| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit nicht Löschbarer Adware.Elex.ShrtClnWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.11.2017, 15:01
| #16 |
 |  Probleme mit nicht Löschbarer Adware.Elex.ShrtClnCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2017
durchgeführt von User (12-11-2017 14:58:38)
Gestartet von C:\Users\User\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-21 09:23:43)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2440112941-538450990-2588341026-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2440112941-538450990-2588341026-503 - Limited - Disabled)
Gast (S-1-5-21-2440112941-538450990-2588341026-501 - Limited - Disabled)
User (S-1-5-21-2440112941-538450990-2588341026-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Player 6.2.20 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.2.20 - Aiseesoft Studio)
Akamai NetSession Interface (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version: - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse Client (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.6.7 - Graeme Gott)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 49.0.2725.34 (HKLM-x32\...\Opera 49.0.2725.34) (Version: 49.0.2725.34 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Rage of Mages (HKLM-x32\...\1459856053_is1) (Version: 2.1.0.3 - GOG.com)
Rage of Mages (HKLM-x32\...\Rage of Mages) (Version: - )
Ragnarok Restart (HKLM-x32\...\{06A73F7C-3719-4664-89DC-21FB0B3D7C9D}) (Version: 1.0.2 - Gravity Interactive, Inc.) Hidden
Ragnarok Restart (HKLM-x32\...\Ragnarok Restart 1.0.2) (Version: 1.0.2 - Gravity Interactive, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
skate's Thumbnail Tool Version 1.1.2 (HKLM-x32\...\{E68C580F-B6A5-4D47-89EC-307B9096FC10}_is1) (Version: 1.1.2 - skate702.de)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.60 - NCH Software)
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\{A7A1153A-3CA3-4366-B37D-291522538794}) (Version: 7.0.0.0 - VisioForge) Hidden
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\VisioForge Media Player SDK ActiveX LITE 7.0.0.0) (Version: 7.0.0.0 - VisioForge)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Warcraft III) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{d966ac89-a571-4a5c-bcf0-638a3cdf1b14}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02CBCC90-3E56-4541-96EC-B200672D50B5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04DCEB08-147F-4B59-88EB-9F3F89DE852C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {0E64ADC2-2056-475B-A71C-FFFE220DD0A1} - System32\Tasks\Opera scheduled Autoupdate 1380645316 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-07] (Opera Software)
Task: {132A5559-4118-4295-A1E1-C141CB2F74F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {14EE976F-63B2-4DD4-99DE-1835879794C7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {1B41679F-8512-4E70-8E44-8A344FBCA5D7} - System32\Tasks\{68198F9C-F8D5-440A-A307-2045870E9B9A} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings old.exe" -d "D:\Program Files (x86)\epicRO Ragnarok Online"
Task: {1FA9B476-5068-4DF9-A7C0-DE98215EA21A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {2098291A-6826-4D8E-90E2-E7C7DE426F36} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BF954F7-B5F8-4A34-8C72-ED4883865256} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C1B2D-FB8D-4193-8444-231AD0F9BBED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {309921DD-F04E-4995-AA50-9A6470930DC9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3515463A-AD78-4987-86A5-060287B7AB95} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD)
Task: {3754061D-CD83-4496-8AA0-8FE1BA314C47} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {3EF7C9D3-8A19-4234-810A-2DDB201C8958} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {427CCE13-B111-4A80-BBB0-6D6F981E965F} - System32\Tasks\{A5DBFEE4-0356-4708-A655-BFA7E35BF624} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings.exe" -d "d:\Program Files (x86)\epicRO Ragnarok Online\"
Task: {4478F7FB-D260-4CB8-82E0-5CA44CDF79C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {5256B3A6-7B23-454C-AD22-5E2A693BC4C4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {55978C82-CC08-4BBE-8D03-B568E1E8E4E0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61160297-9C11-42C4-AA85-47CC9FA41C41} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61C34886-4054-4DD8-A557-3A7B140BEBBF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {65342EE4-2ADC-4994-8633-40C4B9E686C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {751916EA-7824-4174-B568-FC51A3F7BFE5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {760979B4-03D3-42CA-9AC0-C4FC833C0332} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8130F5FA-AF7D-4943-B2BA-060B3A46CDAE} - System32\Tasks\{438FA2C7-F30F-4579-A499-B2964FEB6E44} => C:\WINDOWS\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {83D8EA44-D5EA-48DC-AD74-8BAE0ABD30A4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8612CAD8-A91C-4A81-A388-BD870CF508D5} - System32\Tasks\easyVPN => C:\Program Files (x86)\EasyVpn\app\easyvpn.exe
