SendAsTrustedIssuer : False
EnrollmentPolicyEndPoint : Microsoft.CertificateServices.Commands.EnrollmentEndPointProperty
EnrollmentServerEndPoint : Microsoft.CertificateServices.Commands.EnrollmentEndPointProperty
PolicyId :
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid,
System.Security.Cryptography.Oid, System.Security.Cryptography.Oid...}
FriendlyName :
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 08.01.2016 00:59:59
NotBefore : 14.01.2014 01:00:00
HasPrivateKey : False
PrivateKey :
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 5, 140...}
SerialNumber : 50ED674255614BF4ED3ED423CC93CA7D
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7
Version : 3
Handle : 2233233856608
Issuer : CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network,
O=Symantec Corporation, C=US
Subject : CN=Adobe Systems Incorporated, OU=Flash Player, O=Adobe Systems Incorporated, L=San Jose,
S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization,
OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
========= Ende von Powershell: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 174966436 B
Java, Flash, Steam htmlcache => 201382972 B
Windows/system/drivers => 51147575 B
Edge => 199 B
Chrome => 457020665 B
Firefox => 136540474 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 8162 B
NetworkService => 15359270 B
Hoshi => 1493389560 B
Mcx1-HOSHI-PC => 51481 B
OVRLibraryService => 33058 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 07:16:07 ====
|
|
23.09.2017, 06:21
| #9 |
| | Windows 10 64bit : Verdacht auf Maleware frst Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2017
durchgeführt von Hoshi (Administrator) auf HOSHI-PC (23-09-2017 07:18:50)
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Oculus VR) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify Web Helper] => C:\Users\Hoshi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify] => C:\Users\Hoshi\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{44eab3ff-54e7-4179-9334-818557caa181}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48087fcf-0f34-473d-98e4-623094e6d179}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{50f0966d-4c38-4772-9bc1-2e04e25500e9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53270d60-5f82-4144-bb10-31c955cd1d24}: [DhcpNameServer] 192.168.42.129
ManualProxies:
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2016-01-18] (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF DefaultProfile: v835n1d8.default-1416499139358
FF ProfilePath: C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 [2017-09-23]
FF Homepage: Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 -> www.google.de
FF Extension: (MEGA) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\firefox@mega.co.nz.xpi [2017-09-21]
FF Extension: (FlashDisable) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2017-04-10]
FF Extension: (NoScript) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-12]
FF Extension: (Video DownloadHelper) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Bitdefender QuickScan) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-09-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2014-04-21] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1299527896-1211748070-1707534253-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hoshi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-09-21]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default [2017-09-23]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)
S3 GalaxyClientService; D:\Games\GalaxyClient\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-07] (GOG.com)
S4 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts)
S2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [2977640 2017-09-12] (Electronic Arts)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [207656 2016-12-13] (Oculus VR, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [470480 2016-12-13] (Oculus VR)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-07-26] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-09-12] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies)
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2017-05-06] (Broadcom Corporation.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2017-05-25] (Disc Soft Ltd)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-11-09] () [Datei ist nicht signiert]
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-15] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U4 aspnet_state; kein ImagePath
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-23 07:15 - 2017-09-23 07:16 - 000042987 _____ C:\Users\Hoshi\Desktop\Fixlog.txt
2017-09-23 07:15 - 2017-09-23 07:15 - 000000000 ____D C:\Users\Hoshi\Desktop\FRST-OlderVersion
2017-09-22 20:01 - 2017-09-22 20:01 - 000000955 _____ C:\Users\Public\Desktop\Wings! Remastered.lnk
2017-09-22 20:01 - 2017-09-22 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wings! Remastered [GOG.com]
2017-09-22 15:45 - 2017-09-22 15:45 - 000070612 _____ C:\Users\Hoshi\Downloads\2a29ca61-d44f-4702-ada1-a5202ddde7c8.tmp
2017-09-22 15:14 - 2017-09-22 15:15 - 039468304 _____ (Microsoft Corporation) C:\Users\Hoshi\Downloads\mpas-feX64.exe
2017-09-22 06:19 - 2017-09-23 07:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-22 06:18 - 2017-09-22 19:58 - 000000000 ____D C:\Users\Hoshi\Desktop\mbar
2017-09-22 06:17 - 2017-09-22 06:17 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Hoshi\Downloads\mbar-1.09.3.1001.exe
2017-09-21 20:32 - 2017-09-21 20:32 - 000539414 _____ C:\Users\Hoshi\Desktop\Defender.txt
2017-09-21 20:25 - 2017-09-21 20:25 - 000245912 _____ (Mozilla) C:\Users\Hoshi\Downloads\Firefox Installer.exe
2017-09-21 20:23 - 2017-09-21 20:23 - 000251110 _____ C:\Users\Hoshi\Desktop\bookmarks-2017-09-21.json
2017-09-21 18:47 - 2017-09-21 18:47 - 000001279 _____ C:\Users\Hoshi\Desktop\mbam.txt
2017-09-21 18:39 - 2017-09-23 07:19 - 000022065 _____ C:\Users\Hoshi\Desktop\FRST.txt
2017-09-21 18:39 - 2017-09-23 07:18 - 000000000 ____D C:\FRST
2017-09-21 18:39 - 2017-09-21 18:39 - 000148672 _____ C:\Users\Hoshi\Desktop\Addition.txt
2017-09-21 18:37 - 2017-09-23 07:15 - 002399744 _____ (Farbar) C:\Users\Hoshi\Desktop\FRST64.exe
2017-09-21 17:49 - 2017-09-21 18:32 - 000465324 _____ C:\WINDOWS\ntbtlog.txt
2017-09-21 17:49 - 2017-09-21 18:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-21 17:45 - 2017-09-21 17:45 - 000024658 _____ C:\WINDOWS\System32\Tasks\{79097F47-7A7D-0904-0B11-0F04040D1179}
2017-09-21 17:42 - 2017-09-21 17:47 - 000003286 _____ C:\WINDOWS\System32\Tasks\088195c19b33f61100dd567039f0a39e
2017-09-20 22:10 - 2017-09-20 22:10 - 000051624 _____ C:\WINDOWS\uninstaller.dat
2017-09-20 16:59 - 2017-09-20 17:01 - 004204032 _____ (crosire) C:\Users\Hoshi\Desktop\ReShade.exe
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ C:\Users\Hoshi\AppData\Local\recently-used.xbel
2017-09-19 16:48 - 2017-09-19 16:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-09-18 17:33 - 2017-09-18 17:33 - 000000098 _____ C:\WINDOWS\SysWOW64\QuickTime.qtp
2017-09-18 17:33 - 2017-09-18 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2017-09-18 17:33 - 1999-07-13 20:02 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32qt.exe
2017-09-18 17:32 - 2017-09-18 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Time
2017-09-18 16:49 - 2017-09-19 19:20 - 000000000 ____D C:\Users\Hoshi\Documents\Project CARS
2017-09-18 16:49 - 2017-09-18 16:49 - 000000000 ____D C:\Users\Hoshi\Documents\wmd_symbol_cache
2017-09-17 20:26 - 2017-09-17 20:49 - 000000065 _____ C:\Users\Hoshi\Desktop\SL Foto Termine!.txt
2017-09-17 10:27 - 2017-09-17 10:29 - 021643807 _____ C:\Users\Hoshi\Desktop\Sound Fix v1.4.3.rar
2017-09-17 10:27 - 2017-09-17 10:28 - 021697338 _____ C:\Users\Hoshi\Desktop\Jaguar XJ220 v1.3.rar
2017-09-17 08:52 - 2017-09-17 09:35 - 000000000 ____D C:\Users\Hoshi\Documents\Assetto Corsa
2017-09-16 14:13 - 2017-09-16 14:13 - 000000000 ____D C:\Users\Hoshi\Desktop\Posen
2017-09-15 20:18 - 2017-09-15 20:21 - 000000000 ____D C:\Users\Hoshi\Documents\MindShow
2017-09-15 20:13 - 2017-09-15 20:13 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Mindshow
2017-09-15 19:43 - 2017-09-15 19:43 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Against Gravity
2017-09-15 15:52 - 2017-09-15 15:52 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Stress Level Zero
2017-09-13 20:38 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 20:38 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 20:38 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 20:38 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-13 20:38 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-13 20:38 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-13 20:38 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 20:38 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-13 20:38 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 20:38 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 20:38 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-13 20:38 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 20:38 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 20:38 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 20:38 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 20:38 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-13 20:38 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 20:38 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-13 20:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 20:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 20:34 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 20:34 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 20:34 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 20:34 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 20:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 20:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 20:33 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 20:33 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 20:33 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 20:33 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 20:33 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 20:33 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 20:33 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 20:33 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 20:33 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 20:33 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 20:33 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 20:33 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 20:33 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 20:33 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 20:33 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 20:33 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-13 20:33 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 20:33 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 20:33 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 20:33 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 20:33 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 20:33 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 20:33 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 20:32 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 20:32 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 20:32 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 20:32 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 20:32 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 20:32 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 20:32 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 20:32 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 20:32 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 20:32 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 20:32 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 20:32 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 20:32 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 20:32 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 20:32 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 20:32 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 20:32 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 20:32 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 20:32 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 20:32 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 20:32 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 20:32 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 20:32 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-09-13 20:32 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 20:32 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 20:32 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 20:32 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 20:31 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-13 20:31 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 20:31 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 20:31 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 20:31 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 20:31 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 20:31 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 20:31 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 20:31 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 20:31 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 20:31 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 20:31 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 20:31 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 20:31 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 20:31 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 20:30 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 19:33 - 2017-09-13 19:33 - 000000000 ____D C:\temp
2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Google
2017-09-12 16:44 - 2017-09-12 18:32 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-09-12 16:44 - 2017-09-12 16:44 - 000000000 ____D C:\Program Files\Virtual Desktop
2017-09-10 10:52 - 2017-09-10 11:30 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\Users\Hoshi\Documents\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\ProgramData\com.nolimitscoaster.nolimits2
2017-09-09 17:16 - 2017-09-09 17:16 - 000000000 ____D C:\Users\Hoshi\AppData\Local\E1
2017-09-09 13:53 - 2017-09-09 13:53 - 000000000 ____D C:\Users\Hoshi\M210Projects
2017-09-09 13:28 - 2017-09-09 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood [GOG.com]
2017-09-09 11:09 - 2017-09-09 11:34 - 000000000 ____D C:\Users\Hoshi\Desktop\Aufnahme Vorlagen
2017-09-09 09:04 - 2017-09-09 09:05 - 000000024 _____ C:\Users\Hoshi\Desktop\SL Hud verstecken.txt
2017-09-08 19:08 - 2017-09-08 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima series
2017-09-08 18:14 - 2017-09-08 18:14 - 000000000 ____D C:\Users\Hoshi\AppData\Local\DarkSoulsMapViewer
2017-09-08 17:54 - 2017-09-08 17:54 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Citor3 Entertainment Studio Oy
2017-09-08 17:40 - 2017-09-08 17:40 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\STUDIO MORI
2017-09-08 12:24 - 2017-09-08 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clive Barkers Undying [GOG.com]
2017-09-08 09:09 - 2017-09-08 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Suffering [GOG.com]
2017-09-07 11:18 - 2017-09-07 11:18 - 000003908 _____ C:\WINDOWS\SysWOW64\ST5UNST.003
2017-09-07 11:18 - 2017-09-07 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlaws [GOG.com]
2017-09-07 10:10 - 2017-09-07 10:11 - 000096730 _____ C:\WINDOWS\TRON 2.0 Killer App Mod Uninstall Log.txt
2017-09-06 15:55 - 2017-09-06 15:55 - 000001151 _____ C:\Users\Hoshi\Desktop\DTLite.exe - Verknüpfung.lnk
2017-09-06 15:03 - 2017-09-06 15:57 - 000000000 ____D C:\Users\Hoshi\Documents\OpenRA
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\Documents\DAZ 3D
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\ProgramData\DAZ 3D
2017-09-06 06:25 - 2017-09-06 06:25 - 000000979 _____ C:\Users\Hoshi\Desktop\DAZ Studio 4.9 (64-bit).lnk
2017-09-06 06:25 - 2017-09-06 06:25 - 000000000 ____D C:\Program Files\DAZ 3D
2017-09-05 20:22 - 2017-09-06 11:48 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2017-09-05 20:20 - 2017-09-05 20:20 - 000000000 ____D C:\Users\Public\Documents\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:25 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2017-09-05 20:19 - 2017-09-05 20:19 - 000000949 _____ C:\Users\Hoshi\Desktop\DAZ Install Manager.lnk
2017-09-05 18:57 - 2017-09-05 18:57 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-09-05 18:55 - 2017-09-05 18:55 - 000000279 _____ C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk
2017-09-05 17:50 - 2017-09-05 17:50 - 000001106 _____ C:\Users\Hoshi\Desktop\dosbox.exe - Verknüpfung.lnk
2017-09-01 19:29 - 2017-09-05 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MadOnion.com
2017-08-31 17:51 - 2017-08-31 17:51 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Lighthouse Games Studio
2017-08-29 15:23 - 2017-08-29 15:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Bungie
2017-08-28 17:33 - 2017-08-28 17:33 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemur
2017-08-26 15:31 - 2017-08-26 15:31 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Acid Wizard Studio
2017-08-25 14:34 - 2017-08-22 00:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-25 14:34 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-08-25 14:33 - 2017-08-22 03:01 - 040240248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 035924600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 029019072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 023132184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 018849456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 012225984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 011692344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 010072768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 004162496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 003712024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 003590592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001292096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001289840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001008816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001007280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000690320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000617232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-08-24 16:01 - 2017-08-24 16:01 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Gaikai
2017-08-24 16:00 - 2017-08-24 16:15 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Sony Interactive Entertainment Network America LLC
2017-08-24 16:00 - 2017-08-24 16:00 - 000000000 ____D C:\Program Files\DIFX
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-23 07:16 - 2017-04-14 09:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-23 07:16 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-23 07:16 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-23 07:15 - 2017-04-14 09:04 - 000000000 ____D C:\Users\Hoshi
2017-09-23 07:15 - 2016-06-05 13:41 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Temp
2017-09-23 07:04 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-23 07:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-22 20:12 - 2016-07-03 18:13 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\WingsSaveData
2017-09-22 19:49 - 2014-06-26 18:59 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-22 19:48 - 2014-06-26 18:59 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-09-22 19:12 - 2017-04-14 09:17 - 006609404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 19:12 - 2017-03-20 06:41 - 003329646 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-22 19:12 - 2017-03-20 06:41 - 000899882 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-22 19:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Performance
2017-09-22 19:04 - 2014-03-19 20:22 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\vlc
2017-09-22 17:45 - 2017-04-14 09:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-22 15:43 - 2015-11-17 21:12 - 000000000 ____D C:\Users\Hoshi\AppData\Local\CrashDumps
2017-09-22 15:12 - 2014-03-15 16:33 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\UseNeXT
2017-09-22 06:47 - 2017-04-14 09:13 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{91BA399B-E431-49C7-9B9A-A968D8719897}
2017-09-22 06:33 - 2014-03-15 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-22 06:17 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-22 05:15 - 2014-11-13 05:39 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-09-21 20:24 - 2016-03-19 10:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-21 18:54 - 2015-06-21 13:23 - 000000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP
2017-09-21 18:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-09-21 18:17 - 2015-01-30 20:17 - 000000306 __RSH C:\ProgramData\ntuser.pol
2017-09-21 18:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-09-21 17:40 - 2017-04-14 09:13 - 000003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-21 17:40 - 2017-04-14 09:13 - 000003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-21 17:40 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-20 16:33 - 2014-12-06 17:48 - 000000000 ____D C:\Users\Hoshi\AppData\Local\gtk-2.0
2017-09-20 16:33 - 2014-12-06 17:39 - 000000000 ____D C:\Users\Hoshi\.gimp-2.8
2017-09-19 21:08 - 2014-03-30 14:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\TS3Client
2017-09-18 19:11 - 2014-03-15 15:32 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Skype
2017-09-18 18:19 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Programme
2017-09-18 17:35 - 2015-12-13 09:21 - 000000000 ____D C:\Users\Hoshi\AppData\Local\ElevatedDiagnostics
2017-09-18 17:33 - 2014-05-11 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-09-16 14:13 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Games
2017-09-15 18:27 - 2017-05-21 16:47 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Battle.net
2017-09-14 17:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-14 06:10 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-14 06:09 - 2017-04-14 09:03 - 005290080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 20:58 - 2017-03-20 06:41 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 20:57 - 2017-04-29 07:35 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Mixxx
2017-09-13 20:57 - 2014-03-15 15:20 - 000000000 ____D C:\ProgramData\Origin
2017-09-13 20:44 - 2014-03-15 17:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 20:43 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 20:43 - 2014-03-15 17:02 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 20:00 - 2014-03-19 18:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\uTorrent
2017-09-13 19:33 - 2016-10-01 09:25 - 000000000 ____D C:\Games
2017-09-13 18:10 - 2016-06-05 13:48 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Origin
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 18:32 - 2014-05-17 19:23 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-09-12 18:31 - 2014-03-15 16:03 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-09-12 18:16 - 2015-07-03 19:19 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Google
2017-09-12 18:02 - 2014-03-15 16:03 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-09-12 16:23 - 2014-03-15 14:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-12 16:23 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-11 20:25 - 2017-02-18 07:18 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Cronus
2017-09-10 19:43 - 2015-05-20 17:19 - 000000000 ____D C:\Users\Hoshi\Documents\The Witcher 3
2017-09-09 19:09 - 2014-03-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-09 19:09 - 2014-03-15 16:03 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-07 11:18 - 2016-04-16 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Gold [GOG.com]
2017-09-07 11:18 - 2014-06-16 17:24 - 000000390 _____ C:\WINDOWS\SysWOW64\ilent
2017-09-07 11:17 - 2017-07-18 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F.E.A.R. Platinum Collection [GOG.com]
2017-09-07 11:17 - 2016-12-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage [GOG.com]
2017-09-05 18:57 - 2017-05-23 16:41 - 000002237 _____ C:\Users\Hoshi\Desktop\Discord.lnk
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\discord
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Discord
2017-09-05 18:46 - 2017-07-16 08:25 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Thunder Lotus Games
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-30 19:57 - 2015-11-02 18:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 05:56 - 2015-07-03 19:19 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 18:17 - 2017-07-19 20:18 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Firestorm
2017-08-26 15:28 - 2017-05-25 16:10 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAEMON Tools Lite
2017-08-25 15:05 - 2014-03-22 15:08 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Blizzard Entertainment
2017-08-25 14:35 - 2017-04-14 09:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-25 14:35 - 2016-07-07 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-25 14:34 - 2016-03-19 18:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-07-18 20:03 - 2016-07-18 20:03 - 000006144 _____ () C:\Program Files (x86)\com.htc.vive.setup.bilogclient
2015-12-26 23:05 - 2015-12-27 14:56 - 000000297 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Login.ini
2015-12-26 23:06 - 2015-12-27 16:12 - 000001427 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Options.ini
2016-08-14 16:25 - 2016-08-14 16:32 - 000000224 _____ () C:\Users\Hoshi\AppData\Roaming\highScores.txt
2015-09-21 14:52 - 2015-09-21 14:52 - 000000099 _____ () C:\Users\Hoshi\AppData\Roaming\LauncherSettings_live.cfg
2015-09-21 14:44 - 2015-09-21 14:44 - 000010525 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_live.bin
2015-09-21 14:43 - 2015-09-21 14:43 - 000000040 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-11-15 21:03 - 2015-12-02 22:37 - 000003317 _____ () C:\Users\Hoshi\AppData\Roaming\VoiceMeeterDefault.xml
2015-01-30 20:11 - 2016-12-03 10:20 - 000010752 _____ () C:\Users\Hoshi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-19 11:53 - 2016-10-19 11:53 - 000000291 _____ () C:\Users\Hoshi\AppData\Local\ledConfiguration.config
2016-10-19 11:53 - 2016-12-25 12:58 - 000000737 _____ () C:\Users\Hoshi\AppData\Local\NvidiaLEDVisualizer.config
2016-03-15 17:36 - 2016-03-26 20:52 - 000000600 _____ () C:\Users\Hoshi\AppData\Local\PUTTY.RND
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ () C:\Users\Hoshi\AppData\Local\recently-used.xbel
2016-07-31 13:54 - 2017-04-02 16:11 - 000007659 _____ () C:\Users\Hoshi\AppData\Local\Resmon.ResmonCfg
2014-12-23 13:43 - 2014-12-23 13:43 - 000004999 _____ () C:\ProgramData\auqrgqib.ttw
2017-04-14 09:04 - 2017-04-14 09:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-04 09:56 - 2017-05-04 18:25 - 000000257 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-04-08 22:13 - 2017-04-08 22:13 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-15 14:00
==================== Ende von FRST.txt ============================
|
|
23.09.2017, 06:22
| #10 |
| | Windows 10 64bit : Verdacht auf Maleware addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-09-2017
durchgeführt von Hoshi (23-09-2017 07:19:14)
Gestartet von C:\Users\Hoshi\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-14 07:15:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1299527896-1211748070-1707534253-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1299527896-1211748070-1707534253-503 - Limited - Disabled)
Gast (S-1-5-21-1299527896-1211748070-1707534253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1299527896-1211748070-1707534253-1002 - Limited - Enabled)
Hoshi (S-1-5-21-1299527896-1211748070-1707534253-1000 - Administrator - Enabled) => C:\Users\Hoshi
Mcx1-HOSHI-PC (S-1-5-21-1299527896-1211748070-1707534253-1005 - Limited - Enabled) => C:\Users\Mcx1-HOSHI-PC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Chair in a Room: Greenwater (HKLM\...\Steam App 427760) (Version: - Wolf & Wood Interactive Ltd)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{151974E9-9B16-47DC-8B57-5684A1E42127}) (Version: 12.1.1.151 - Adobe Systems, Inc)
Aeon (HKLM\...\Steam App 543390) (Version: - Illusion Ranger)
Agents of Mayhem (HKLM\...\Steam App 304530) (Version: - Deep Silver Volition)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
American Truck Simulator (HKLM\...\Steam App 270880) (Version: - SCS Software)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{AFADB5DC-3ABC-421F-9DAD-BDABE511258B}) (Version: 4.0.51117.1 - Microsoft Corporation)
Arizona Sunshine (HKLM\...\Steam App 342180) (Version: - Vertigo Games)
Art of Fight (HKLM\...\Steam App 531270) (Version: - Raptor-Lab)
Assetto Corsa (HKLM\...\Steam App 244210) (Version: - Kunos Simulazioni)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos)
Axiom Verge (HKLM\...\Steam App 332200) (Version: - Thomas Happ Games LLC)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Battlezone (HKLM\...\Steam App 312650) (Version: - Rebellion)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
Bullets And More VR - BAM VR (HKLM\...\Steam App 525640) (Version: - Koenigz)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version: - Infinity Ward)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version: - )
Clive Barker's Undying (HKLM-x32\...\1207659191_is1) (Version: 2.1.0.9 - GOG.com)
Cloudlands : VR Minigolf (HKLM\...\Steam App 425720) (Version: - Futuretown)
Cmoar VR Cinema (HKLM\...\Steam App 527160) (Version: - Cmoar Studio)
Comedy Night (HKLM\...\Steam App 665360) (Version: - Lighthouse Games Studio)
Conan Exiles (HKLM\...\Steam App 440900) (Version: - Funcom)
Conarium (HKLM\...\Steam App 313780) (Version: - Zoetrope Interactive)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH)
CoolSoft VirtualMIDISynth 1.14.1 (HKLM-x32\...\CoolSoft VirtualMIDISynth) (Version: 1.14.1.0 - CoolSoft)
Cronus PRO 1.20 (HKLM-x32\...\Cronus PRO) (Version: 1.20 - CronusMAX Team)
CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.6.43412 - CtrlAltStudio)
Cyberduck (HKLM-x32\...\{27F61226-4F73-4617-BEDF-DBCB5C6D35D3}) (Version: 5.0.3.20504 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{be4c3b9a-7362-4e8b-a310-225db8ff97d6}) (Version: 5.0.3.20504 - iterate GmbH)
Dangerous Golf (HKLM\...\Steam App 405500) (Version: - Three Fields Entertainment)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version: - Double Fine Productions)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.71) (Version: 1.1.0.71 - DAZ 3D)
Dead Effect 2 VR (HKLM\...\Steam App 646200) (Version: - BadFly Interactive, a.s.)
DeliPlayer (HKLM-x32\...\DeliPlayer2) (Version: - )
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Discord (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
DOOM (HKLM\...\Steam App 379720) (Version: - id Software)
Dotfuscator and Analytics Community Edition 5.19.0 (HKLM-x32\...\{4C5B1DD0-7E8E-4972-9247-818E6D030552}) (Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Duck Season (HKLM\...\Steam App 503580) (Version: - Stress Level Zero)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version: - Frontier Developments)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
EVERSPACE™ (HKLM\...\Steam App 396750) (Version: - ROCKFISH Games)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.6 - GOG.com)
Fast Action Hero (HKLM\...\Steam App 534000) (Version: - Sirius Sam)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firestorm-Release (HKLM-x32\...\Firestorm-Release) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.1.119 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.21.610 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Full Throttle Remastered (HKLM\...\Steam App 228360) (Version: - Double Fine Productions)
Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)
G4E (HKLM-x32\...\{D42540BE-EB5A-9420-8101-6D87DCDACD9E}) (Version: 1.7 - UNKNOWN) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.7 - UNKNOWN)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Games (HKLM\...\{55956d7b-35e0-49fa-8343-7adc8e1eb34b}.sdb) (Version: - )
Ghost of a Tale (HKLM\...\Steam App 417290) (Version: - SeithCG)
Ghost Town Mine Ride & Shootin' Gallery (HKLM\...\Steam App 459010) (Version: - Spectral Illusions)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth VR (HKLM\...\Steam App 348250) (Version: - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GORN (HKLM\...\Steam App 578620) (Version: - Free Lives)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HCS VoicePacks Deutsch AURORA version 2.0 (HKLM-x32\...\{D53FEFBB-C717-403A-8246-D8F2BFC507DA}_is1) (Version: 2.0 - HCS VoicePacks Ltd)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version: - Ninja Theory)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games)
ILLUSION HoneySelect (HKLM-x32\...\{1F709DAC-507B-47DA-B04F-367EF5AA20B4}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
INSIDE (HKLM\...\Steam App 304430) (Version: - Playdead)
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Island 359 (HKLM\...\Steam App 476700) (Version: - CloudGate Studio, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Job Simulator (HKLM\...\Steam App 448280) (Version: - Owlchemy Labs)
John Wick Chronicles (HKLM\...\Steam App 382360) (Version: - Starbreeze Studios)
Karnage Chronicles (HKLM\...\Steam App 611160) (Version: - Nordic Trolls)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.66 (HKLM-x32\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes)
Layers of Fear (HKLM-x32\...\Steam App 391720) (Version: - Bloober Team SA)
Lethal VR (HKLM\...\Steam App 532270) (Version: - Three Fields Entertainment)
Lethe - Episode One (HKLM\...\Steam App 407780) (Version: - KoukouStudios)
Lockdown: Stand Alone (HKLM\...\Steam App 513270) (Version: - Viversion)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MAGIX Common Components 1 (HKLM-x32\...\{7A8B2204-574B-42A2-A3DC-52AE142D197F}) (Version: 1.2.0.0 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fonts Package 1 (HKLM-x32\...\{3859AC53-3C30-4885-AA6B-5DAC442AC871}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fonts Package 2 (HKLM-x32\...\{BCE30F6A-D172-4A2A-94FC-65B6749FDBC7}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM\...\{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{81F7511B-CB79-40CB-B173-35292038A84D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\MX.{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\MX.{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\MX.{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\MX.{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{310EA489-7C68-407E-A246-D600398647F8}) (Version: 15.0.0.107 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{7751963F-7D88-4626-BEFE-9A848F7400B4}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{AA6874A6-C7EB-42D5-B434-A86B75E00F32}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{D02B20D4-DA3E-4542-ADFD-D2B0BC8A1E84}) (Version: 15.0.0.102 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\MX.{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\MX.{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\MX.{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MakeMKV v1.10.2 (HKLM-x32\...\MakeMKV) (Version: v1.10.2 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel's Guardians of the Galaxy: The Telltale Series (HKLM\...\Steam App 579950) (Version: - Telltale Games)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.8 - Electronic Arts)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62607.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62607.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindshow (HKLM\...\Steam App 382000) (Version: - Mindshow, Inc.)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Monster Maze VR (HKLM\...\Steam App 543600) (Version: - 4 Fun Studio)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{FA0599C5-C083-41BE-8AEA-E8EB9070D128}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{6B088B33-748B-4AFD-B6D1-841F298B5D52}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
My Game Long Name (HKLM\...\UDK-6a43523d-137c-4ffe-8432-fea0f9ad936e) (Version: - Epic Games, Inc.)
Nature Treks VR (HKLM\...\Steam App 587580) (Version: - John Carline)
Nero Burning ROM 2014 (HKLM-x32\...\{AB51F94A-8AA0-4F96-81B1-0446BA681083}) (Version: 15.0.02700 - Nero AG)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version: - Infinitap Games)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NewBlue Titler Pro Express For Magix (HKLM\...\NewBlue Titler Pro Express For Magix) (Version: 1.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
nGlide 1.03 (HKLM-x32\...\nGlide) (Version: 1.03 - Zeus Software)
NightCry (HKLM\...\Steam App 427660) (Version: - Nude Maker)
Nock: Hidden Arrow (HKLM\...\Steam App 525210) (Version: - CodeBison Games)
NoLimits 2 Roller Coaster Simulation (HKLM\...\Steam App 301320) (Version: - Ole Lange)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.0 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Observer (HKLM\...\Steam App 514900) (Version: - Bloober Team SA)
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM\...\{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM\...\{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM\...\{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 2.1.0.24 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outlast 2 (HKLM\...\Steam App 414700) (Version: - Red Barrels)
Outlaws (HKLM-x32\...\1425302464_is1) (Version: 2.1.0.11 - GOG.com)
Overload (HKLM\...\Steam App 448850) (Version: - Revival Productions, LLC)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paranormal Activity: The Lost Soul (HKLM\...\Steam App 467660) (Version: - VRWERX)
Pavlov VR (HKLM\...\Steam App 555160) (Version: - davevillz)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version: - Frictional Games)
Pierhead Arcade (HKLM\...\Steam App 435490) (Version: - Mechabit Ltd)
Planet Coaster (HKLM\...\Steam App 493340) (Version: - Frontier Developments)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
Pool Nation VR (HKLM\...\Steam App 269170) (Version: - Cherry Pop Games)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Prey (HKLM\...\Steam App 480490) (Version: - Arkane Studios)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PS4 Remote Play (HKLM-x32\...\{079C8DC3-767F-46CF-B871-14D21FCC2890}) (Version: 2.0.0.02211 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Quantum Break (HKLM\...\Steam App 474960) (Version: - Remedy Entertainment)
Quell 4D (HKLM\...\Steam App 534230) (Version: - Rubycone)
Quest 5.6.1 (HKLM-x32\...\Quest_is1) (Version: 5.6.1 - Alex Warren)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Raw Data (HKLM\...\Steam App 436320) (Version: - Survios)
Realms of the Haunting (HKLM-x32\...\Realms of the Haunting_is1) (Version: - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Rec Room (HKLM\...\Steam App 471710) (Version: - Against Gravity)
Redneck Rampage Collection (HKLM-x32\...\1207658674_is1) (Version: 2.1.0.12 - GOG.com)
Redout (HKLM\...\Steam App 517710) (Version: - 34BigThings srl)
Resident Evil: Operation Raccoon City (HKLM-x32\...\{43430FA1-388E-4359-A6DB-DA1000048401}) (Version: 1.0.0004.132 - CAPCOM U.S.A, INC) Hidden
Return to Castle Wolfenstein (HKLM-x32\...\1441704976_is1) (Version: 2.0.0.2 - GOG.com)
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
Rez Infinite (HKLM\...\Steam App 636450) (Version: - Monstars Inc.)
Rick and Morty: Virtual Rick-ality (HKLM\...\Steam App 469610) (Version: - Owlchemy Labs)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rising Storm 2: Vietnam (HKLM\...\Steam App 418460) (Version: - Antimatter Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Roslyn Language Services - x86 (HKLM-x32\...\{6A7F37C9-1E37-3A9A-93D4-09BBEB4BD343}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Saints Row: The Third (HKLM\...\Steam App 55230) (Version: - Volition)
Secret World Legends (HKLM\...\Steam App 215280) (Version: - Funcom)
Serious Sam VR: The First Encounter (HKLM\...\Steam App 552450) (Version: - Croteam VR)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version: - Flying Wild Hog)
SHOUTcast DNAS (remove only) (HKLM-x32\...\SCDNAS) (Version: - )
Sin (HKLM-x32\...\Sin) (Version: - )
Sin Gold (HKLM-x32\...\GOGPACKSINGOLD_is1) (Version: 2.0.0.9 - GOG.com)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SlimDX Redistributable (June 2010) (HKLM-x32\...\{354D00E0-C7C9-4BC1-BC12-08C4977AA827}) (Version: 2.0.10.43 - SlimDX Group)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Soldier of Fortune - Community Edition 6.1 (HKLM-x32\...\Soldier of Fortune - Community Edition 6.1) (Version: - )
Sonic Mania (HKLM\...\Steam App 584400) (Version: - Christian Whitehead)
Soundscape VR (HKLM\...\Steam App 636930) (Version: - Groove Science)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version: - )
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version: - Streum On Studio)
Spirits of Xanadu (HKLM-x32\...\Steam App 312230) (Version: - Good Morning, Commander)
Spotify (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Battlefront™ II Closed Alpha (HKLM-x32\...\{d32f9b53-3a06-4720-bc64-c56f0fe8256a}) (Version: 1.0.0.0 - Electronic Arts)
STASIS (HKLM\...\Steam App 380150) (Version: - THE BROTHERHOOD)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteamDolls VR Demo (HKLM\...\Steam App 528690) (Version: - The Shady Gentlemen)
STRAFE® (HKLM\...\Steam App 442780) (Version: - Pixel Titans)
Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version: - Rogue Entertainment)
SUPERHOT VR (HKLM\...\Steam App 617830) (Version: - SUPERHOT Team)
SVRVIVE: The Deus Helix (HKLM\...\Steam App 509540) (Version: - SVRVIVE Studios)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
System Shock 2 (HKLM\...\Steam App 238210) (Version: - Irrational Games)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version: - Telltale Games)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{48992F68-BEE6-35D8-89AC-6A81406F1096}) (Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Terminator Future Shock + SkyNET version 1.0 (HKLM-x32\...\{AC9D63E6-A090-49E3-95CA-9CAA6706AEAF}_is1) (Version: 1.0 - Bethesda Softworks)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Brookhaven Experiment (HKLM\...\Steam App 440630) (Version: - Phosphor Games)
The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\GOGPACKRIDDICK_is1) (Version: 2.0.0.10 - GOG.com)
The Gallery - Episode 1: Call of the Starseed (HKLM\...\Steam App 270130) (Version: - Cloudhead Games ltd.)
The Klub 17 (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Klub-7) (Version: 7.5.0 - Team WRK17)
The Lab (HKLM\...\Steam App 450390) (Version: - Valve)
The Solus Project (HKLM\...\Steam App 313630) (Version: - Hourences)
The Suffering (HKLM-x32\...\1268478205_is1) (Version: 1.0.1 - GOG.com)
The Unwelcomed (HKLM\...\Steam App 504560) (Version: - The Unwelcomed Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
theBlu (HKLM\...\Steam App 451520) (Version: - Wevr, Inc.)
TheWaveVR (HKLM\...\Steam App 453000) (Version: - TheWaveVR)
Thief 3 Sneaky Upgrade SDB (HKLM\...\{61271900-d6b0-4da5-801b-7127a8713df1}.sdb) (Version: - )
Thief 3 Sneaky Upgrade version 1.1.5.2 (HKLM-x32\...\{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1) (Version: 1.1.5.2 - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.9 - Electronic Arts, Inc.)
Tormentum - Dark Sorrow (HKLM\...\Steam App 335000) (Version: - OhNoo Studio)
TrackMania² Canyon (HKLM\...\Steam App 228760) (Version: - Nadeo)
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
TypeScript Power Tool (HKLM-x32\...\{7FBEE165-A653-4B2A-A93A-4643794E22A8}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{D7C8A95B-B1EE-43B1-837D-C73D1321FEBA}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ulead MediaStudio Pro 8.0 (HKLM-x32\...\{A6E71574-2126-4E95-816E-32B2411C94BA}) (Version: 8.0 - Ulead Systems, Inc.)