Task: {89F9EDD9-7C6B-442A-80AE-7C781EA7CEFB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BD8CDAB-DB90-48FD-9680-5746409A4010} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A10630E0-7C00-4372-A960-4FC859BA913C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {B55CF8D6-4BF9-4075-BC29-60C0CC07BD2C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF5E2522-FE1D-4E8C-9FA9-E1B27B81D2DA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8A508EB-2906-4504-9BFC-EBFF5AE097B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {D603657B-A4C5-4DD5-AB65-50C5B5C8B92D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {DB881C0E-C3BE-4699-AA40-CA7398035898} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DE82B7E1-A074-4B4B-96F8-B77C47A4381E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEC8126C-17DA-4FAD-A5F2-57CB2B91A8B0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {E0E54520-18CA-4D7E-963B-A5AA232C6777} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDFDCDC2-3F60-4BC2-ACE9-FA32929FA671} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F191C630-1ACC-4331-9C15-E924A011A9C0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6112400-8A8F-4A0B-B5DA-75DC52204405} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\User\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-05-21 09:57 - 2017-05-01 21:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-29 10:28 - 2015-05-29 10:28 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-09-02 12:09 - 2017-10-10 12:28 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-04 09:48 - 2017-11-02 07:51 - 000021848 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-09-07 17:12 - 2017-09-07 17:12 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-11-12 14:01 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll
2017-11-12 14:01 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll
2015-03-31 17:25 - 2016-05-02 07:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-11-04 09:47 - 2017-11-01 07:30 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-11-04 09:47 - 2017-11-01 07:30 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2014-05-29 21:40 - 2016-06-10 14:21 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000507968 _____ () D:\Program Files (x86)\GOG Galaxy\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001076800 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNet.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 053018112 _____ () D:\Program Files (x86)\GOG Galaxy\libcef.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001854528 _____ () D:\Program Files (x86)\GOG Galaxy\PocoData.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000393280 _____ () D:\Program Files (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001589312 _____ () D:\Program Files (x86)\GOG Galaxy\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000307776 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNetSSL.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000330816 _____ () D:\Program Files (x86)\GOG Galaxy\PocoJSON.dll
2017-06-21 21:52 - 2017-10-19 17:33 - 000130112 _____ () D:\Program Files (x86)\GOG Galaxy\xdelta3.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000104000 _____ () D:\Program Files (x86)\GOG Galaxy\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000520768 _____ () D:\Program Files (x86)\GOG Galaxy\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000272448 _____ () D:\Program Files (x86)\GOG Galaxy\PocoZip.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000680000 _____ () D:\Program Files (x86)\GOG Galaxy\sqlite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000425536 _____ () D:\Program Files (x86)\GOG Galaxy\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000157760 _____ () D:\Program Files (x86)\GOG Galaxy\PocoCrypto.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000152128 _____ () D:\Program Files (x86)\GOG Galaxy\expat.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 001738752 _____ () D:\Program Files (x86)\GOG Galaxy\libglesv2.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 000078848 _____ () D:\Program Files (x86)\GOG Galaxy\libegl.dll
2013-10-01 15:05 - 2012-06-25 09:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-21 13:18 - 2017-09-09 20:25 - 000688416 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2014-05-22 15:17 - 2017-10-31 04:22 - 002546976 _____ () D:\Program Files (x86)\Steam\video.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 002549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2013-09-21 09:35 - 2017-10-31 04:22 - 000901408 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 10:59 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 06:22 - 2017-09-07 03:04 - 000678400 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-14 14:24 - 2017-08-16 23:28 - 073130272 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-20 16:13 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2013-09-19 17:46 - 2017-07-19 02:53 - 000384288 _____ () D:\Program Files (x86)\Steam\steam.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-06-18 08:56 - 000000029 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\Desktop\black-rock-shooter11.