Ultima Underworld 2 (HKLM-x32\...\1207662473_is1) (Version: 2.1.0.20 - GOG.com)
Ultimate Booster Experience (HKLM\...\Steam App 499620) (Version: - GexagonVR)
Uninvited: MacVenture Series (HKLM\...\Steam App 343810) (Version: - Zojoi)
Unknown Pharaoh (HKLM\...\Steam App 576100) (Version: - 4 Fun Studio)
Unreal Gold (HKLM-x32\...\1207658679_is1) (Version: 2.1.0.6 - GOG.com)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vanishing Realms (HKLM\...\Steam App 322770) (Version: - Indimo Labs LLC)
Vasco da Gama 9 HD Essential (HKLM-x32\...\{132A1B32-8C6A-416C-B7FB-7D4CD54C18DE}) (Version: 9.00.0000 - MotionStudios)
Vertigo (HKLM\...\Steam App 465430) (Version: - Zach Tsiakalis-Brown)
Virtual Desktop (HKLM\...\Steam App 382110) (Version: - Guy Godin)
Virtual Desktop Service (HKLM\...\{2F1A2C04-7695-47E1-B69E-B2B5B2038C39}) (Version: 1.5.1 - Guy Godin)
Visual Basic 5.0 (C:\WINDOWS\system32\) #3 (HKLM-x32\...\ST5UNST #3) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #4 (HKLM-x32\...\ST5UNST #4) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #5 (HKLM-x32\...\ST5UNST #5) (Version: - )
Visual Basic 5.0 (C:\Windows\system32\) (HKLM-x32\...\ST5UNST #2) (Version: - )
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version: - )
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
Vita 2 (HKLM\...\{39B956AD-00E8-4561-B6CC-7E91BDEDB0AF}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Concert Grand LE (HKLM\...\{0501DF32-8054-41E0-A1D1-B6BEAB54CACF}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vita Drum Engine (HKLM\...\{E5494279-4C0C-4220-9B41-A6BC89D6A92E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (HKLM\...\{D14FE00B-0E75-462A-936A-C9483A20D0D0}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
Vita Power Guitar (HKLM\...\{69F05894-87A2-4E92-A6E3-EE8937D09CC0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceAttack version 1.5.12 (HKLM-x32\...\{D6EDF6DB-029E-4A34-A3A0-D960CB0FCB2A}_is1) (Version: 1.5.12 - VoiceAttack.com)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
vorpX (HKLM-x32\...\{C136D0CC-9077-4979-801E-6B5A956EED6A}_is1) (Version: 17.1.3.0 - Animation Labs)
VRporize - VR FPS (HKLM\...\Steam App 498970) (Version: - Mercury Aerospace Industries)
VS Update core components (HKLM-x32\...\{5F7870A1-0586-313E-A9FF-3249DCE9F63A}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version: - Aldin Dynamics)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Wheel of Time (HKLM-x32\...\Wheel of Time) (Version: - )
White Night (HKLM-x32\...\Steam App 301560) (Version: - OSome Studio)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windlands (HKLM\...\Steam App 428370) (Version: - Psytec Games Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Wings! Remastered (HKLM-x32\...\1207666423_is1) (Version: 2.1.0.2 - GOG.com)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08060686-DA7A-4F81-903F-5EF5846EBC46} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10FB4821-8293-4FB8-93AC-ED877096D358} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {15CEA677-3D1C-403A-8EE5-9C536AE36655} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3356136B-5DA8-4E2C-94F1-D934C3FFD02A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33D241F7-FCC1-4696-BA50-24F80B532744} - System32\Tasks\{EA0A359E-2C55-46AC-83DB-0F986B25B53B} => C:\Windows\system32\pcalua.exe -a E:\WMEncoder64.exe -d E:\
Task: {39B3A4D0-967A-4B83-8FAE-BFC9CCF78C7C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {3C768F76-478B-4129-836E-66BBD535DF4B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CA1C205-5779-4D65-9B79-03CA693A49ED} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-05-10] (MAGIX Software GmbH)
Task: {3F26B3E2-B93D-49BD-BC7E-5F720B51C994} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {415F7118-E84D-43AD-B678-2809A265ACDD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52FD4488-82FE-4FC3-A835-7330FDE39B8B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58E0F5EB-6F42-4B37-A50A-952C0182547B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A2D88F9-D511-4485-A81D-E9539F5865C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D12D0DE-7C2D-43EB-88A7-25C081D80C44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6509C4C3-BDFD-4861-ABD9-95C391A5DA45} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67D99D18-6635-4D3E-869B-A89F58F4E0BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {6ACACBFB-34D5-4E50-99F6-7C2E8F65870B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DFFA0FA-204A-4DB6-A32D-36551F60CD88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {71CC4BE9-738E-4546-A312-5370DAC238D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {72C2654C-0345-4427-92A1-203E5906A350} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE287C4-2286-41C0-8590-B925FB2DD061} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8426F389-7EEE-48D3-86F8-A0B7F68C0351} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9502FC37-4BF3-4187-97DB-BB885F817B28} - System32\Tasks\{540C4F0A-AFE9-41B0-8BED-770ADCAFCFDD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/de/abandoninstall?page=tsMain
Task: {9F4B56CC-50E0-44AF-946B-932FF1BB8876} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {ADEAE2A2-DBBC-4FEA-AE2B-1ACCCCA9F22C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B265853E-1EB9-4490-8346-026981D861F1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B7290E7F-96E2-49E1-94BC-17D8FC712ACF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF0E8690-E916-421C-925C-8EF2FB370D68} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {D61F55A8-B0BB-4781-80FD-8F7B16E7EA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E025C148-A5D4-4254-AAA8-1B4360B2374B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {E6B257D7-040D-4610-AFE5-4256956C9B14} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAE39C83-0CAA-4312-907A-1243969BAB66} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {ED55E21A-57DB-4591-8F95-58F0658945D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F2A52317-F2C1-4630-87BC-E12B2FFC7496} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F5132FA3-CAD1-4315-BF63-D7542912C7C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F75A3443-BF9D-4B1D-BAB0-DA6B05C232BC} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-HOSHI-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {FC7911CA-4CA6-4249-A2B5-D3C065E61A89} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC8098E2-47F8-48D3-A990-2172097B9ABA} - System32\Tasks\{1B9BAEFE-CA33-481C-8FAF-AF1A3509FC73} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield - Bad Company 2\Cleanup.exe" -c uninstall_game -autologging
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Hoshi\Desktop\Games\InLucysEyes.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\InLucysEyes\InLucysEyes.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\Desktop\Games\TenebrisLake.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\TenebrisLake.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-19 21:54 - 2017-07-19 21:54 - 000330208 _____ () C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
2014-12-26 23:05 - 2011-07-28 18:06 - 000297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-09-21 17:40 - 2017-09-21 17:44 - 000014336 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\WTSAPI32.dll
2017-08-29 05:56 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-29 05:56 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2014-12-26 23:05 - 2011-07-27 12:53 - 000360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2014-03-15 14:20 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-09-07 10:11 - 000000027 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hoshi\AppData\Roaming\mozilla\firefox\desktop-hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
|
|
23.09.2017, 06:24
| #11 |
| | Windows 10 64bit : Verdacht auf Maleware addition fortsetzung Code:
ATTFilter ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: LogitechQuickCamRibbon => "D:\Programme\Logitech\Webcam\Logitech WebCam Software\LWS.exe" /hide
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{BA585EE1-A7F9-49C7-88D7-522B7C9DC59D}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E0DC3C0F-8A5A-4950-B29C-A9CC62B6E5CA}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{702407FC-570B-48B7-B575-F088B82F5FD7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DEEF9EE1-3254-466A-98B9-C6EF05212ACD}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{19C290C3-9D18-4F16-B042-EFF275DA013C}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [TCP Query User{A632B5B6-D96A-4EA2-A892-8626A8AF81A8}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [UDP Query User{1E455C75-FB8D-483B-91A4-B8C11BE4C869}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [TCP Query User{813295F7-78FC-4553-AC43-715C5B7879F5}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [{3C3D2E69-5741-4D9C-8BA6-F881ECC18C21}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AA3B8C49-6083-48B9-AE89-19BC7C9097E3}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AC96AE27-8529-497D-8B66-FCC05C1371F3}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{A7801E9D-E656-4A15-A6D0-32B372633B3A}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{F90A37A4-FB13-402B-B550-8F4E250A6235}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{003666E4-1942-464C-8684-9E3839ACA7ED}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{5D395514-FDFF-41A2-9CD5-AEF110564C5E}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{DD6D3136-65A5-46F7-B3F2-9309062D411C}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{6B0A2104-10B4-44D9-83FF-602956979021}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{2EA87923-BA90-4961-B89D-8193B1BA93B7}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{4C28E660-F41C-4E65-BE80-7BCCA081576B}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{97BEA2F2-001B-4D94-A00B-9C1B06EBD466}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{E97CCF0D-855F-4E08-91CD-B3B76D5ECE85}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{ADA15F69-55DB-43BD-8F88-F6183D6DCE81}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{E0CEF3DC-4FAE-458D-9748-B22736715E69}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [{9813278E-1BE2-419A-BF40-0A0AFC5DE0FC}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [UDP Query User{1FDBA183-7457-486A-8B59-C110F9C0AA2B}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{DFF78058-8AF5-447D-9241-DAAD9F1A1678}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{4223108D-1598-41A0-9C7D-C98C2C7E8CF0}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{D6FE4E3D-1689-4D1C-8769-66E136EB5BFD}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{07F2908B-71B8-4032-8FCA-9B9F60CD886D}] => (Allow) OVRServer_x64.exe
FirewallRules: [{68A4192E-0BCE-4E38-B01C-7D04950BB40B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{0F30DC54-5C6A-4862-9E20-9CA261B83F8B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{4806CE95-7DBE-4F03-9E01-0E8C5E15CE1B}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{9B495424-3E3E-48C7-9734-B427D7AA5148}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{56D51920-A5CD-4085-B0AE-E21ED31050B7}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{778CDE73-7D13-4DAC-A715-F9998C193F4C}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{16FBA39D-A8FB-4368-AE02-748CFDC4C0BB}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8F1A9D38-4640-4CAE-B1B3-6B1659F740EE}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{DE830C2D-2792-4793-B8C3-03EE4268374A}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{69B2D7B0-0B35-4D67-870F-B80D5DA11976}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{C02F1FD2-BE14-4B1D-820D-88F3FB6CADED}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{349FF32B-00CD-4466-BD48-49EC3ECF16E1}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{67B64759-2152-491A-B7FD-5F2D77A134C5}] => (Allow) OculusClient.exe
FirewallRules: [{B354CDB8-59FB-4AD5-B91B-1FE9E59160DA}] => (Allow) OculusClient.exe
FirewallRules: [{1E2E29D8-EDB5-4745-9273-0E2B44C2BA12}] => (Allow) OculusVR.exe
FirewallRules: [{B3B70576-2AA5-479D-BB33-ED66BF047058}] => (Allow) OculusVR.exe
FirewallRules: [{BD2E0371-BC51-40C5-8AC5-994147DFF03C}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{70CC2275-610A-4F6B-BD23-E5BFA14550B0}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{A3E91647-CBBA-4C2A-8966-4A9D1953C275}] => (Allow) OVRServer_x64.exe
FirewallRules: [{CFC50AAE-31A2-464D-B8EC-1440BC8AF75F}] => (Allow) OVRServer_x64.exe
FirewallRules: [{5DDA393E-C726-404A-B6BE-C81B852BE85E}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{AE7789AE-2746-4886-8A8C-0A9611145455}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{C0FA4152-1304-4909-9983-0E0B4DF8231E}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{F0B60581-18FA-4DA4-A857-7074717EFEB2}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{36C15119-7D97-4269-8318-0A54BF0699CE}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{15EFFFD8-2995-4D7A-8A1D-D55F0FBD3F00}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [UDP Query User{1F46EB63-73BB-49B7-B16A-AAABA83463D3}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [TCP Query User{DF38C388-6EF5-40E2-ABB5-7A7806CB462F}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [{2EC97B86-1219-49A0-A7A2-7391D7E3E416}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{4D349B1F-5DAA-4F16-B516-B91CF9D6E1C3}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{333A85DC-E692-4A7C-AC1E-923930542B8D}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{0A0E4521-8BE0-499A-A7CC-2D14A50E7945}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{FDAD1FE0-97EC-4D00-97CF-48EB0C58EF09}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{40561B9E-A123-4908-B83A-3C88C57B5391}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{CC04E9D0-241D-4D79-A268-A88497F20AD3}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{2EECEE85-CFEE-4509-9F24-B1B03D3EE827}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [UDP Query User{45EB9ED9-0CAA-453D-B4D9-06B7B2FEBB5C}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{800CB73E-7CA2-463E-8EE9-3C87FF3734FA}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{50A12DFF-801A-4AF4-9920-7E5B463506CD}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{54606CA1-DA6B-4AF5-967A-E12F76C20ABC}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [{BF733EBD-02BE-4B5C-8C19-2FA8AF6ADEB7}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{B673414B-67A0-4DE7-8BA7-4910EA606C90}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{9FC42CE6-3FA4-466E-B7B5-E497154C3240}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{53723693-0DAF-4DE7-9B73-9154E45330ED}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DBD75664-BE69-4222-985F-4C52ACDD34DA}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{3FB2591D-93B5-4808-AD14-D34BBF3C9876}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{291A965C-E12B-4661-B704-83E8743BB52C}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{9E376CE6-426A-4E7E-B116-65B088452225}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{43037CC1-0C70-40A3-8BEA-6392BC9CA3CD}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{3F8F8D1C-5E0A-4FE8-81D4-0E90A5304A85}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [UDP Query User{2933B71E-AD92-47FB-9833-2943E612033A}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{7C1C116D-BB06-4F08-9FF8-06F1BCAF6231}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{65A88DF4-D55D-4D10-B267-092E4E81595E}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{61AB9D3C-7E2C-498E-B4C0-403D0D38CE33}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{1B64888E-6A42-422E-ADCA-E1AC56995ED7}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{7C71C520-0138-4A51-8DAF-2DC62ACAFFC2}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{53ED8D1A-8BED-457E-AE41-F08A40127E3C}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{BD6E9A75-9511-45A6-BB74-05CD434D17F6}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{DE5A1E59-8DB6-4619-AA85-79AC39691117}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{5695F430-0FE8-48C1-A594-CF8C4FD0704A}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{B5DA8A5E-4D4F-4C20-95F3-6B65B41ACD8E}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A4C7EA8-EA75-4249-8A13-A5DFD9404043}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C96678AE-C5EB-4085-A06B-F142B7C9CF80}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [{0D6113C4-FD38-466D-BA47-3844AB491F38}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [UDP Query User{16FB7109-76B1-49E7-AD78-62CAB08F652C}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [TCP Query User{F31A3F18-2596-450D-B0E2-3D2B785BEF25}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [{5005CEA3-87E3-4E58-9E27-AB3FD75FBC88}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{DE4E352D-3ADD-436E-BAA1-BE95D3987B52}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{2E4E90F2-95CF-425D-8541-030B3D462F85}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{477BC455-D26F-420D-B5FB-7C3F96B3A73D}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{06865A7F-2F3F-4008-AECF-96E39B11738D}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AA3DC80E-C831-4309-B0F4-A176BFF7030C}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AFFA8C04-DCAA-48EC-AE74-2AD45EF733FF}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{2F642C70-E2AE-4442-8001-EA9124030D71}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{4E547210-56DD-436D-AFB6-26132F63F1C3}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [{5AEACF73-9594-4924-9B2E-0EAA5121E625}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [UDP Query User{44EAC687-8C54-4322-8240-F8FB63E03101}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{24758668-2959-4BC3-8E2C-3E9E455E6734}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{5D898310-DB54-49ED-830B-05F242D1F421}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{0466309B-407F-4D69-91E6-86BEAFE9DBEB}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8AEE8D01-CF01-47AE-AD5D-714D7BE7D820}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{342EA1E1-2E21-4A09-8C9D-95D4D0B61526}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{0F13B3E5-0FC1-4D38-A9EC-6B8004EC0738}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{72B3B364-082E-4265-B78D-10FD766E99DB}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{2ED621BB-621E-4F5B-9EEE-2445F798F417}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38EAF7FD-1387-4B2F-B071-A3050E0E7B52}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41BA33BD-41ED-4667-B5EC-850C760D7EC4}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{96FE98B7-8520-4C4B-889D-95A849A6406C}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{8F614056-23CF-4179-8110-CBF96615B056}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{92DEB061-DDBE-4317-9756-EED6E50B36C1}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{41E6B432-E1F9-4489-B50C-C3CFA89580CB}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{43D853E6-AAA5-4C78-8271-3DE5C476A900}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{3D4D3D55-258A-4452-8354-59A0C9B95BE9}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CF90FD8C-9D02-4F83-87A8-86DE8BF0703E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{3B74ADF1-6A43-4401-AB32-EF15C1D49194}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{B3EC2834-8773-4B20-A2D9-841BF8179FDF}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{633BF3E0-7616-4F0C-BD34-D7AE38CF71C2}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{F523341D-D024-479A-B1C6-09E174003418}] => (Allow) D:\Programme\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{94207D91-6307-48BA-886A-841FBC51410E}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{2F2FD238-9218-4E73-8DA4-6FA41E0506C3}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{F55B01C6-BA46-4D72-BA01-DC0F62B2D9DE}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{4656B89B-E5B0-492F-AA56-97C9CB624605}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [UDP Query User{025F09C2-9AA1-4ADF-A604-9FA5A3FA0A64}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [TCP Query User{4AB9BA08-A5C6-4079-9E58-21E9E7D66539}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [{BFF87F05-85B8-4FAB-A7BC-80B7D7ACB251}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{41F30114-6E1E-4DC6-A988-5235C132E4D3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [UDP Query User{09B31CFA-B2D4-4E9C-846A-9E6AE61A437F}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{59421173-7EB5-4508-9C9F-3ED146289E5B}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{32F1DDE8-CC4C-4320-A8A4-1C75F90D4BB4}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [TCP Query User{2B62BCA7-11D4-4AD8-B437-2DE1EAD40A50}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [UDP Query User{241742FE-2949-4E72-81E5-122D323D76F4}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [TCP Query User{009A6B4B-3F84-4965-99B0-AC627E9AB743}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [{410F8931-7BED-4D99-A248-881443D2BA43}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{FAB3AE78-C3C6-4DD4-A657-2D7D3A467C0F}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{6F7A5C9A-2A1B-4FC7-94F6-93EDAECD75D4}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{17931943-1054-49E9-8E44-15C4ED0E76EC}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{1627D254-2807-47E5-A965-8EF14D291E95}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{372C07F2-7E64-4845-BD0D-18F42729A021}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9EE86F79-EA28-48E7-BDF7-DA3CB5CB0EB2}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{0C0096FD-BC19-4204-9414-C50767846395}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{E8CCB980-186C-4786-9D43-AAF5F521C015}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [TCP Query User{7B0BBD21-DD89-4546-A8E6-92CF642CFF29}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{B4BEBBEE-A2AB-4C62-BA1A-3E947E8618D0}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{F7A90859-ECB9-4126-9CF8-32AEF926581A}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [UDP Query User{118013CC-E8F7-4503-92F8-BED165808AE7}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [TCP Query User{24A0B1AA-132B-4576-965E-6044AAE7FE03}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [{5561E420-4BC8-44A8-9F33-AA239310F2C3}] => (Allow) LPort=41780
FirewallRules: [{EF206F0E-4EAA-4E2E-97A8-722315EF974A}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{92763FF7-CD31-49A4-AD1D-3C59426CE645}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{339CA568-B0BA-476E-8647-E398FD154305}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6AA3EA4-AE5F-4147-9477-C983C17F78B3}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A09E3AB7-BA3F-49B3-A93D-F50DEF8265E6}] => (Allow) D:\Programme\Skype\Phone\Skype.exe
FirewallRules: [{F7C0F58A-218F-41E3-B1F3-5E65CC3A3F50}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{8602E317-6CEA-4200-89BA-4F8E48E3414E}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [TCP Query User{9606A9D6-6A6A-40C7-AE58-17B18A3111E1}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [UDP Query User{48C77771-399E-4E63-BA0F-5C9A89A5F366}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [TCP Query User{549B6F9D-C048-4E95-99A2-3A377AAA0748}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{672FCE63-7931-4363-B2E8-7C5890F947CB}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{444E3619-2165-4B6B-A277-9CC0BC7B53B0}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{48AAD65B-32EF-4142-931D-684DA033FE0D}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{0302EA2C-2C88-4C68-8BC4-C486414C6275}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{655D0F0E-A538-45A5-83ED-0D949E232624}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{55CA69B3-FD1A-4886-909A-0C86C229B07F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{595038C8-42B8-42A8-9DF8-1D679DCC7DBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E36AEE6-C7C2-4509-B7D9-1BB0E1F03EB1}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{68BB8839-299B-4D34-A527-FF5F23ED4D04}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{0273119C-7CAF-4396-A5AF-768B82E424E2}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{CACF1BA0-AB61-46E3-A4F6-E3FD55C94A29}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{B63306D8-F01B-4802-A5E9-6F36E2474501}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{22654D19-A692-4892-84F9-A6C46B8C6DAD}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{60339C49-0A25-4CD0-83D0-DEE32E2FDB0B}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{E69CBCFB-4693-4382-AB15-14D323B3B0E1}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{9193D3C6-6FBF-441D-BB2F-0C08BEB4E77C}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [{9DF8030F-3EF7-4A6C-918E-3D3DA0F83D6B}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [TCP Query User{367DB655-BB17-4BC1-AE31-F20ED49E3A88}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [UDP Query User{44C3E241-DED9-4E29-9063-06F33DD095ED}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [TCP Query User{D16373C4-962B-46AE-87F9-922D3DA20533}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [UDP Query User{FBF4100B-242E-4171-930C-AF872ABC032A}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [TCP Query User{4D2FE12B-90B6-4D54-A289-A724E7B95289}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [UDP Query User{D3B9D8DA-2FFC-48E4-82B4-FB2E4BBDCA12}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [{ED38B62B-7340-44D8-ACD2-C203EDDA1151}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{A5F656B5-3F31-4FFC-BCC4-95FAB832FD48}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [TCP Query User{927C9C71-D614-4C26-B61A-A882E3817A70}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [UDP Query User{227C1F1C-3189-442E-84DC-6CC2E2E3E94B}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [TCP Query User{9D6AA729-9DA7-4763-89DE-52AF6DFC31EF}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{4D15A1ED-0497-41FE-9D0E-FAD00BF9D30E}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{AB34BC04-FF41-4337-9BD5-48D5A1B017E4}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{A54CB64D-E750-414A-A14B-A1C2AA0CC560}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{1771F40C-6EE8-4EA8-BFB0-F8C879A7DA49}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [{425D082B-2A4C-4FC6-8E3C-B11A884517AF}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [TCP Query User{43996D90-1975-4368-BED9-232501810761}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8F2DE0C-F2D8-4BFB-B7FA-5725E9CA96E2}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C2B64B6A-1A45-4904-B911-8F4163D80E33}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{628C846B-37A4-43FA-8300-C2ABD8505CE3}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{2B306573-B82C-45B6-B744-9BFF24454263}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{02897BD8-93C8-4E39-9236-8581E64CA400}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{4243E46D-D91C-4899-B34D-2D0D9664912D}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{FAE9A318-685E-4CB8-A119-FC59DD4334CF}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{DBC819B9-E417-416A-BA9A-674662BF83AB}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{F20DCC84-A9D8-40AA-AFE7-B206053EDF38}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{6633A870-73F0-4F52-919E-D7A72822C841}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{69BC39B0-41F0-419B-BB20-14A374665975}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{82729D87-7959-4CA7-AA2F-9E5286114411}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [{C9C8859F-6322-41D1-AD05-B11D9DF4B04E}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [TCP Query User{1AA0FBF9-4330-4FF4-85DF-789C47018191}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{473BDA27-3954-4B5C-8221-8377E36B9CD2}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{B6368D2F-877F-4CE7-86EA-42CD059F4519}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5EE59C3F-2D0D-4CED-840B-2BA998195FCA}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{C586A06C-0DA9-4744-80FD-2C40DC65522C}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E575F97D-B64E-4E35-B30C-038822ECDED3}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [TCP Query User{69BFF41F-D1C1-4691-9FE1-B6DAE78B9AFD}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [UDP Query User{AD1889AD-5410-4C90-BFB2-372B345CE1D2}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [{8A3B0A28-A44F-4C11-8E0D-3B16592AB8B4}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{945066F8-25B0-4FB2-8A01-FB556A39BF1C}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{5E4A151B-2E94-4040-B1BB-8202B658D7E5}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E73C3B66-59DC-4ADE-B5B1-0CCB9E5F15F1}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{C9C602B9-4B3D-4FA5-9D6F-61E42E613097}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FB9ECD72-CABE-4824-9AAB-E4A6F0E35D84}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EEB40E47-F1C4-4656-9C5C-2FEB1392B4DF}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [{9FCEF941-FA77-4150-BE2B-839A321CA27C}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [TCP Query User{62808090-BA71-4AE1-B049-85362774AAF2}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [UDP Query User{A2D3775C-19DD-4124-819B-5F534032CFA0}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{7F75C914-E50D-40B1-BB92-746FC9CCEDD2}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{D59DAF58-5343-49CB-A91C-6C96689546F1}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{62528508-75BE-47CA-9277-836908DF1719}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{3D3D0C0E-CC29-4785-BD54-CAF08252381C}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{8DC2D8B5-DB4B-40D1-97AE-6D4D2CDA677E}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{EA82A72A-0783-4376-86DE-66D463A97A0C}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{35D7E367-0ED3-4F47-8441-3A6A3F3561DC}] => (Allow) D:\Programme\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{6E0600B2-815E-48A0-B4AD-A5EAB1543BDB}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{7AC56B85-1415-4007-8E96-1361E1FABDE3}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{D95A68C3-537C-40C1-A744-442B4D5879B8}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{EF2BBEFC-1876-4BFA-B930-628D8649EA01}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{5C208156-3201-4BFD-9561-FF74F18CE96D}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [{651B32F7-67BE-427E-AED8-2E8B3D3929B7}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [TCP Query User{F680A4FB-8640-40DB-AED3-5FF14EB3BE73}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [UDP Query User{9D8568A2-6021-4089-A7E5-B899BE3AA6A2}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [TCP Query User{5297F42D-5675-4819-B80D-1F8FE92D8792}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [UDP Query User{52D31D87-A22B-4B4E-AFFB-41D5FE61C3E7}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [TCP Query User{84A070A8-9FCE-4BA1-907C-311A264759F3}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{B261384C-83D2-4BBA-B1CB-1A09E9C005B8}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{149DCA28-7E08-4F6B-9642-4643C987479B}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{BF0B939D-91E1-4C1A-9C14-D46A9ADB71A3}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{70A71F66-CF4A-4F7D-9E11-A0B39DB3DFBD}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [{B87CA62F-C948-4990-81A5-3C8273F90ECF}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [TCP Query User{733AD380-6942-42B0-96A4-4C928D10A842}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [UDP Query User{4FC4F02E-DA30-4A2F-ADC6-2421F3C86C51}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [{F173D9E2-CFC5-456C-B772-38970156E8B5}] => (Allow) D:\Programme\MAGIX\Video deluxe Premium\2017\Videodeluxe.exe
FirewallRules: [{58565BAD-4103-4768-A22D-6A83399860EE}] => (Allow) D:\Programme\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{B0F4AF05-3445-4E86-84ED-F9668F3EA52B}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{B6D46762-9437-4F7E-804C-595364ADB56E}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{DD9EDFC0-4384-42B2-99D5-8C17E4DDD7AC}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{A0600D8F-500A-4A44-89C6-282349CAE307}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{536D9FE2-FE06-430D-8696-DC1327D02F34}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{5A496D68-2EF3-43AD-98E3-578B7BA30874}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{B13220B0-F27B-4818-A76B-284143317672}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{3543073A-B8AB-453D-A4D3-190625845506}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{69CD8989-CD16-4562-BE3F-0988730932F3}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{CC1CF894-3B6A-4DC2-969F-3509EEE2C8B7}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{2F57496C-28BB-4BA2-B0DC-E8DBBA7A674B}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{3A10685A-A365-481C-8512-71D553076AD1}] => (Allow) C:\Games\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [TCP Query User{946362F4-2735-432C-A060-BD80CF30C175}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{36F60D16-C06C-4788-8120-C002ADB1A518}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [{50693B02-4980-454A-A2CD-C8AB00019487}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{D76891D4-8F80-44F1-A92E-A0FE7048C49A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{05C68A71-80C1-403E-9342-74CDFA2EB76A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{0BCB9B89-43C3-4687-A311-87DCF4725AC3}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{D61C37A6-ACC2-4494-96D8-897F554884E1}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{AC54F4D6-CCD8-4350-81A7-4122051063DB}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{724031A4-8631-4BA6-9B14-5C43D6C27B7A}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [{4F12E286-9A42-491E-BD48-5BE45805DF6F}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [TCP Query User{63EBF6ED-4320-4FD6-8349-76A314057E9B}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [UDP Query User{89DFC2DE-0D85-469A-8D40-ECEB29072155}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [{F6CFAD45-14D9-4F70-AE82-84915128CE6D}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{EB40392A-35B2-4B49-86CF-EB7327563DF7}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{B5D68DF0-AF23-431D-B345-C5278F6310D2}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{D12E3BDC-FA1F-4993-B187-17D842A92D49}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{EF42FFA6-F63B-4B18-B056-65AED7E3C817}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{949C85A8-693A-4505-9C65-2483077C2F59}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{118F724E-B0C9-484C-AA54-724951D58103}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{639D79C9-CEE6-4D37-9D37-41C7742D6476}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{113DDC4D-4A14-41D5-B79D-9286B9A6DE47}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{2EE7EFEE-59FF-4C8D-9838-2B2B9E00270C}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{5EF4F8B9-60AD-42E1-AB4A-2035E242CEE5}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{C8894B04-9B96-490B-B2F2-A8DA33112482}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{BC6E0C8F-343B-4209-8906-8701893745CD}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{E9AC4963-ED0F-429D-A657-A4247022DEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{5A22F760-CBCC-4E82-ACA1-F3E13E75C79E}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{97E90E47-6DFE-4D02-B6F7-2D529C9DCF92}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [{6478ACBE-A9BD-4004-99AE-5BC6F47E9A6E}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{78CF89E7-5691-4AD3-ACD0-EA5EF3E3ADB0}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{F994B6B6-3EF4-4BBE-AB52-770328BFBED1}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{FC8B8C65-D63E-454C-B8CA-8E5FEC275AC6}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{DA2A7636-FE20-4A55-8405-38F2A9800092}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{EA799577-B0B7-424D-81CE-CDFA03C9E253}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{2714EDEE-7A10-426D-9FD0-30151409B09B}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{1FEFAA6C-A74C-481F-8428-D872D4DF5A5A}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{943C1A90-26A3-46C8-B75A-6AB5FE4D9C63}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [{07764B6D-4A71-4707-862F-E2FCE2E941CD}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [TCP Query User{7E4F6977-CF90-458B-92F3-F84E646B614E}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [UDP Query User{BAD65C73-1242-446C-A7F2-425E8F1CA7C2}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [{FD6BCDDE-5D4D-4827-B8C0-07C5B6758FA3}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{45C6038B-B8D4-4DF9-8A9A-11BE0F587F4C}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{453D71D6-A585-44FD-85D5-2D73EDFC22B6}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{4BD1F834-69C3-4E05-8297-006053B83D13}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{789904E8-F71E-46A3-9B7B-76616E723997}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [{060AE121-401D-4ACC-8F5A-B5C264428BDC}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [TCP Query User{A10DC358-53EF-4B81-A409-6BE1CDA4CC1B}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [UDP Query User{4DA529DA-158D-45FE-9090-FE15CC0B46D7}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [TCP Query User{EB037A9C-4274-40DA-B348-5751821FEE09}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{64F17405-13C2-4CA1-BE0F-B4B4EBA822B8}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{039CE7D6-8615-4867-9B7D-5D77171CF046}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D5172F7E-49E6-4DDF-9DA9-AF66C81B5A55}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D2F00B33-3AA8-42D5-9B14-C767CFF32944}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [{AB5457CE-D7FE-4B34-B463-B155F14F96BD}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [TCP Query User{B77F38D4-CF61-44FA-BA53-BA1EFB7D5A95}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [UDP Query User{DE476809-6F31-461C-89B2-CFE16D7151EF}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [TCP Query User{70925235-EB3E-41A8-AAEA-F7560E1D8AE9}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [UDP Query User{BB5A0FCE-F704-4643-91FA-E3AEF49E2C0C}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [{E3DCA5F5-CFB9-49E6-A6D2-1E04C6C5BE44}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{8AC401C8-0D9E-486D-AD97-16F5B10C104D}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{1C79891E-9065-4FC7-BFEB-6D285BEED6DD}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{085103B3-52BB-4322-9116-5F92D990C16D}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{28C28A74-2BF9-4BBA-8801-DBE9B3113DD3}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{9BE9FEF8-B749-421F-AC97-368EC7D7282E}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{5707A4E9-4AB0-4ADC-95A6-8891A2D6147B}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{F4D66E58-5638-4F67-8A31-62AEA5572057}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{8324771A-96C6-4F9B-90DA-195A875C5631}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{F03EA227-673C-4D1D-A045-93429F4F96CB}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{F98C6DC3-DAF4-4D89-9EC0-32A20474D749}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{DEFC3B7B-4E63-430B-9F73-CED9B3360B00}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{B04F755E-73A7-4B19-A716-0B4936931199}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{971CC691-F9C0-4BE8-BDED-8815C6A6245D}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{80DE5553-410B-43C9-8FEF-E43891C78DAF}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{D5BDF78C-85D8-4E56-926C-CC2D7364646A}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{63DFEBFC-390C-40DE-933A-9F2DADAD8AFD}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{57D0E3A8-0AB2-48D7-AB64-E3FC8289ABF8}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{03B14AAC-85A3-4E1E-AAE6-D67BB763AB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{5534C200-0E52-4CCC-BA98-DF0D25966303}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{319E1CFA-96F9-4765-B13D-2832EBC9F79E}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [{090C80C9-EF2A-4BCC-B274-DA738B85FF47}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [TCP Query User{D0852806-9B67-4849-B393-5BCFD73B4217}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [UDP Query User{732894AA-62DA-493F-BA78-A65544A6C539}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [{214564AF-BBA3-4E81-B17D-1F06B5D3AFD0}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{0B95A94E-567C-43B4-B71B-3B85B8188330}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{B33FB518-0761-4C24-8867-F0B7B14F323F}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{B76F326A-FE12-49DD-99D3-B8B83F95A4A2}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{CF53888A-5C8C-44A9-96E7-8D2A2C391893}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{E602716D-68E2-4725-97C8-C0555B0FF6BE}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{835F90F4-C74A-48E4-BD7B-7B7F3EB26BB1}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{DE0ABF26-0839-44EA-9D69-ACA0A016BDA7}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B8FEEE15-4AA9-48C5-BA8F-0D61F0142CC5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BCD32AD3-5CF5-4EAA-B4BB-6B822714DD3E}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{2DE48180-C6D5-4C8B-B588-4E81E239B1A5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{139CD6E0-7156-45DD-80E7-9F30BCC3DAEC}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4896923D-EA5C-492C-84A1-6FBE349C275C}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{6EBE3F0D-A166-408B-8DFC-80271D263B06}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{AA95A789-ABF7-49FA-BC2C-E8105DCD445E}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DBFA4C21-FBA5-440E-A8AF-C5E9777BABAE}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{56526727-9FF2-4767-8A86-67202932C05A}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F8C628C4-D6B5-414D-889E-EE364CFBC7D7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B2F7A213-0B26-408B-9612-A5BE7520ED6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3AE1DE3A-8510-4A06-AA23-71A1A52679DB}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{313E92A5-5595-4288-A364-63B4C3B819E5}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [{34DD1EF5-DC69-4975-B0F4-78E0875E130B}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{67B2ECF1-9635-4060-80A8-E1D5452EA396}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{7A7CD880-69B3-4C3E-9647-5C3623C65E61}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{12B14AFB-878D-4FDA-A577-802F39490F85}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{47916F8C-0CAE-45DA-A7B4-985DA7C8F929}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [{9458BBAC-9252-4758-829F-79275BB8B2F9}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [TCP Query User{BDFDC57C-8BC9-4E79-B023-615557F08A78}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [UDP Query User{3F3D8A05-33CD-47CF-84C2-F977A40F537D}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [{00EC267C-F337-4CA1-AC15-822CA9CCB469}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{E86DD9EE-B256-4BBB-BE9C-C368494796F7}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [TCP Query User{CDF47A81-5308-4252-9667-38D9AB0D8061}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [UDP Query User{6F3E0A19-AC02-489E-89E6-5BF15BCCDDC2}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [{78F1101F-9872-4F30-919B-44FEF97AFA23}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{4A2A88E2-91E7-4949-88FC-A05F0BDAF2F7}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{DA1AB053-B838-4905-9B9F-CAF4FFD52AB5}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{23A99FAD-E518-4010-83FE-710A6E211B96}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{24359B6A-EE2C-4D5C-ABA5-6BF6CAC91504}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AA6C628-7FB9-4F30-BB92-BDCF89F2181A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B270495-D3DF-42B2-B552-52B9EE687746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB7EE3A6-58A2-4ED9-90AD-3136049D6ED4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C89A8AB6-BCD9-4DC5-885F-DB0E8A508471}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{C3C6DF70-4CA9-430C-A8FF-FEEC9584346C}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{61C7FA33-4FA8-496A-804E-6F769606FD0A}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{14F4F47C-8305-4C7A-B552-AA5062DF3F14}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{81A6E9C9-CCA8-48DC-A19C-4425F738518E}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{794C269B-691B-4E72-847D-6BEAA1613019}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{2D1CC264-2E8C-4447-BF39-A770356FF620}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{6286C5FE-F448-4712-9198-65EA02C81ADC}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{D2C7216F-2F71-4D31-BBFA-CB24B6010AD4}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{025100DE-0293-4589-A81C-417A0604AB7F}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{E3A69345-E1C6-435C-962C-6C54065DD035}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{9FE21E23-0DDA-4020-952F-D1EE6C97D97B}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{5014089B-AA20-40A0-BF72-A740F366A674}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{142D2C28-298C-4B34-B67F-4CCA94E45CE1}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{7813EC58-1DAF-4FFE-976A-80172154651E}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{CF67956E-6D20-4DE6-9ACB-2A3B6DC3AB41}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{699458AF-2F8D-48F1-8B2B-BA8454D8236C}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{ABFA37DD-029F-4272-A197-06762C110EB8}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{089F274A-3139-40E8-8F03-1BE0BB9EAE7D}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{2113B080-14B0-4BAE-9C02-A410FE21B061}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{C0292D33-04A7-4511-A144-216679F9FFD4}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{D922841A-A90B-4235-89DF-426FB99D355F}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0800D4EE-74FF-4BFD-8430-5E5ED922607B}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{CEACACE7-4640-4865-B504-F16A3ED17000}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{9CDAE3DE-33F2-4E84-A6EA-809402CA701B}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{0B4B05AB-250A-412E-9969-0586E560F06E}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{BC8A2FB2-90B9-47DB-A552-489AE165B13D}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{C3E2BBA9-A4B6-4FC8-9A79-8864D9775545}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{DA2A4F4D-F1E8-462A-B8EA-380E5D196DD2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{02761161-C56D-453C-85F6-7D6D33393B5D}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{D743BB1E-5935-428E-8603-2AFEE37DC980}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{25B1F3B6-3DE9-4F4E-8155-5B40B04FF2DC}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{FD16AFE9-6DF5-46F2-8870-A99E4CBD85CD}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
FirewallRules: [{4C6250CC-10C1-41BF-A1E0-5BDDC0A4A700}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
==================== Wiederherstellungspunkte =========================
22-09-2017 06:16:02 Windows Update
22-09-2017 06:16:08 Windows Update
22-09-2017 06:33:10 Malwarebytes Anti-Rootkit Restore Point
22-09-2017 19:04:10 Malwarebytes Anti-Rootkit Restore Point
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/23/2017 07:16:35 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 07:16:34 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 07:01:05 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/22/2017 08:39:19 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/22/2017 07:06:56 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/22/2017 07:06:54 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/22/2017 03:45:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Name des fehlerhaften Moduls: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000035e68
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0x01d333a90702ae89
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Berichtskennung: bff2087d-815e-4553-91cf-c4c8f3e5b370
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2017 03:45:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Name des fehlerhaften Moduls: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000035e68
ID des fehlerhaften Prozesses: 0xfa4
Startzeit der fehlerhaften Anwendung: 0x01d333a90388bf3a
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Berichtskennung: 1c43047b-249b-42c9-b18d-d27a9ec3af9c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2017 03:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Name des fehlerhaften Moduls: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000035e68
ID des fehlerhaften Prozesses: 0x1dd4
Startzeit der fehlerhaften Anwendung: 0x01d333a8e31434f2
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Berichtskennung: 2d8a655a-cb78-4caf-b1fb-ed6ee76fd4dd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2017 03:44:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Name des fehlerhaften Moduls: MsSense.exe, Version: 10.2930.15063.0, Zeitstempel: 0x39f7edf6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000035e68
ID des fehlerhaften Prozesses: 0x1214
Startzeit der fehlerhaften Anwendung: 0x01d333a8de6e6ce5
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
Berichtskennung: f829ad86-9cce-4084-ab03-81a8d04e4ed8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/23/2017 07:16:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/23/2017 07:16:05 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 11" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Oculus VR Runtime Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 07:15:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WSWNA1100" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-09-23 07:19:26.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 07:19:26.654
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-22 15:45:18.485
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 15:45:18.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 15:45:12.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 15:45:12.627
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 15:44:25.572
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-22 15:44:22.907
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-22 15:44:18.204
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 15:44:18.179
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16314.71 MB
Verfügbarer physikalischer RAM: 13691.15 MB
Summe virtueller Speicher: 32698.71 MB
Verfügbarer virtueller Speicher: 29926.82 MB
==================== Laufwerke ================================
Drive b: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:119.14 GB) NTFS
Drive c: () (Fixed) (Total:223.03 GB) (Free:59.1 GB) NTFS
Drive d: () (Fixed) (Total:1464.84 GB) (Free:190.84 GB) NTFS
Drive e: () (Fixed) (Total:398.17 GB) (Free:71.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7D0DF0DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7D0DF0CB)
Partition 1: (Not Active) - (Size=1464.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 873A098D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.09.2017, 14:44
| #12 |
| /// Malwareteam | Windows 10 64bit : Verdacht auf Maleware Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter reg: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender" /t REG_DWORD /v DisableAntiSpyware /d 0
powershell: Get-mpPreference
exportkey: HKLM\SOFTWARE\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction
exportkey: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Deinstalliere das folgende Programm über die Systemsteuerung: Malwarebytes Anti-Malware Version 2.2.1.1043 Schritt: 3 Lade dir folgendes Programm herunter und installiere es:  Malwarebytes Anti-Malware
Schritt: 4 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt: 5 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
23.09.2017, 16:01
| #13 |
| | Windows 10 64bit : Verdacht auf Maleware fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-09-2017 02
durchgeführt von Hoshi (23-09-2017 16:31:32) Run:2
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
reg: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender" /t REG_DWORD /v DisableAntiSpyware /d 0
powershell: Get-mpPreference
exportkey: HKLM\SOFTWARE\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction
exportkey: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender
*****************
========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender" /t REG_DWORD /v DisableAntiSpyware /d 0 =========
========= Ende von Reg: =========
========= Get-mpPreference =========
CheckForSignaturesBeforeRunningScan : False
ComputerID : 4123B229-DF9D-4C3E-8D91-664DAD014B8F
DisableArchiveScanning : False
DisableAutoExclusions : False
DisableBehaviorMonitoring : False
DisableBlockAtFirstSeen : False
DisableCatchupFullScan : True
DisableCatchupQuickScan : True
DisableEmailScanning : True
DisableIntrusionPreventionSystem :
DisableIOAVProtection : False
DisablePrivacyMode : False
DisableRealtimeMonitoring : False
DisableRemovableDriveScanning : True
DisableRestorePoint : True
DisableScanningMappedNetworkDrivesForFullScan : True
DisableScanningNetworkFiles : False
DisableScriptScanning : False
ExclusionExtension :
ExclusionPath : {C:\Program Files\088195c19b33f61100dd567039f0a39e,
C:\WINDOWS\ea25b50d8d77b75b0e1b47872ebc5b38.exe,
C:\WINDOWS\f371379892038d205abbfa586a4788d0.ps1,
C:\WINDOWS\f371379892038d205abbfa586a4788d0.xml...}
ExclusionProcess :
HighThreatDefaultAction : 0
LowThreatDefaultAction : 0
MAPSReporting : 2
ModerateThreatDefaultAction : 0
PUAProtection : 0
QuarantinePurgeItemsAfterDelay : 90
RandomizeScheduleTaskTimes : True
RealTimeScanDirection : 0
RemediationScheduleDay : 0
RemediationScheduleTime : 02:00:00
ReportingAdditionalActionTimeOut : 10080
ReportingCriticalFailureTimeOut : 10080
ReportingNonCriticalTimeOut : 1440
ScanAvgCPULoadFactor : 50
ScanOnlyIfIdleEnabled : True
ScanParameters : 1
ScanPurgeItemsAfterDelay : 15
ScanScheduleDay : 0
ScanScheduleQuickScanTime : 00:00:00
ScanScheduleTime : 02:00:00
SevereThreatDefaultAction : 0
SignatureAuGracePeriod : 0
SignatureDefinitionUpdateFileSharesSources :
SignatureDisableUpdateOnStartupWithoutEngine : False
SignatureFallbackOrder : MicrosoftUpdateServer|MMPC
SignatureFirstAuGracePeriod : 120
SignatureScheduleDay : 8
SignatureScheduleTime : 01:45:00
SignatureUpdateCatchupInterval : 1
SignatureUpdateInterval : 0
SubmitSamplesConsent : 1
ThreatIDDefaultAction_Actions : {6}
ThreatIDDefaultAction_Ids : {225451}
UILockdown : False
UnknownThreatDefaultAction : 0
PSComputerName :
========= Ende von Powershell: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction]
"225451"="6"
=== Ende von ExportKey ===
================== ExportKey: ===================
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager]
=== Ende von ExportKey ===
==== Ende von Fixlog 16:31:33 ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 23.09.2017 Suchlaufzeit: 16:33 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.09.23.04 Rootkit-Datenbank: v2017.09.13.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Hoshi Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 434432 Abgelaufene Zeit: 6 Min., 36 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 23 14:47:07 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Hoshi\AppData\LocalLow\Zynga
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\DriverTuner
Deleted: [Key] - HKCU\Software\DriverTuner
Deleted: [Key] - HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\DriverTuner_Init
Deleted: [Key] - HKCU\Software\DriverTuner_Init
Deleted: [Key] - HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\VideoBox
Deleted: [Key] - HKCU\Software\VideoBox
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted: [Key] - HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\FastDataX
Deleted: [Key] - HKCU\Software\FastDataX
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3677 B] - [2017/9/23 14:46:16]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter # AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 23 14:52:20 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [3533 B] - [2017/9/23 14:47:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [3677 B] - [2017/9/23 14:46:16]
C:/AdwCleaner/AdwCleaner[S1].txt - [1649 B] - [2017/9/23 14:51:48]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2017 02
durchgeführt von Hoshi (Administrator) auf HOSHI-PC (23-09-2017 16:55:16)
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Oculus VR) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify Web Helper] => C:\Users\Hoshi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify] => C:\Users\Hoshi\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{44eab3ff-54e7-4179-9334-818557caa181}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48087fcf-0f34-473d-98e4-623094e6d179}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{50f0966d-4c38-4772-9bc1-2e04e25500e9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53270d60-5f82-4144-bb10-31c955cd1d24}: [DhcpNameServer] 192.168.42.129
ManualProxies:
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2016-01-18] (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF DefaultProfile: v835n1d8.default-1416499139358
FF ProfilePath: C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 [2017-09-23]
FF Homepage: Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 -> www.google.de
FF Extension: (MEGA) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\firefox@mega.co.nz.xpi [2017-09-21]
FF Extension: (FlashDisable) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2017-04-10]
FF Extension: (NoScript) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-12]
FF Extension: (Video DownloadHelper) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Bitdefender QuickScan) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-09-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2014-04-21] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1299527896-1211748070-1707534253-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hoshi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-09-21]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default [2017-09-23]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)
S3 GalaxyClientService; D:\Games\GalaxyClient\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-07] (GOG.com)
S4 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts)
S2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [2977640 2017-09-12] (Electronic Arts)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [207656 2016-12-13] (Oculus VR, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [470480 2016-12-13] (Oculus VR)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-07-26] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-09-12] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies)
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2017-05-06] (Broadcom Corporation.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2017-05-25] (Disc Soft Ltd)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-11-09] () [Datei ist nicht signiert]
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-15] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U4 aspnet_state; kein ImagePath
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-23 16:50 - 2017-09-23 16:50 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-23 16:50 - 2017-09-23 16:50 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-23 16:50 - 2017-09-23 16:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-23 16:49 - 2017-09-23 16:49 - 000245912 _____ (Mozilla) C:\Users\Hoshi\Desktop\Firefox Installer.exe
2017-09-23 16:48 - 2017-09-23 16:48 - 000097457 _____ (Mozilla) C:\Users\Hoshi\Downloads\1f8b5ad9-cb69-4d6b-a7b4-4e37900b4ca9.tmp
2017-09-23 16:46 - 2017-09-23 16:46 - 000000008 __RSH C:\Users\Hoshi\ntuser.pol
2017-09-23 16:44 - 2017-09-23 16:53 - 000000000 ____D C:\AdwCleaner
2017-09-23 16:34 - 2017-09-23 16:34 - 008182736 _____ (Malwarebytes) C:\Users\Hoshi\Desktop\AdwCleaner_7.0.2.1.exe
2017-09-23 16:33 - 2017-09-23 16:33 - 000034532 _____ C:\Users\Hoshi\Downloads\533fd124-ca54-4763-a6db-b396caed6a8f.tmp
2017-09-23 16:33 - 2017-09-23 16:33 - 000001136 _____ C:\Users\Hoshi\Downloads\7fc3c9b5-c46a-4e84-b979-d6ea5bbcd6b1.tmp
2017-09-23 16:32 - 2017-09-23 16:32 - 000034532 _____ C:\Users\Hoshi\Downloads\b1bb7384-7163-43b3-a4b2-270df49a2362.tmp
2017-09-23 08:56 - 2017-09-23 08:56 - 000001177 _____ C:\Users\Public\Desktop\Tyrian 2000.lnk
2017-09-23 08:56 - 2017-09-23 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyrian 2000 [GOG.com]
2017-09-23 07:15 - 2017-09-23 16:31 - 000004791 _____ C:\Users\Hoshi\Desktop\Fixlog.txt
2017-09-23 07:15 - 2017-09-23 16:31 - 000000000 ____D C:\Users\Hoshi\Desktop\FRST-OlderVersion
2017-09-22 15:45 - 2017-09-22 15:45 - 000070612 _____ C:\Users\Hoshi\Downloads\2a29ca61-d44f-4702-ada1-a5202ddde7c8.tmp
2017-09-22 15:14 - 2017-09-22 15:15 - 039468304 _____ (Microsoft Corporation) C:\Users\Hoshi\Downloads\mpas-feX64.exe
2017-09-22 06:19 - 2017-09-23 07:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-22 06:18 - 2017-09-22 19:58 - 000000000 ____D C:\Users\Hoshi\Desktop\mbar
2017-09-22 06:17 - 2017-09-22 06:17 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Hoshi\Downloads\mbar-1.09.3.1001.exe
2017-09-21 20:32 - 2017-09-21 20:32 - 000539414 _____ C:\Users\Hoshi\Desktop\Defender.txt
2017-09-21 20:25 - 2017-09-21 20:25 - 000245912 _____ (Mozilla) C:\Users\Hoshi\Downloads\Firefox Installer.exe
2017-09-21 20:23 - 2017-09-21 20:23 - 000251110 _____ C:\Users\Hoshi\Desktop\bookmarks-2017-09-21.json
2017-09-21 18:47 - 2017-09-23 16:44 - 000001192 _____ C:\Users\Hoshi\Desktop\mbam.txt
2017-09-21 18:39 - 2017-09-23 16:55 - 000021631 _____ C:\Users\Hoshi\Desktop\FRST.txt
2017-09-21 18:39 - 2017-09-23 16:55 - 000000000 ____D C:\FRST
2017-09-21 18:39 - 2017-09-23 07:19 - 000142747 _____ C:\Users\Hoshi\Desktop\Addition.txt
2017-09-21 18:37 - 2017-09-23 16:31 - 002399744 _____ (Farbar) C:\Users\Hoshi\Desktop\FRST64.exe
2017-09-21 17:49 - 2017-09-21 18:32 - 000465324 _____ C:\WINDOWS\ntbtlog.txt
2017-09-21 17:49 - 2017-09-21 18:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-21 17:45 - 2017-09-21 17:45 - 000024658 _____ C:\WINDOWS\System32\Tasks\{79097F47-7A7D-0904-0B11-0F04040D1179}
2017-09-21 17:42 - 2017-09-21 17:47 - 000003286 _____ C:\WINDOWS\System32\Tasks\088195c19b33f61100dd567039f0a39e
2017-09-20 22:10 - 2017-09-20 22:10 - 000051624 _____ C:\WINDOWS\uninstaller.dat
2017-09-20 16:59 - 2017-09-20 17:01 - 004204032 _____ (crosire) C:\Users\Hoshi\Desktop\ReShade.exe
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ C:\Users\Hoshi\AppData\Local\recently-used.xbel
2017-09-19 16:48 - 2017-09-19 16:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-09-18 17:33 - 2017-09-18 17:33 - 000000098 _____ C:\WINDOWS\SysWOW64\QuickTime.qtp
2017-09-18 17:33 - 2017-09-18 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2017-09-18 17:33 - 1999-07-13 20:02 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32qt.exe
2017-09-18 17:32 - 2017-09-18 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Time
2017-09-18 16:49 - 2017-09-19 19:20 - 000000000 ____D C:\Users\Hoshi\Documents\Project CARS
2017-09-18 16:49 - 2017-09-18 16:49 - 000000000 ____D C:\Users\Hoshi\Documents\wmd_symbol_cache
2017-09-17 20:26 - 2017-09-17 20:49 - 000000065 _____ C:\Users\Hoshi\Desktop\SL Foto Termine!.txt
2017-09-17 10:27 - 2017-09-17 10:29 - 021643807 _____ C:\Users\Hoshi\Desktop\Sound Fix v1.4.3.rar
2017-09-17 10:27 - 2017-09-17 10:28 - 021697338 _____ C:\Users\Hoshi\Desktop\Jaguar XJ220 v1.3.rar
2017-09-17 08:52 - 2017-09-17 09:35 - 000000000 ____D C:\Users\Hoshi\Documents\Assetto Corsa
2017-09-16 14:13 - 2017-09-16 14:13 - 000000000 ____D C:\Users\Hoshi\Desktop\Posen
2017-09-15 20:18 - 2017-09-15 20:21 - 000000000 ____D C:\Users\Hoshi\Documents\MindShow
2017-09-15 20:13 - 2017-09-15 20:13 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Mindshow
2017-09-15 19:43 - 2017-09-15 19:43 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Against Gravity
2017-09-15 15:52 - 2017-09-15 15:52 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Stress Level Zero
2017-09-13 20:38 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 20:38 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 20:38 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 20:38 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-13 20:38 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-13 20:38 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-13 20:38 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 20:38 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-13 20:38 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 20:38 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 20:38 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-13 20:38 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 20:38 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 20:38 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 20:38 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 20:38 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-13 20:38 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 20:38 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-13 20:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 20:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 20:34 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 20:34 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 20:34 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 20:34 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 20:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 20:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 20:33 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 20:33 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 20:33 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 20:33 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 20:33 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 20:33 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 20:33 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 20:33 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 20:33 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 20:33 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 20:33 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 20:33 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 20:33 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 20:33 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 20:33 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 20:33 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-13 20:33 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 20:33 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 20:33 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 20:33 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 20:33 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 20:33 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 20:33 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 20:32 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 20:32 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 20:32 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 20:32 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 20:32 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 20:32 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 20:32 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 20:32 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 20:32 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 20:32 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 20:32 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 20:32 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 20:32 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 20:32 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 20:32 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 20:32 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 20:32 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 20:32 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 20:32 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 20:32 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 20:32 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 20:32 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 20:32 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-09-13 20:32 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 20:32 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 20:32 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 20:32 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 20:31 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-13 20:31 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 20:31 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 20:31 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 20:31 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 20:31 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 20:31 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 20:31 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 20:31 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 20:31 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 20:31 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 20:31 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 20:31 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 20:31 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 20:31 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 20:30 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 19:33 - 2017-09-13 19:33 - 000000000 ____D C:\temp
2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Google
2017-09-12 16:44 - 2017-09-12 18:32 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-09-12 16:44 - 2017-09-12 16:44 - 000000000 ____D C:\Program Files\Virtual Desktop
2017-09-10 10:52 - 2017-09-10 11:30 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\Users\Hoshi\Documents\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\ProgramData\com.nolimitscoaster.nolimits2
2017-09-09 17:16 - 2017-09-09 17:16 - 000000000 ____D C:\Users\Hoshi\AppData\Local\E1
2017-09-09 13:53 - 2017-09-09 13:53 - 000000000 ____D C:\Users\Hoshi\M210Projects
2017-09-09 13:28 - 2017-09-09 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood [GOG.com]
2017-09-09 11:09 - 2017-09-09 11:34 - 000000000 ____D C:\Users\Hoshi\Desktop\Aufnahme Vorlagen
2017-09-09 09:04 - 2017-09-09 09:05 - 000000024 _____ C:\Users\Hoshi\Desktop\SL Hud verstecken.txt
2017-09-08 19:08 - 2017-09-08 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima series
2017-09-08 18:14 - 2017-09-08 18:14 - 000000000 ____D C:\Users\Hoshi\AppData\Local\DarkSoulsMapViewer
2017-09-08 17:54 - 2017-09-08 17:54 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Citor3 Entertainment Studio Oy
2017-09-08 17:40 - 2017-09-08 17:40 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\STUDIO MORI
2017-09-08 12:24 - 2017-09-08 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clive Barkers Undying [GOG.com]
2017-09-08 09:09 - 2017-09-08 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Suffering [GOG.com]
2017-09-07 11:18 - 2017-09-07 11:18 - 000003908 _____ C:\WINDOWS\SysWOW64\ST5UNST.003
2017-09-07 11:18 - 2017-09-07 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlaws [GOG.com]
2017-09-07 10:10 - 2017-09-07 10:11 - 000096730 _____ C:\WINDOWS\TRON 2.0 Killer App Mod Uninstall Log.txt
2017-09-06 15:55 - 2017-09-06 15:55 - 000001151 _____ C:\Users\Hoshi\Desktop\DTLite.exe - Verknüpfung.lnk
2017-09-06 15:03 - 2017-09-06 15:57 - 000000000 ____D C:\Users\Hoshi\Documents\OpenRA
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\Documents\DAZ 3D
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\ProgramData\DAZ 3D
2017-09-06 06:25 - 2017-09-06 06:25 - 000000979 _____ C:\Users\Hoshi\Desktop\DAZ Studio 4.9 (64-bit).lnk
2017-09-06 06:25 - 2017-09-06 06:25 - 000000000 ____D C:\Program Files\DAZ 3D
2017-09-05 20:22 - 2017-09-06 11:48 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2017-09-05 20:20 - 2017-09-05 20:20 - 000000000 ____D C:\Users\Public\Documents\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:25 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2017-09-05 20:19 - 2017-09-05 20:19 - 000000949 _____ C:\Users\Hoshi\Desktop\DAZ Install Manager.lnk
2017-09-05 18:57 - 2017-09-05 18:57 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-09-05 18:55 - 2017-09-05 18:55 - 000000279 _____ C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk
2017-09-05 17:50 - 2017-09-05 17:50 - 000001106 _____ C:\Users\Hoshi\Desktop\dosbox.exe - Verknüpfung.lnk
2017-09-01 19:29 - 2017-09-05 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MadOnion.com
2017-08-31 17:51 - 2017-08-31 17:51 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Lighthouse Games Studio
2017-08-29 15:23 - 2017-08-29 15:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Bungie
2017-08-28 17:33 - 2017-08-28 17:33 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemur
2017-08-26 15:31 - 2017-08-26 15:31 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Acid Wizard Studio
2017-08-25 14:34 - 2017-08-22 00:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-25 14:34 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-08-25 14:33 - 2017-08-22 03:01 - 040240248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 035924600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 029019072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 023132184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 018849456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 012225984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 011692344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 010072768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 004162496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 003712024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 003590592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001292096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001289840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001008816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001007280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000690320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000617232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-08-25 14:33 - 2017-08-22 03:01 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-08-24 16:01 - 2017-08-24 16:01 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Gaikai
2017-08-24 16:00 - 2017-08-24 16:15 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Sony Interactive Entertainment Network America LLC
2017-08-24 16:00 - 2017-08-24 16:00 - 000000000 ____D C:\Program Files\DIFX
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-23 16:52 - 2017-04-14 09:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-23 16:52 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-23 16:52 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-23 16:52 - 2014-03-15 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-23 16:47 - 2017-04-14 09:04 - 000000000 ____D C:\Users\Hoshi
2017-09-23 16:46 - 2015-01-30 20:17 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-23 16:33 - 2014-06-26 18:59 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-23 16:30 - 2017-04-14 09:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-23 13:14 - 2016-06-05 13:48 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Origin
2017-09-23 13:14 - 2014-03-20 18:26 - 000000000 ____D C:\Users\Hoshi\Documents\My Games
2017-09-23 13:14 - 2014-03-15 16:03 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-23 13:05 - 2014-03-15 16:33 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\UseNeXT
2017-09-23 12:54 - 2016-10-21 12:42 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-09-23 12:50 - 2014-03-15 15:20 - 000000000 ____D C:\ProgramData\Origin
2017-09-23 08:23 - 2014-10-19 17:11 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemaware
2017-09-23 07:28 - 2017-04-14 09:13 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{91BA399B-E431-49C7-9B9A-A968D8719897}
2017-09-23 07:22 - 2017-04-14 09:17 - 006638594 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-23 07:22 - 2017-03-20 06:41 - 003345334 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-23 07:22 - 2017-03-20 06:41 - 000904400 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-23 07:15 - 2016-06-05 13:41 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Temp
2017-09-23 07:04 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-23 07:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-22 19:48 - 2014-06-26 18:59 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-09-22 19:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Performance
2017-09-22 19:04 - 2014-03-19 20:22 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\vlc
2017-09-22 15:43 - 2015-11-17 21:12 - 000000000 ____D C:\Users\Hoshi\AppData\Local\CrashDumps
2017-09-22 06:17 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-22 05:15 - 2014-11-13 05:39 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-09-21 20:24 - 2016-03-19 10:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-21 18:54 - 2015-06-21 13:23 - 000000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP
2017-09-21 18:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-09-21 18:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-09-21 17:40 - 2017-04-14 09:13 - 000003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-21 17:40 - 2017-04-14 09:13 - 000003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-20 16:33 - 2014-12-06 17:48 - 000000000 ____D C:\Users\Hoshi\AppData\Local\gtk-2.0
2017-09-20 16:33 - 2014-12-06 17:39 - 000000000 ____D C:\Users\Hoshi\.gimp-2.8
2017-09-19 21:08 - 2014-03-30 14:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\TS3Client
2017-09-18 19:11 - 2014-03-15 15:32 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Skype
2017-09-18 18:19 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Programme
2017-09-18 17:35 - 2015-12-13 09:21 - 000000000 ____D C:\Users\Hoshi\AppData\Local\ElevatedDiagnostics
2017-09-18 17:33 - 2014-05-11 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-09-16 14:13 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Games
2017-09-15 18:27 - 2017-05-21 16:47 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Battle.net
2017-09-14 17:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-14 06:10 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-14 06:09 - 2017-04-14 09:03 - 005290080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 20:58 - 2017-03-20 06:41 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 20:57 - 2017-04-29 07:35 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Mixxx
2017-09-13 20:44 - 2014-03-15 17:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 20:43 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 20:43 - 2014-03-15 17:02 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 20:00 - 2014-03-19 18:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\uTorrent
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 18:32 - 2014-05-17 19:23 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-09-12 18:31 - 2014-03-15 16:03 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-09-12 18:16 - 2015-07-03 19:19 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Google
2017-09-12 18:02 - 2014-03-15 16:03 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-09-12 16:23 - 2014-03-15 14:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-12 16:23 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-11 20:25 - 2017-02-18 07:18 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Cronus
2017-09-10 19:43 - 2015-05-20 17:19 - 000000000 ____D C:\Users\Hoshi\Documents\The Witcher 3
2017-09-09 19:09 - 2014-03-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-07 11:18 - 2016-04-16 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Gold [GOG.com]
2017-09-07 11:18 - 2014-06-16 17:24 - 000000390 _____ C:\WINDOWS\SysWOW64\ilent
2017-09-07 11:17 - 2017-07-18 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F.E.A.R. Platinum Collection [GOG.com]
2017-09-07 11:17 - 2016-12-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage [GOG.com]
2017-09-05 18:57 - 2017-05-23 16:41 - 000002237 _____ C:\Users\Hoshi\Desktop\Discord.lnk
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\discord
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Discord
2017-09-05 18:46 - 2017-07-16 08:25 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Thunder Lotus Games
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-30 19:57 - 2015-11-02 18:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 05:56 - 2015-07-03 19:19 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 18:17 - 2017-07-19 20:18 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Firestorm
2017-08-26 15:28 - 2017-05-25 16:10 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAEMON Tools Lite
2017-08-25 15:05 - 2014-03-22 15:08 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Blizzard Entertainment
2017-08-25 14:35 - 2017-04-14 09:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-25 14:35 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-25 14:35 - 2016-07-07 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-25 14:34 - 2016-03-19 18:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-07-18 20:03 - 2016-07-18 20:03 - 000006144 _____ () C:\Program Files (x86)\com.htc.vive.setup.bilogclient
2015-12-26 23:05 - 2015-12-27 14:56 - 000000297 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Login.ini
2015-12-26 23:06 - 2015-12-27 16:12 - 000001427 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Options.ini
2016-08-14 16:25 - 2016-08-14 16:32 - 000000224 _____ () C:\Users\Hoshi\AppData\Roaming\highScores.txt
2015-09-21 14:52 - 2015-09-21 14:52 - 000000099 _____ () C:\Users\Hoshi\AppData\Roaming\LauncherSettings_live.cfg
2015-09-21 14:44 - 2015-09-21 14:44 - 000010525 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_live.bin
2015-09-21 14:43 - 2015-09-21 14:43 - 000000040 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-11-15 21:03 - 2015-12-02 22:37 - 000003317 _____ () C:\Users\Hoshi\AppData\Roaming\VoiceMeeterDefault.xml
2015-01-30 20:11 - 2016-12-03 10:20 - 000010752 _____ () C:\Users\Hoshi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-19 11:53 - 2016-10-19 11:53 - 000000291 _____ () C:\Users\Hoshi\AppData\Local\ledConfiguration.config
2016-10-19 11:53 - 2016-12-25 12:58 - 000000737 _____ () C:\Users\Hoshi\AppData\Local\NvidiaLEDVisualizer.config
2016-03-15 17:36 - 2016-03-26 20:52 - 000000600 _____ () C:\Users\Hoshi\AppData\Local\PUTTY.RND
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ () C:\Users\Hoshi\AppData\Local\recently-used.xbel
2016-07-31 13:54 - 2017-04-02 16:11 - 000007659 _____ () C:\Users\Hoshi\AppData\Local\Resmon.ResmonCfg
2014-12-23 13:43 - 2014-12-23 13:43 - 000004999 _____ () C:\ProgramData\auqrgqib.ttw
2017-04-14 09:04 - 2017-04-14 09:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-04 09:56 - 2017-05-04 18:25 - 000000257 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-04-08 22:13 - 2017-04-08 22:13 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-15 14:00
==================== Ende von FRST.txt ============================
|
|
23.09.2017, 16:02
| #14 |
| | Windows 10 64bit : Verdacht auf Maleware addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-09-2017 02
durchgeführt von Hoshi (23-09-2017 16:55:49)
Gestartet von C:\Users\Hoshi\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-14 07:15:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1299527896-1211748070-1707534253-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1299527896-1211748070-1707534253-503 - Limited - Disabled)
Gast (S-1-5-21-1299527896-1211748070-1707534253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1299527896-1211748070-1707534253-1002 - Limited - Enabled)
Hoshi (S-1-5-21-1299527896-1211748070-1707534253-1000 - Administrator - Enabled) => C:\Users\Hoshi
Mcx1-HOSHI-PC (S-1-5-21-1299527896-1211748070-1707534253-1005 - Limited - Enabled) => C:\Users\Mcx1-HOSHI-PC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Chair in a Room: Greenwater (HKLM\...\Steam App 427760) (Version: - Wolf & Wood Interactive Ltd)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{151974E9-9B16-47DC-8B57-5684A1E42127}) (Version: 12.1.1.151 - Adobe Systems, Inc)
Aeon (HKLM\...\Steam App 543390) (Version: - Illusion Ranger)
Agents of Mayhem (HKLM\...\Steam App 304530) (Version: - Deep Silver Volition)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
American Truck Simulator (HKLM\...\Steam App 270880) (Version: - SCS Software)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{AFADB5DC-3ABC-421F-9DAD-BDABE511258B}) (Version: 4.0.51117.1 - Microsoft Corporation)
Arizona Sunshine (HKLM\...\Steam App 342180) (Version: - Vertigo Games)
Art of Fight (HKLM\...\Steam App 531270) (Version: - Raptor-Lab)
Assetto Corsa (HKLM\...\Steam App 244210) (Version: - Kunos Simulazioni)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos)
Axiom Verge (HKLM\...\Steam App 332200) (Version: - Thomas Happ Games LLC)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Battlezone (HKLM\...\Steam App 312650) (Version: - Rebellion)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
Bullets And More VR - BAM VR (HKLM\...\Steam App 525640) (Version: - Koenigz)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version: - Infinity Ward)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version: - )
Clive Barker's Undying (HKLM-x32\...\1207659191_is1) (Version: 2.1.0.9 - GOG.com)
Cloudlands : VR Minigolf (HKLM\...\Steam App 425720) (Version: - Futuretown)
Cmoar VR Cinema (HKLM\...\Steam App 527160) (Version: - Cmoar Studio)
Comedy Night (HKLM\...\Steam App 665360) (Version: - Lighthouse Games Studio)
Conan Exiles (HKLM\...\Steam App 440900) (Version: - Funcom)
Conarium (HKLM\...\Steam App 313780) (Version: - Zoetrope Interactive)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH)
CoolSoft VirtualMIDISynth 1.14.1 (HKLM-x32\...\CoolSoft VirtualMIDISynth) (Version: 1.14.1.0 - CoolSoft)
Cronus PRO 1.20 (HKLM-x32\...\Cronus PRO) (Version: 1.20 - CronusMAX Team)
CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.6.43412 - CtrlAltStudio)
Cyberduck (HKLM-x32\...\{27F61226-4F73-4617-BEDF-DBCB5C6D35D3}) (Version: 5.0.3.20504 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{be4c3b9a-7362-4e8b-a310-225db8ff97d6}) (Version: 5.0.3.20504 - iterate GmbH)
Dangerous Golf (HKLM\...\Steam App 405500) (Version: - Three Fields Entertainment)
DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version: - Double Fine Productions)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.71) (Version: 1.1.0.71 - DAZ 3D)
Dead Effect 2 VR (HKLM\...\Steam App 646200) (Version: - BadFly Interactive, a.s.)
DeliPlayer (HKLM-x32\...\DeliPlayer2) (Version: - )
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Discord (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
DOOM (HKLM\...\Steam App 379720) (Version: - id Software)
Dotfuscator and Analytics Community Edition 5.19.0 (HKLM-x32\...\{4C5B1DD0-7E8E-4972-9247-818E6D030552}) (Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Duck Season (HKLM\...\Steam App 503580) (Version: - Stress Level Zero)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version: - Frontier Developments)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
EVERSPACE™ (HKLM\...\Steam App 396750) (Version: - ROCKFISH Games)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.6 - GOG.com)
Fast Action Hero (HKLM\...\Steam App 534000) (Version: - Sirius Sam)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firestorm-Release (HKLM-x32\...\Firestorm-Release) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.1.119 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.21.610 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Full Throttle Remastered (HKLM\...\Steam App 228360) (Version: - Double Fine Productions)
Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)
G4E (HKLM-x32\...\{D42540BE-EB5A-9420-8101-6D87DCDACD9E}) (Version: 1.7 - UNKNOWN) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.7 - UNKNOWN)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Games (HKLM\...\{55956d7b-35e0-49fa-8343-7adc8e1eb34b}.sdb) (Version: - )
Ghost of a Tale (HKLM\...\Steam App 417290) (Version: - SeithCG)
Ghost Town Mine Ride & Shootin' Gallery (HKLM\...\Steam App 459010) (Version: - Spectral Illusions)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth VR (HKLM\...\Steam App 348250) (Version: - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GORN (HKLM\...\Steam App 578620) (Version: - Free Lives)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HCS VoicePacks Deutsch AURORA version 2.0 (HKLM-x32\...\{D53FEFBB-C717-403A-8246-D8F2BFC507DA}_is1) (Version: 2.0 - HCS VoicePacks Ltd)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version: - Ninja Theory)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games)
ILLUSION HoneySelect (HKLM-x32\...\{1F709DAC-507B-47DA-B04F-367EF5AA20B4}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
INSIDE (HKLM\...\Steam App 304430) (Version: - Playdead)
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Island 359 (HKLM\...\Steam App 476700) (Version: - CloudGate Studio, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Job Simulator (HKLM\...\Steam App 448280) (Version: - Owlchemy Labs)
John Wick Chronicles (HKLM\...\Steam App 382360) (Version: - Starbreeze Studios)
Karnage Chronicles (HKLM\...\Steam App 611160) (Version: - Nordic Trolls)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.66 (HKLM-x32\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes)
Layers of Fear (HKLM-x32\...\Steam App 391720) (Version: - Bloober Team SA)
Lethal VR (HKLM\...\Steam App 532270) (Version: - Three Fields Entertainment)
Lethe - Episode One (HKLM\...\Steam App 407780) (Version: - KoukouStudios)
Lockdown: Stand Alone (HKLM\...\Steam App 513270) (Version: - Viversion)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MAGIX Common Components 1 (HKLM-x32\...\{7A8B2204-574B-42A2-A3DC-52AE142D197F}) (Version: 1.2.0.0 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fonts Package 1 (HKLM-x32\...\{3859AC53-3C30-4885-AA6B-5DAC442AC871}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fonts Package 2 (HKLM-x32\...\{BCE30F6A-D172-4A2A-94FC-65B6749FDBC7}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM\...\{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{81F7511B-CB79-40CB-B173-35292038A84D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\MX.{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\MX.{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\MX.{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\MX.{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{310EA489-7C68-407E-A246-D600398647F8}) (Version: 15.0.0.107 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{7751963F-7D88-4626-BEFE-9A848F7400B4}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{AA6874A6-C7EB-42D5-B434-A86B75E00F32}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{D02B20D4-DA3E-4542-ADFD-D2B0BC8A1E84}) (Version: 15.0.0.102 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\MX.{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\MX.{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\MX.{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MakeMKV v1.10.2 (HKLM-x32\...\MakeMKV) (Version: v1.10.2 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel's Guardians of the Galaxy: The Telltale Series (HKLM\...\Steam App 579950) (Version: - Telltale Games)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62607.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62607.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindshow (HKLM\...\Steam App 382000) (Version: - Mindshow, Inc.)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Monster Maze VR (HKLM\...\Steam App 543600) (Version: - 4 Fun Studio)
Mozilla Firefox 55.0.3 (x64 de) (HKLM\...\Mozilla Firefox 55.0.3 (x64 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{FA0599C5-C083-41BE-8AEA-E8EB9070D128}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{6B088B33-748B-4AFD-B6D1-841F298B5D52}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
My Game Long Name (HKLM\...\UDK-6a43523d-137c-4ffe-8432-fea0f9ad936e) (Version: - Epic Games, Inc.)
Nature Treks VR (HKLM\...\Steam App 587580) (Version: - John Carline)
Nero Burning ROM 2014 (HKLM-x32\...\{AB51F94A-8AA0-4F96-81B1-0446BA681083}) (Version: 15.0.02700 - Nero AG)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version: - Infinitap Games)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NewBlue Titler Pro Express For Magix (HKLM\...\NewBlue Titler Pro Express For Magix) (Version: 1.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
nGlide 1.03 (HKLM-x32\...\nGlide) (Version: 1.03 - Zeus Software)
NightCry (HKLM\...\Steam App 427660) (Version: - Nude Maker)
Nock: Hidden Arrow (HKLM\...\Steam App 525210) (Version: - CodeBison Games)
NoLimits 2 Roller Coaster Simulation (HKLM\...\Steam App 301320) (Version: - Ole Lange)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.0 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Observer (HKLM\...\Steam App 514900) (Version: - Bloober Team SA)
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM\...\{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM\...\{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM\...\{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 2.1.0.24 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outlast 2 (HKLM\...\Steam App 414700) (Version: - Red Barrels)
Outlaws (HKLM-x32\...\1425302464_is1) (Version: 2.1.0.11 - GOG.com)
Overload (HKLM\...\Steam App 448850) (Version: - Revival Productions, LLC)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paranormal Activity: The Lost Soul (HKLM\...\Steam App 467660) (Version: - VRWERX)
Pavlov VR (HKLM\...\Steam App 555160) (Version: - davevillz)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version: - Frictional Games)
Pierhead Arcade (HKLM\...\Steam App 435490) (Version: - Mechabit Ltd)
Planet Coaster (HKLM\...\Steam App 493340) (Version: - Frontier Developments)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
Pool Nation VR (HKLM\...\Steam App 269170) (Version: - Cherry Pop Games)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Prey (HKLM\...\Steam App 480490) (Version: - Arkane Studios)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PS4 Remote Play (HKLM-x32\...\{079C8DC3-767F-46CF-B871-14D21FCC2890}) (Version: 2.0.0.02211 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Quantum Break (HKLM\...\Steam App 474960) (Version: - Remedy Entertainment)
Quell 4D (HKLM\...\Steam App 534230) (Version: - Rubycone)
Quest 5.6.1 (HKLM-x32\...\Quest_is1) (Version: 5.6.1 - Alex Warren)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Raw Data (HKLM\...\Steam App 436320) (Version: - Survios)
Realms of the Haunting (HKLM-x32\...\Realms of the Haunting_is1) (Version: - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Rec Room (HKLM\...\Steam App 471710) (Version: - Against Gravity)
Redneck Rampage Collection (HKLM-x32\...\1207658674_is1) (Version: 2.1.0.12 - GOG.com)
Redout (HKLM\...\Steam App 517710) (Version: - 34BigThings srl)
Resident Evil: Operation Raccoon City (HKLM-x32\...\{43430FA1-388E-4359-A6DB-DA1000048401}) (Version: 1.0.0004.132 - CAPCOM U.S.A, INC) Hidden
Return to Castle Wolfenstein (HKLM-x32\...\1441704976_is1) (Version: 2.0.0.2 - GOG.com)
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
Rez Infinite (HKLM\...\Steam App 636450) (Version: - Monstars Inc.)
Rick and Morty: Virtual Rick-ality (HKLM\...\Steam App 469610) (Version: - Owlchemy Labs)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rising Storm 2: Vietnam (HKLM\...\Steam App 418460) (Version: - Antimatter Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Roslyn Language Services - x86 (HKLM-x32\...\{6A7F37C9-1E37-3A9A-93D4-09BBEB4BD343}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Saints Row: The Third (HKLM\...\Steam App 55230) (Version: - Volition)
Secret World Legends (HKLM\...\Steam App 215280) (Version: - Funcom)
Serious Sam VR: The First Encounter (HKLM\...\Steam App 552450) (Version: - Croteam VR)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version: - Flying Wild Hog)
SHOUTcast DNAS (remove only) (HKLM-x32\...\SCDNAS) (Version: - )
Sin (HKLM-x32\...\Sin) (Version: - )
Sin Gold (HKLM-x32\...\GOGPACKSINGOLD_is1) (Version: 2.0.0.9 - GOG.com)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SlimDX Redistributable (June 2010) (HKLM-x32\...\{354D00E0-C7C9-4BC1-BC12-08C4977AA827}) (Version: 2.0.10.43 - SlimDX Group)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Soldier of Fortune - Community Edition 6.1 (HKLM-x32\...\Soldier of Fortune - Community Edition 6.1) (Version: - )
Sonic Mania (HKLM\...\Steam App 584400) (Version: - Christian Whitehead)
Soundscape VR (HKLM\...\Steam App 636930) (Version: - Groove Science)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version: - )
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version: - Streum On Studio)
Spirits of Xanadu (HKLM-x32\...\Steam App 312230) (Version: - Good Morning, Commander)
Spotify (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Battlefront™ II Closed Alpha (HKLM-x32\...\{d32f9b53-3a06-4720-bc64-c56f0fe8256a}) (Version: 1.0.0.0 - Electronic Arts)
STASIS (HKLM\...\Steam App 380150) (Version: - THE BROTHERHOOD)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteamDolls VR Demo (HKLM\...\Steam App 528690) (Version: - The Shady Gentlemen)
SteamWorld Dig (HKLM-x32\...\{F81E6BA3-5772-4435-B635-D71E90130052}) (Version: 1.10.0.0 - Image & Form)
STRAFE® (HKLM\...\Steam App 442780) (Version: - Pixel Titans)
Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version: - Rogue Entertainment)
SUPERHOT VR (HKLM\...\Steam App 617830) (Version: - SUPERHOT Team)
SVRVIVE: The Deus Helix (HKLM\...\Steam App 509540) (Version: - SVRVIVE Studios)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
System Shock 2 (HKLM\...\Steam App 238210) (Version: - Irrational Games)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version: - Telltale Games)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{48992F68-BEE6-35D8-89AC-6A81406F1096}) (Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Terminator Future Shock + SkyNET version 1.0 (HKLM-x32\...\{AC9D63E6-A090-49E3-95CA-9CAA6706AEAF}_is1) (Version: 1.0 - Bethesda Softworks)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Brookhaven Experiment (HKLM\...\Steam App 440630) (Version: - Phosphor Games)
The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\GOGPACKRIDDICK_is1) (Version: 2.0.0.10 - GOG.com)
The Gallery - Episode 1: Call of the Starseed (HKLM\...\Steam App 270130) (Version: - Cloudhead Games ltd.)
The Klub 17 (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Klub-7) (Version: 7.5.0 - Team WRK17)
The Lab (HKLM\...\Steam App 450390) (Version: - Valve)
The Solus Project (HKLM\...\Steam App 313630) (Version: - Hourences)
The Suffering (HKLM-x32\...\1268478205_is1) (Version: 1.0.1 - GOG.com)
The Unwelcomed (HKLM\...\Steam App 504560) (Version: - The Unwelcomed Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
theBlu (HKLM\...\Steam App 451520) (Version: - Wevr, Inc.)
TheWaveVR (HKLM\...\Steam App 453000) (Version: - TheWaveVR)
Thief 3 Sneaky Upgrade SDB (HKLM\...\{61271900-d6b0-4da5-801b-7127a8713df1}.sdb) (Version: - )
Thief 3 Sneaky Upgrade version 1.1.5.2 (HKLM-x32\...\{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1) (Version: 1.1.5.2 - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.1.0 - Electronic Arts, Inc.)
Tormentum - Dark Sorrow (HKLM\...\Steam App 335000) (Version: - OhNoo Studio)
TrackMania² Canyon (HKLM\...\Steam App 228760) (Version: - Nadeo)
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
TypeScript Power Tool (HKLM-x32\...\{7FBEE165-A653-4B2A-A93A-4643794E22A8}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{D7C8A95B-B1EE-43B1-837D-C73D1321FEBA}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
Tyrian 2000 (HKLM-x32\...\1207658901_is1) (Version: 2.1.0.13 - GOG.com)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ulead MediaStudio Pro 8.0 (HKLM-x32\...\{A6E71574-2126-4E95-816E-32B2411C94BA}) (Version: 8.0 - Ulead Systems, Inc.)
Ultima Underworld 2 (HKLM-x32\...\1207662473_is1) (Version: 2.1.0.20 - GOG.com)
Ultimate Booster Experience (HKLM\...\Steam App 499620) (Version: - GexagonVR)
Uninvited: MacVenture Series (HKLM\...\Steam App 343810) (Version: - Zojoi)
Unknown Pharaoh (HKLM\...\Steam App 576100) (Version: - 4 Fun Studio)
Unreal Gold (HKLM-x32\...\1207658679_is1) (Version: 2.1.0.6 - GOG.com)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vanishing Realms (HKLM\...\Steam App 322770) (Version: - Indimo Labs LLC)
Vasco da Gama 9 HD Essential (HKLM-x32\...\{132A1B32-8C6A-416C-B7FB-7D4CD54C18DE}) (Version: 9.00.0000 - MotionStudios)
Vertigo (HKLM\...\Steam App 465430) (Version: - Zach Tsiakalis-Brown)
Virtual Desktop (HKLM\...\Steam App 382110) (Version: - Guy Godin)
Virtual Desktop Service (HKLM\...\{2F1A2C04-7695-47E1-B69E-B2B5B2038C39}) (Version: 1.5.1 - Guy Godin)
Visual Basic 5.0 (C:\WINDOWS\system32\) #3 (HKLM-x32\...\ST5UNST #3) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #4 (HKLM-x32\...\ST5UNST #4) (Version: - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #5 (HKLM-x32\...\ST5UNST #5) (Version: - )
Visual Basic 5.0 (C:\Windows\system32\) (HKLM-x32\...\ST5UNST #2) (Version: - )
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version: - )
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
Vita 2 (HKLM\...\{39B956AD-00E8-4561-B6CC-7E91BDEDB0AF}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Concert Grand LE (HKLM\...\{0501DF32-8054-41E0-A1D1-B6BEAB54CACF}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vita Drum Engine (HKLM\...\{E5494279-4C0C-4220-9B41-A6BC89D6A92E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (HKLM\...\{D14FE00B-0E75-462A-936A-C9483A20D0D0}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
Vita Power Guitar (HKLM\...\{69F05894-87A2-4E92-A6E3-EE8937D09CC0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceAttack version 1.5.12 (HKLM-x32\...\{D6EDF6DB-029E-4A34-A3A0-D960CB0FCB2A}_is1) (Version: 1.5.12 - VoiceAttack.com)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
vorpX (HKLM-x32\...\{C136D0CC-9077-4979-801E-6B5A956EED6A}_is1) (Version: 17.1.3.0 - Animation Labs)
VRporize - VR FPS (HKLM\...\Steam App 498970) (Version: - Mercury Aerospace Industries)
VS Update core components (HKLM-x32\...\{5F7870A1-0586-313E-A9FF-3249DCE9F63A}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version: - Aldin Dynamics)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Wheel of Time (HKLM-x32\...\Wheel of Time) (Version: - )
White Night (HKLM-x32\...\Steam App 301560) (Version: - OSome Studio)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windlands (HKLM\...\Steam App 428370) (Version: - Psytec Games Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08060686-DA7A-4F81-903F-5EF5846EBC46} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10FB4821-8293-4FB8-93AC-ED877096D358} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {15CEA677-3D1C-403A-8EE5-9C536AE36655} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3356136B-5DA8-4E2C-94F1-D934C3FFD02A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33D241F7-FCC1-4696-BA50-24F80B532744} - System32\Tasks\{EA0A359E-2C55-46AC-83DB-0F986B25B53B} => C:\Windows\system32\pcalua.exe -a E:\WMEncoder64.exe -d E:\
Task: {39B3A4D0-967A-4B83-8FAE-BFC9CCF78C7C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {3C768F76-478B-4129-836E-66BBD535DF4B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CA1C205-5779-4D65-9B79-03CA693A49ED} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-05-10] (MAGIX Software GmbH)
Task: {3F26B3E2-B93D-49BD-BC7E-5F720B51C994} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {415F7118-E84D-43AD-B678-2809A265ACDD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52FD4488-82FE-4FC3-A835-7330FDE39B8B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58E0F5EB-6F42-4B37-A50A-952C0182547B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A2D88F9-D511-4485-A81D-E9539F5865C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D12D0DE-7C2D-43EB-88A7-25C081D80C44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6509C4C3-BDFD-4861-ABD9-95C391A5DA45} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67D99D18-6635-4D3E-869B-A89F58F4E0BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {6ACACBFB-34D5-4E50-99F6-7C2E8F65870B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DFFA0FA-204A-4DB6-A32D-36551F60CD88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {71CC4BE9-738E-4546-A312-5370DAC238D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {72C2654C-0345-4427-92A1-203E5906A350} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE287C4-2286-41C0-8590-B925FB2DD061} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8426F389-7EEE-48D3-86F8-A0B7F68C0351} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9502FC37-4BF3-4187-97DB-BB885F817B28} - System32\Tasks\{540C4F0A-AFE9-41B0-8BED-770ADCAFCFDD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/de/abandoninstall?page=tsMain
Task: {9F4B56CC-50E0-44AF-946B-932FF1BB8876} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {ADEAE2A2-DBBC-4FEA-AE2B-1ACCCCA9F22C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B265853E-1EB9-4490-8346-026981D861F1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B7290E7F-96E2-49E1-94BC-17D8FC712ACF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF0E8690-E916-421C-925C-8EF2FB370D68} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {D61F55A8-B0BB-4781-80FD-8F7B16E7EA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E025C148-A5D4-4254-AAA8-1B4360B2374B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {E6B257D7-040D-4610-AFE5-4256956C9B14} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAE39C83-0CAA-4312-907A-1243969BAB66} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {ED55E21A-57DB-4591-8F95-58F0658945D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F2A52317-F2C1-4630-87BC-E12B2FFC7496} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F5132FA3-CAD1-4315-BF63-D7542912C7C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F75A3443-BF9D-4B1D-BAB0-DA6B05C232BC} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-HOSHI-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {FC7911CA-4CA6-4249-A2B5-D3C065E61A89} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC8098E2-47F8-48D3-A990-2172097B9ABA} - System32\Tasks\{1B9BAEFE-CA33-481C-8FAF-AF1A3509FC73} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield - Bad Company 2\Cleanup.exe" -c uninstall_game -autologging
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Hoshi\Desktop\Games\InLucysEyes.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\InLucysEyes\InLucysEyes.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\Desktop\Games\TenebrisLake.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\TenebrisLake.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-19 21:54 - 2017-07-19 21:54 - 000330208 _____ () C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
2014-12-26 23:05 - 2011-07-28 18:06 - 000297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-12-26 23:05 - 2011-07-27 12:53 - 000360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2014-03-15 14:20 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\skype.com -> hxxps://apps.skype.com
|
|
23.09.2017, 16:02
| #15 |
| | Windows 10 64bit : Verdacht auf Maleware addition fortsetzung Code:
ATTFilter ==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-09-07 10:11 - 000000027 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hoshi\AppData\Roaming\mozilla\firefox\desktop-hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: LogitechQuickCamRibbon => "D:\Programme\Logitech\Webcam\Logitech WebCam Software\LWS.exe" /hide
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{BA585EE1-A7F9-49C7-88D7-522B7C9DC59D}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E0DC3C0F-8A5A-4950-B29C-A9CC62B6E5CA}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{702407FC-570B-48B7-B575-F088B82F5FD7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DEEF9EE1-3254-466A-98B9-C6EF05212ACD}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{19C290C3-9D18-4F16-B042-EFF275DA013C}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [TCP Query User{A632B5B6-D96A-4EA2-A892-8626A8AF81A8}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [UDP Query User{1E455C75-FB8D-483B-91A4-B8C11BE4C869}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [TCP Query User{813295F7-78FC-4553-AC43-715C5B7879F5}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [{3C3D2E69-5741-4D9C-8BA6-F881ECC18C21}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AA3B8C49-6083-48B9-AE89-19BC7C9097E3}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AC96AE27-8529-497D-8B66-FCC05C1371F3}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{A7801E9D-E656-4A15-A6D0-32B372633B3A}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{F90A37A4-FB13-402B-B550-8F4E250A6235}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{003666E4-1942-464C-8684-9E3839ACA7ED}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{5D395514-FDFF-41A2-9CD5-AEF110564C5E}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{DD6D3136-65A5-46F7-B3F2-9309062D411C}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{6B0A2104-10B4-44D9-83FF-602956979021}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{2EA87923-BA90-4961-B89D-8193B1BA93B7}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{4C28E660-F41C-4E65-BE80-7BCCA081576B}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{97BEA2F2-001B-4D94-A00B-9C1B06EBD466}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{E97CCF0D-855F-4E08-91CD-B3B76D5ECE85}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{ADA15F69-55DB-43BD-8F88-F6183D6DCE81}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{E0CEF3DC-4FAE-458D-9748-B22736715E69}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [{9813278E-1BE2-419A-BF40-0A0AFC5DE0FC}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [UDP Query User{1FDBA183-7457-486A-8B59-C110F9C0AA2B}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{DFF78058-8AF5-447D-9241-DAAD9F1A1678}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{4223108D-1598-41A0-9C7D-C98C2C7E8CF0}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{D6FE4E3D-1689-4D1C-8769-66E136EB5BFD}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{07F2908B-71B8-4032-8FCA-9B9F60CD886D}] => (Allow) OVRServer_x64.exe
FirewallRules: [{68A4192E-0BCE-4E38-B01C-7D04950BB40B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{0F30DC54-5C6A-4862-9E20-9CA261B83F8B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{4806CE95-7DBE-4F03-9E01-0E8C5E15CE1B}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{9B495424-3E3E-48C7-9734-B427D7AA5148}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{56D51920-A5CD-4085-B0AE-E21ED31050B7}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{778CDE73-7D13-4DAC-A715-F9998C193F4C}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{16FBA39D-A8FB-4368-AE02-748CFDC4C0BB}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8F1A9D38-4640-4CAE-B1B3-6B1659F740EE}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{DE830C2D-2792-4793-B8C3-03EE4268374A}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{69B2D7B0-0B35-4D67-870F-B80D5DA11976}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{C02F1FD2-BE14-4B1D-820D-88F3FB6CADED}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{349FF32B-00CD-4466-BD48-49EC3ECF16E1}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{67B64759-2152-491A-B7FD-5F2D77A134C5}] => (Allow) OculusClient.exe
FirewallRules: [{B354CDB8-59FB-4AD5-B91B-1FE9E59160DA}] => (Allow) OculusClient.exe
FirewallRules: [{1E2E29D8-EDB5-4745-9273-0E2B44C2BA12}] => (Allow) OculusVR.exe
FirewallRules: [{B3B70576-2AA5-479D-BB33-ED66BF047058}] => (Allow) OculusVR.exe
FirewallRules: [{BD2E0371-BC51-40C5-8AC5-994147DFF03C}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{70CC2275-610A-4F6B-BD23-E5BFA14550B0}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{A3E91647-CBBA-4C2A-8966-4A9D1953C275}] => (Allow) OVRServer_x64.exe
FirewallRules: [{CFC50AAE-31A2-464D-B8EC-1440BC8AF75F}] => (Allow) OVRServer_x64.exe
FirewallRules: [{5DDA393E-C726-404A-B6BE-C81B852BE85E}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{AE7789AE-2746-4886-8A8C-0A9611145455}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{C0FA4152-1304-4909-9983-0E0B4DF8231E}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{F0B60581-18FA-4DA4-A857-7074717EFEB2}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{36C15119-7D97-4269-8318-0A54BF0699CE}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{15EFFFD8-2995-4D7A-8A1D-D55F0FBD3F00}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [UDP Query User{1F46EB63-73BB-49B7-B16A-AAABA83463D3}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [TCP Query User{DF38C388-6EF5-40E2-ABB5-7A7806CB462F}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [{2EC97B86-1219-49A0-A7A2-7391D7E3E416}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{4D349B1F-5DAA-4F16-B516-B91CF9D6E1C3}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{333A85DC-E692-4A7C-AC1E-923930542B8D}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{0A0E4521-8BE0-499A-A7CC-2D14A50E7945}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{FDAD1FE0-97EC-4D00-97CF-48EB0C58EF09}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{40561B9E-A123-4908-B83A-3C88C57B5391}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{CC04E9D0-241D-4D79-A268-A88497F20AD3}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{2EECEE85-CFEE-4509-9F24-B1B03D3EE827}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [UDP Query User{45EB9ED9-0CAA-453D-B4D9-06B7B2FEBB5C}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{800CB73E-7CA2-463E-8EE9-3C87FF3734FA}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{50A12DFF-801A-4AF4-9920-7E5B463506CD}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{54606CA1-DA6B-4AF5-967A-E12F76C20ABC}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [{BF733EBD-02BE-4B5C-8C19-2FA8AF6ADEB7}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{B673414B-67A0-4DE7-8BA7-4910EA606C90}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{9FC42CE6-3FA4-466E-B7B5-E497154C3240}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{53723693-0DAF-4DE7-9B73-9154E45330ED}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DBD75664-BE69-4222-985F-4C52ACDD34DA}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{3FB2591D-93B5-4808-AD14-D34BBF3C9876}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{291A965C-E12B-4661-B704-83E8743BB52C}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{9E376CE6-426A-4E7E-B116-65B088452225}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{43037CC1-0C70-40A3-8BEA-6392BC9CA3CD}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{3F8F8D1C-5E0A-4FE8-81D4-0E90A5304A85}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [UDP Query User{2933B71E-AD92-47FB-9833-2943E612033A}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{7C1C116D-BB06-4F08-9FF8-06F1BCAF6231}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{65A88DF4-D55D-4D10-B267-092E4E81595E}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{61AB9D3C-7E2C-498E-B4C0-403D0D38CE33}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{1B64888E-6A42-422E-ADCA-E1AC56995ED7}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{7C71C520-0138-4A51-8DAF-2DC62ACAFFC2}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{53ED8D1A-8BED-457E-AE41-F08A40127E3C}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{BD6E9A75-9511-45A6-BB74-05CD434D17F6}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{DE5A1E59-8DB6-4619-AA85-79AC39691117}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{5695F430-0FE8-48C1-A594-CF8C4FD0704A}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{B5DA8A5E-4D4F-4C20-95F3-6B65B41ACD8E}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A4C7EA8-EA75-4249-8A13-A5DFD9404043}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C96678AE-C5EB-4085-A06B-F142B7C9CF80}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [{0D6113C4-FD38-466D-BA47-3844AB491F38}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [UDP Query User{16FB7109-76B1-49E7-AD78-62CAB08F652C}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [TCP Query User{F31A3F18-2596-450D-B0E2-3D2B785BEF25}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [{5005CEA3-87E3-4E58-9E27-AB3FD75FBC88}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{DE4E352D-3ADD-436E-BAA1-BE95D3987B52}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{2E4E90F2-95CF-425D-8541-030B3D462F85}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{477BC455-D26F-420D-B5FB-7C3F96B3A73D}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{06865A7F-2F3F-4008-AECF-96E39B11738D}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AA3DC80E-C831-4309-B0F4-A176BFF7030C}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AFFA8C04-DCAA-48EC-AE74-2AD45EF733FF}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{2F642C70-E2AE-4442-8001-EA9124030D71}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{4E547210-56DD-436D-AFB6-26132F63F1C3}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [{5AEACF73-9594-4924-9B2E-0EAA5121E625}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [UDP Query User{44EAC687-8C54-4322-8240-F8FB63E03101}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{24758668-2959-4BC3-8E2C-3E9E455E6734}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{5D898310-DB54-49ED-830B-05F242D1F421}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{0466309B-407F-4D69-91E6-86BEAFE9DBEB}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8AEE8D01-CF01-47AE-AD5D-714D7BE7D820}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{342EA1E1-2E21-4A09-8C9D-95D4D0B61526}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{0F13B3E5-0FC1-4D38-A9EC-6B8004EC0738}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{72B3B364-082E-4265-B78D-10FD766E99DB}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{2ED621BB-621E-4F5B-9EEE-2445F798F417}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38EAF7FD-1387-4B2F-B071-A3050E0E7B52}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41BA33BD-41ED-4667-B5EC-850C760D7EC4}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{96FE98B7-8520-4C4B-889D-95A849A6406C}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{8F614056-23CF-4179-8110-CBF96615B056}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{92DEB061-DDBE-4317-9756-EED6E50B36C1}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{41E6B432-E1F9-4489-B50C-C3CFA89580CB}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{43D853E6-AAA5-4C78-8271-3DE5C476A900}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{3D4D3D55-258A-4452-8354-59A0C9B95BE9}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CF90FD8C-9D02-4F83-87A8-86DE8BF0703E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{3B74ADF1-6A43-4401-AB32-EF15C1D49194}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{B3EC2834-8773-4B20-A2D9-841BF8179FDF}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{633BF3E0-7616-4F0C-BD34-D7AE38CF71C2}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{F523341D-D024-479A-B1C6-09E174003418}] => (Allow) D:\Programme\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{94207D91-6307-48BA-886A-841FBC51410E}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{2F2FD238-9218-4E73-8DA4-6FA41E0506C3}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{F55B01C6-BA46-4D72-BA01-DC0F62B2D9DE}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{4656B89B-E5B0-492F-AA56-97C9CB624605}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [UDP Query User{025F09C2-9AA1-4ADF-A604-9FA5A3FA0A64}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [TCP Query User{4AB9BA08-A5C6-4079-9E58-21E9E7D66539}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [{BFF87F05-85B8-4FAB-A7BC-80B7D7ACB251}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{41F30114-6E1E-4DC6-A988-5235C132E4D3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [UDP Query User{09B31CFA-B2D4-4E9C-846A-9E6AE61A437F}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{59421173-7EB5-4508-9C9F-3ED146289E5B}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{32F1DDE8-CC4C-4320-A8A4-1C75F90D4BB4}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [TCP Query User{2B62BCA7-11D4-4AD8-B437-2DE1EAD40A50}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [UDP Query User{241742FE-2949-4E72-81E5-122D323D76F4}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [TCP Query User{009A6B4B-3F84-4965-99B0-AC627E9AB743}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [{410F8931-7BED-4D99-A248-881443D2BA43}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{FAB3AE78-C3C6-4DD4-A657-2D7D3A467C0F}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{6F7A5C9A-2A1B-4FC7-94F6-93EDAECD75D4}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{17931943-1054-49E9-8E44-15C4ED0E76EC}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{1627D254-2807-47E5-A965-8EF14D291E95}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{372C07F2-7E64-4845-BD0D-18F42729A021}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9EE86F79-EA28-48E7-BDF7-DA3CB5CB0EB2}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{0C0096FD-BC19-4204-9414-C50767846395}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{E8CCB980-186C-4786-9D43-AAF5F521C015}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [TCP Query User{7B0BBD21-DD89-4546-A8E6-92CF642CFF29}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{B4BEBBEE-A2AB-4C62-BA1A-3E947E8618D0}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{F7A90859-ECB9-4126-9CF8-32AEF926581A}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [UDP Query User{118013CC-E8F7-4503-92F8-BED165808AE7}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [TCP Query User{24A0B1AA-132B-4576-965E-6044AAE7FE03}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [{5561E420-4BC8-44A8-9F33-AA239310F2C3}] => (Allow) LPort=41780
FirewallRules: [{EF206F0E-4EAA-4E2E-97A8-722315EF974A}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{92763FF7-CD31-49A4-AD1D-3C59426CE645}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{339CA568-B0BA-476E-8647-E398FD154305}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6AA3EA4-AE5F-4147-9477-C983C17F78B3}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A09E3AB7-BA3F-49B3-A93D-F50DEF8265E6}] => (Allow) D:\Programme\Skype\Phone\Skype.exe
FirewallRules: [{F7C0F58A-218F-41E3-B1F3-5E65CC3A3F50}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{8602E317-6CEA-4200-89BA-4F8E48E3414E}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [TCP Query User{9606A9D6-6A6A-40C7-AE58-17B18A3111E1}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [UDP Query User{48C77771-399E-4E63-BA0F-5C9A89A5F366}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [TCP Query User{549B6F9D-C048-4E95-99A2-3A377AAA0748}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{672FCE63-7931-4363-B2E8-7C5890F947CB}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{444E3619-2165-4B6B-A277-9CC0BC7B53B0}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{48AAD65B-32EF-4142-931D-684DA033FE0D}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{0302EA2C-2C88-4C68-8BC4-C486414C6275}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{655D0F0E-A538-45A5-83ED-0D949E232624}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{55CA69B3-FD1A-4886-909A-0C86C229B07F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{595038C8-42B8-42A8-9DF8-1D679DCC7DBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E36AEE6-C7C2-4509-B7D9-1BB0E1F03EB1}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{68BB8839-299B-4D34-A527-FF5F23ED4D04}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{0273119C-7CAF-4396-A5AF-768B82E424E2}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{CACF1BA0-AB61-46E3-A4F6-E3FD55C94A29}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{B63306D8-F01B-4802-A5E9-6F36E2474501}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{22654D19-A692-4892-84F9-A6C46B8C6DAD}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{60339C49-0A25-4CD0-83D0-DEE32E2FDB0B}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{E69CBCFB-4693-4382-AB15-14D323B3B0E1}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{9193D3C6-6FBF-441D-BB2F-0C08BEB4E77C}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [{9DF8030F-3EF7-4A6C-918E-3D3DA0F83D6B}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [TCP Query User{367DB655-BB17-4BC1-AE31-F20ED49E3A88}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [UDP Query User{44C3E241-DED9-4E29-9063-06F33DD095ED}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [TCP Query User{D16373C4-962B-46AE-87F9-922D3DA20533}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [UDP Query User{FBF4100B-242E-4171-930C-AF872ABC032A}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [TCP Query User{4D2FE12B-90B6-4D54-A289-A724E7B95289}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [UDP Query User{D3B9D8DA-2FFC-48E4-82B4-FB2E4BBDCA12}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [{ED38B62B-7340-44D8-ACD2-C203EDDA1151}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{A5F656B5-3F31-4FFC-BCC4-95FAB832FD48}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [TCP Query User{927C9C71-D614-4C26-B61A-A882E3817A70}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [UDP Query User{227C1F1C-3189-442E-84DC-6CC2E2E3E94B}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [TCP Query User{9D6AA729-9DA7-4763-89DE-52AF6DFC31EF}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{4D15A1ED-0497-41FE-9D0E-FAD00BF9D30E}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{AB34BC04-FF41-4337-9BD5-48D5A1B017E4}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{A54CB64D-E750-414A-A14B-A1C2AA0CC560}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{1771F40C-6EE8-4EA8-BFB0-F8C879A7DA49}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [{425D082B-2A4C-4FC6-8E3C-B11A884517AF}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [TCP Query User{43996D90-1975-4368-BED9-232501810761}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8F2DE0C-F2D8-4BFB-B7FA-5725E9CA96E2}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C2B64B6A-1A45-4904-B911-8F4163D80E33}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{628C846B-37A4-43FA-8300-C2ABD8505CE3}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{2B306573-B82C-45B6-B744-9BFF24454263}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{02897BD8-93C8-4E39-9236-8581E64CA400}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{4243E46D-D91C-4899-B34D-2D0D9664912D}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{FAE9A318-685E-4CB8-A119-FC59DD4334CF}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{DBC819B9-E417-416A-BA9A-674662BF83AB}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{F20DCC84-A9D8-40AA-AFE7-B206053EDF38}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{6633A870-73F0-4F52-919E-D7A72822C841}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{69BC39B0-41F0-419B-BB20-14A374665975}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{82729D87-7959-4CA7-AA2F-9E5286114411}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [{C9C8859F-6322-41D1-AD05-B11D9DF4B04E}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [TCP Query User{1AA0FBF9-4330-4FF4-85DF-789C47018191}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{473BDA27-3954-4B5C-8221-8377E36B9CD2}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{B6368D2F-877F-4CE7-86EA-42CD059F4519}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5EE59C3F-2D0D-4CED-840B-2BA998195FCA}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{C586A06C-0DA9-4744-80FD-2C40DC65522C}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E575F97D-B64E-4E35-B30C-038822ECDED3}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [TCP Query User{69BFF41F-D1C1-4691-9FE1-B6DAE78B9AFD}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [UDP Query User{AD1889AD-5410-4C90-BFB2-372B345CE1D2}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [{8A3B0A28-A44F-4C11-8E0D-3B16592AB8B4}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{945066F8-25B0-4FB2-8A01-FB556A39BF1C}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{5E4A151B-2E94-4040-B1BB-8202B658D7E5}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E73C3B66-59DC-4ADE-B5B1-0CCB9E5F15F1}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{C9C602B9-4B3D-4FA5-9D6F-61E42E613097}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FB9ECD72-CABE-4824-9AAB-E4A6F0E35D84}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EEB40E47-F1C4-4656-9C5C-2FEB1392B4DF}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [{9FCEF941-FA77-4150-BE2B-839A321CA27C}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [TCP Query User{62808090-BA71-4AE1-B049-85362774AAF2}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [UDP Query User{A2D3775C-19DD-4124-819B-5F534032CFA0}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{7F75C914-E50D-40B1-BB92-746FC9CCEDD2}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{D59DAF58-5343-49CB-A91C-6C96689546F1}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{62528508-75BE-47CA-9277-836908DF1719}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{3D3D0C0E-CC29-4785-BD54-CAF08252381C}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{8DC2D8B5-DB4B-40D1-97AE-6D4D2CDA677E}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{EA82A72A-0783-4376-86DE-66D463A97A0C}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{35D7E367-0ED3-4F47-8441-3A6A3F3561DC}] => (Allow) D:\Programme\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{6E0600B2-815E-48A0-B4AD-A5EAB1543BDB}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{7AC56B85-1415-4007-8E96-1361E1FABDE3}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{D95A68C3-537C-40C1-A744-442B4D5879B8}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{EF2BBEFC-1876-4BFA-B930-628D8649EA01}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{5C208156-3201-4BFD-9561-FF74F18CE96D}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [{651B32F7-67BE-427E-AED8-2E8B3D3929B7}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [TCP Query User{F680A4FB-8640-40DB-AED3-5FF14EB3BE73}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [UDP Query User{9D8568A2-6021-4089-A7E5-B899BE3AA6A2}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [TCP Query User{5297F42D-5675-4819-B80D-1F8FE92D8792}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [UDP Query User{52D31D87-A22B-4B4E-AFFB-41D5FE61C3E7}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [TCP Query User{84A070A8-9FCE-4BA1-907C-311A264759F3}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{B261384C-83D2-4BBA-B1CB-1A09E9C005B8}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{149DCA28-7E08-4F6B-9642-4643C987479B}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{BF0B939D-91E1-4C1A-9C14-D46A9ADB71A3}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{70A71F66-CF4A-4F7D-9E11-A0B39DB3DFBD}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [{B87CA62F-C948-4990-81A5-3C8273F90ECF}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [TCP Query User{733AD380-6942-42B0-96A4-4C928D10A842}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [UDP Query User{4FC4F02E-DA30-4A2F-ADC6-2421F3C86C51}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [{F173D9E2-CFC5-456C-B772-38970156E8B5}] => (Allow) D:\Programme\MAGIX\Video deluxe Premium\2017\Videodeluxe.exe
FirewallRules: [{58565BAD-4103-4768-A22D-6A83399860EE}] => (Allow) D:\Programme\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{B0F4AF05-3445-4E86-84ED-F9668F3EA52B}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{B6D46762-9437-4F7E-804C-595364ADB56E}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{DD9EDFC0-4384-42B2-99D5-8C17E4DDD7AC}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{A0600D8F-500A-4A44-89C6-282349CAE307}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{536D9FE2-FE06-430D-8696-DC1327D02F34}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{5A496D68-2EF3-43AD-98E3-578B7BA30874}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{B13220B0-F27B-4818-A76B-284143317672}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{3543073A-B8AB-453D-A4D3-190625845506}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [TCP Query User{946362F4-2735-432C-A060-BD80CF30C175}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{36F60D16-C06C-4788-8120-C002ADB1A518}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [{50693B02-4980-454A-A2CD-C8AB00019487}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{D76891D4-8F80-44F1-A92E-A0FE7048C49A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{05C68A71-80C1-403E-9342-74CDFA2EB76A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{0BCB9B89-43C3-4687-A311-87DCF4725AC3}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{D61C37A6-ACC2-4494-96D8-897F554884E1}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{AC54F4D6-CCD8-4350-81A7-4122051063DB}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{724031A4-8631-4BA6-9B14-5C43D6C27B7A}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [{4F12E286-9A42-491E-BD48-5BE45805DF6F}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [TCP Query User{63EBF6ED-4320-4FD6-8349-76A314057E9B}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [UDP Query User{89DFC2DE-0D85-469A-8D40-ECEB29072155}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [{F6CFAD45-14D9-4F70-AE82-84915128CE6D}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{EB40392A-35B2-4B49-86CF-EB7327563DF7}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{B5D68DF0-AF23-431D-B345-C5278F6310D2}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{D12E3BDC-FA1F-4993-B187-17D842A92D49}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{EF42FFA6-F63B-4B18-B056-65AED7E3C817}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{949C85A8-693A-4505-9C65-2483077C2F59}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{118F724E-B0C9-484C-AA54-724951D58103}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{639D79C9-CEE6-4D37-9D37-41C7742D6476}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{113DDC4D-4A14-41D5-B79D-9286B9A6DE47}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{2EE7EFEE-59FF-4C8D-9838-2B2B9E00270C}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{5EF4F8B9-60AD-42E1-AB4A-2035E242CEE5}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{C8894B04-9B96-490B-B2F2-A8DA33112482}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{BC6E0C8F-343B-4209-8906-8701893745CD}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{E9AC4963-ED0F-429D-A657-A4247022DEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{5A22F760-CBCC-4E82-ACA1-F3E13E75C79E}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{97E90E47-6DFE-4D02-B6F7-2D529C9DCF92}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [{6478ACBE-A9BD-4004-99AE-5BC6F47E9A6E}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{78CF89E7-5691-4AD3-ACD0-EA5EF3E3ADB0}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{F994B6B6-3EF4-4BBE-AB52-770328BFBED1}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{FC8B8C65-D63E-454C-B8CA-8E5FEC275AC6}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{DA2A7636-FE20-4A55-8405-38F2A9800092}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{EA799577-B0B7-424D-81CE-CDFA03C9E253}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{2714EDEE-7A10-426D-9FD0-30151409B09B}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{1FEFAA6C-A74C-481F-8428-D872D4DF5A5A}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{943C1A90-26A3-46C8-B75A-6AB5FE4D9C63}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [{07764B6D-4A71-4707-862F-E2FCE2E941CD}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [TCP Query User{7E4F6977-CF90-458B-92F3-F84E646B614E}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [UDP Query User{BAD65C73-1242-446C-A7F2-425E8F1CA7C2}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [{789904E8-F71E-46A3-9B7B-76616E723997}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [{060AE121-401D-4ACC-8F5A-B5C264428BDC}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [TCP Query User{A10DC358-53EF-4B81-A409-6BE1CDA4CC1B}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [UDP Query User{4DA529DA-158D-45FE-9090-FE15CC0B46D7}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [TCP Query User{EB037A9C-4274-40DA-B348-5751821FEE09}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{64F17405-13C2-4CA1-BE0F-B4B4EBA822B8}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{039CE7D6-8615-4867-9B7D-5D77171CF046}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D5172F7E-49E6-4DDF-9DA9-AF66C81B5A55}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D2F00B33-3AA8-42D5-9B14-C767CFF32944}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [{AB5457CE-D7FE-4B34-B463-B155F14F96BD}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [TCP Query User{B77F38D4-CF61-44FA-BA53-BA1EFB7D5A95}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [UDP Query User{DE476809-6F31-461C-89B2-CFE16D7151EF}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [TCP Query User{70925235-EB3E-41A8-AAEA-F7560E1D8AE9}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [UDP Query User{BB5A0FCE-F704-4643-91FA-E3AEF49E2C0C}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [{E3DCA5F5-CFB9-49E6-A6D2-1E04C6C5BE44}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{8AC401C8-0D9E-486D-AD97-16F5B10C104D}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{1C79891E-9065-4FC7-BFEB-6D285BEED6DD}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{085103B3-52BB-4322-9116-5F92D990C16D}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{28C28A74-2BF9-4BBA-8801-DBE9B3113DD3}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{9BE9FEF8-B749-421F-AC97-368EC7D7282E}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{5707A4E9-4AB0-4ADC-95A6-8891A2D6147B}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{F4D66E58-5638-4F67-8A31-62AEA5572057}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{8324771A-96C6-4F9B-90DA-195A875C5631}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{F03EA227-673C-4D1D-A045-93429F4F96CB}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{F98C6DC3-DAF4-4D89-9EC0-32A20474D749}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{DEFC3B7B-4E63-430B-9F73-CED9B3360B00}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{B04F755E-73A7-4B19-A716-0B4936931199}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{971CC691-F9C0-4BE8-BDED-8815C6A6245D}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{80DE5553-410B-43C9-8FEF-E43891C78DAF}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{D5BDF78C-85D8-4E56-926C-CC2D7364646A}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{63DFEBFC-390C-40DE-933A-9F2DADAD8AFD}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{57D0E3A8-0AB2-48D7-AB64-E3FC8289ABF8}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{03B14AAC-85A3-4E1E-AAE6-D67BB763AB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{5534C200-0E52-4CCC-BA98-DF0D25966303}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{319E1CFA-96F9-4765-B13D-2832EBC9F79E}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [{090C80C9-EF2A-4BCC-B274-DA738B85FF47}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [TCP Query User{D0852806-9B67-4849-B393-5BCFD73B4217}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [UDP Query User{732894AA-62DA-493F-BA78-A65544A6C539}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [{214564AF-BBA3-4E81-B17D-1F06B5D3AFD0}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{0B95A94E-567C-43B4-B71B-3B85B8188330}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{B33FB518-0761-4C24-8867-F0B7B14F323F}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{B76F326A-FE12-49DD-99D3-B8B83F95A4A2}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{CF53888A-5C8C-44A9-96E7-8D2A2C391893}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{E602716D-68E2-4725-97C8-C0555B0FF6BE}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{835F90F4-C74A-48E4-BD7B-7B7F3EB26BB1}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{DE0ABF26-0839-44EA-9D69-ACA0A016BDA7}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B8FEEE15-4AA9-48C5-BA8F-0D61F0142CC5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BCD32AD3-5CF5-4EAA-B4BB-6B822714DD3E}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{2DE48180-C6D5-4C8B-B588-4E81E239B1A5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{139CD6E0-7156-45DD-80E7-9F30BCC3DAEC}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4896923D-EA5C-492C-84A1-6FBE349C275C}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{6EBE3F0D-A166-408B-8DFC-80271D263B06}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{AA95A789-ABF7-49FA-BC2C-E8105DCD445E}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DBFA4C21-FBA5-440E-A8AF-C5E9777BABAE}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{56526727-9FF2-4767-8A86-67202932C05A}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F8C628C4-D6B5-414D-889E-EE364CFBC7D7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B2F7A213-0B26-408B-9612-A5BE7520ED6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3AE1DE3A-8510-4A06-AA23-71A1A52679DB}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{313E92A5-5595-4288-A364-63B4C3B819E5}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [{34DD1EF5-DC69-4975-B0F4-78E0875E130B}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{67B2ECF1-9635-4060-80A8-E1D5452EA396}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{7A7CD880-69B3-4C3E-9647-5C3623C65E61}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{12B14AFB-878D-4FDA-A577-802F39490F85}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{47916F8C-0CAE-45DA-A7B4-985DA7C8F929}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [{9458BBAC-9252-4758-829F-79275BB8B2F9}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [TCP Query User{BDFDC57C-8BC9-4E79-B023-615557F08A78}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [UDP Query User{3F3D8A05-33CD-47CF-84C2-F977A40F537D}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [{00EC267C-F337-4CA1-AC15-822CA9CCB469}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{E86DD9EE-B256-4BBB-BE9C-C368494796F7}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [TCP Query User{CDF47A81-5308-4252-9667-38D9AB0D8061}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [UDP Query User{6F3E0A19-AC02-489E-89E6-5BF15BCCDDC2}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [{78F1101F-9872-4F30-919B-44FEF97AFA23}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{4A2A88E2-91E7-4949-88FC-A05F0BDAF2F7}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{DA1AB053-B838-4905-9B9F-CAF4FFD52AB5}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{23A99FAD-E518-4010-83FE-710A6E211B96}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{24359B6A-EE2C-4D5C-ABA5-6BF6CAC91504}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AA6C628-7FB9-4F30-BB92-BDCF89F2181A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B270495-D3DF-42B2-B552-52B9EE687746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB7EE3A6-58A2-4ED9-90AD-3136049D6ED4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C89A8AB6-BCD9-4DC5-885F-DB0E8A508471}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{C3C6DF70-4CA9-430C-A8FF-FEEC9584346C}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{61C7FA33-4FA8-496A-804E-6F769606FD0A}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{14F4F47C-8305-4C7A-B552-AA5062DF3F14}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{81A6E9C9-CCA8-48DC-A19C-4425F738518E}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{794C269B-691B-4E72-847D-6BEAA1613019}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{2D1CC264-2E8C-4447-BF39-A770356FF620}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{6286C5FE-F448-4712-9198-65EA02C81ADC}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{D2C7216F-2F71-4D31-BBFA-CB24B6010AD4}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{025100DE-0293-4589-A81C-417A0604AB7F}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{E3A69345-E1C6-435C-962C-6C54065DD035}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{9FE21E23-0DDA-4020-952F-D1EE6C97D97B}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{5014089B-AA20-40A0-BF72-A740F366A674}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{142D2C28-298C-4B34-B67F-4CCA94E45CE1}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{7813EC58-1DAF-4FFE-976A-80172154651E}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{CF67956E-6D20-4DE6-9ACB-2A3B6DC3AB41}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{699458AF-2F8D-48F1-8B2B-BA8454D8236C}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{ABFA37DD-029F-4272-A197-06762C110EB8}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{089F274A-3139-40E8-8F03-1BE0BB9EAE7D}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{2113B080-14B0-4BAE-9C02-A410FE21B061}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{C0292D33-04A7-4511-A144-216679F9FFD4}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{D922841A-A90B-4235-89DF-426FB99D355F}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0800D4EE-74FF-4BFD-8430-5E5ED922607B}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{CEACACE7-4640-4865-B504-F16A3ED17000}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{9CDAE3DE-33F2-4E84-A6EA-809402CA701B}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{0B4B05AB-250A-412E-9969-0586E560F06E}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{BC8A2FB2-90B9-47DB-A552-489AE165B13D}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{C3E2BBA9-A4B6-4FC8-9A79-8864D9775545}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{DA2A4F4D-F1E8-462A-B8EA-380E5D196DD2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{02761161-C56D-453C-85F6-7D6D33393B5D}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{D743BB1E-5935-428E-8603-2AFEE37DC980}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{25B1F3B6-3DE9-4F4E-8155-5B40B04FF2DC}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{FD16AFE9-6DF5-46F2-8870-A99E4CBD85CD}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
FirewallRules: [{4C6250CC-10C1-41BF-A1E0-5BDDC0A4A700}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
FirewallRules: [{04E0654B-70ED-4D12-B684-4CB7D4993E59}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{1A91F9EF-32FC-4EC3-B532-86A5C8F47DD3}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{1CD6EC4E-DB42-4E1F-A280-85FAB2B4E910}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{72AD212C-DF93-4D29-9A14-4523C338C1C9}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{22DAA0F4-3266-4288-B433-C6A32096969D}] => (Allow) B:\Games\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{4C19C07C-0741-4575-BF05-AF2DCD6A8084}] => (Allow) B:\Games\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{CDB51593-B67F-452D-9637-4F62DCDECFC8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8E2234C0-B8AA-465F-890B-2D5670468E68}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
22-09-2017 06:16:02 Windows Update
22-09-2017 06:16:08 Windows Update
22-09-2017 06:33:10 Malwarebytes Anti-Rootkit Restore Point
22-09-2017 19:04:10 Malwarebytes Anti-Rootkit Restore Point
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/23/2017 04:52:46 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 04:52:45 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 04:47:30 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 04:47:29 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 08:38:47 AM) (Source: MsiInstaller) (EventID: 10021) (User: Hoshi-PC)
Description: Product: Call of Duty(R) - World at War(TM) -- Das Gerät ist nicht bereit.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/23/2017 08:37:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm setup.exe, Version 12.0.0.58851 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ac8
Startzeit: 01d33435bb115919
Beendigungszeit: 4294967295
Anwendungspfad: F:\setup.exe
Berichts-ID: 8c909ca4-6e6c-46bd-af00-f114328ee9e1
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (09/23/2017 08:33:53 AM) (Source: MsiInstaller) (EventID: 11704) (User: Hoshi-PC)
Description: Product: Call of Duty(R) - World at War(TM) -- Error 1704.An installation for Node.js is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (09/23/2017 07:16:35 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 07:16:34 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/23/2017 07:01:05 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (09/23/2017 04:52:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Firebird Server - DefaultInstance" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Oculus VR Runtime Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WSWNA1100" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Virtual Desktop Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Qualcomm Atheros Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2017 04:52:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-09-23 16:52:50.045
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:52:50.044
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:50:29.095
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:50:29.094
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:50:28.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:50:28.834
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:47:32.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:47:32.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:34:34.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-23 16:34:34.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16314.71 MB
Verfügbarer physikalischer RAM: 13771.2 MB
Summe virtueller Speicher: 32698.71 MB
Verfügbarer virtueller Speicher: 30022.12 MB
==================== Laufwerke ================================
Drive b: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:118.9 GB) NTFS
Drive c: () (Fixed) (Total:223.03 GB) (Free:107.29 GB) NTFS
Drive d: () (Fixed) (Total:1464.84 GB) (Free:214.67 GB) NTFS
Drive e: () (Fixed) (Total:398.17 GB) (Free:71.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7D0DF0DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7D0DF0CB)
Partition 1: (Not Active) - (Size=1464.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 873A098D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
| Themen zu Windows 10 64bit : Verdacht auf Maleware |
| administrator, browser, defender, explorer, firefox, google, helper, homepage, installation, maleware, mozilla, mp3, netgear, neustart, nvidia, prozesse, realtek, rundll, services.exe, software, starten, super, svchost.exe, system, windows, öffnet |
Linear-Darstellung