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{9C3706ED-64EE-462D-AAC4-745260CD6FBB}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C169F269-54EE-4253-AF5D-4B55C15F1775}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{695FAF78-0DBE-45B8-A05F-E1B4BAA59FCE}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{09B5A604-B7E3-4625-B7A6-CFED54329A9C}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D892EF5A-DCC7-4FB0-A4E0-74D8A766440C}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{B3FB41F1-79B3-413C-B008-0001AAE7FBD3}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [{E3C4DEBD-FD96-4789-A362-859D9FD41B64}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{31812AB7-9EB1-4B6D-855C-B28552F64977}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{0BBA4094-B486-4BD8-BD46-7C0A8517B2B4}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{33751D31-A83B-43A3-9DE2-808B05A1B520}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{2ADDDE45-FFED-4DF4-B5B9-728AB583858F}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9D7F081C-EB2E-4288-B03A-8395972D4B75}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [UDP Query User{923B508F-9F5D-4736-B953-3F24F729A1D6}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F5659E42-B74A-494A-A8AF-A9541DFAF5AD}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E8D1EEDE-AC10-488C-A308-7A3D95633109}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B9422F32-ED23-4E77-95BE-1C8233C30CFA}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9095436E-783B-47EF-86BC-8870FE9245E3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{0D545466-2DB6-43A5-B930-F5FF09CBD54F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{3E98866F-EB4C-4254-A94D-4A240BCB0810}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [TCP Query User{C77808E2-8F06-4C7B-9D6A-89E709CC510E}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [{034B23A9-B7F7-41BC-AAD2-C3EAF9995FC6}] => (Allow) D:\Program Files (x86)\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [UDP Query User{F9497AD2-3548-45B8-B03D-AC8BDDAF00BB}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63CB44E6-8816-4F9E-BEC8-F43B341F13FE}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4B60DBDC-8500-4884-A6D6-85CA309AF5E8}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C9D014AE-64A9-407E-8C50-9B0B4B956CDD}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{454C40F0-077B-4441-86C6-5CEA893D16D4}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E2694FD4-2DDF-4A8F-9612-485E47DB2A68}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE534BD4-C74C-4126-A126-F096C261E9B4}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83F87CDE-9639-48A9-9D2C-29F06783669B}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{96A0F636-1016-47B0-9613-0838C573627C}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [TCP Query User{FE7968CC-68BD-4058-BA5E-DC6CE5390C53}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [{00C61FF4-17AB-42E3-AF35-4E125D337D5C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{FEAC0CEF-CCF3-481B-983C-289FC5D90A06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [UDP Query User{22C8D6D8-21AC-48A7-B237-F110416F8C62}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{D9BC6E22-9F8B-48C4-AD56-84EDC163AF26}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [{138D4B24-E374-408F-B77C-CAB04725CB4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{2E74C4B3-E1DB-4017-A634-089C73E3BCC5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{C5005979-5EB3-4275-BA81-941B5BCA303D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9549E5A5-22C2-4148-B904-EFA25A3A1EDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{A93E3F9B-68D2-4AC5-9E6E-753A5893817E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{946AF9B7-81E4-405F-BC10-879736EA5FC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{F67FF78E-10CC-4937-84C3-79D4E637771B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{B6E043D3-CCEC-4261-8EA2-ABD080F46CAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{DB413EC0-A14F-4E83-B401-3584D74AC9DB}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{06670257-4FD9-4B83-B20C-8BD10B937C8D}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{3F4F719E-7FB6-42BE-AFB1-41F9A3F67E0C}D:\program files (x86)\tom clancy's the division\thedivision.exe] => (Allow) D:\program files (x86)\tom clancy's the division\thedivision.exe
FirewallRules: [UDP Query User{56062B46-5268-47A5-8E3C-2F707B84A363}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{5150902E-AE6C-46A5-8A2F-EA4D374487E6}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{AC698FB7-8262-4B5F-AE3C-EA35071684B7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{105A53C0-E656-4632-8371-77B9CAA10444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{DE45B7B9-33A9-46F3-B80C-186992B98BFF}] => (Allow) LPort=1900
FirewallRules: [{51700128-C169-4AF0-ABB3-6019B2234BEB}] => (Allow) LPort=2869
FirewallRules: [{F87F89FA-B567-48B1-B68A-49BFE0EC8F02}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{DF780692-03C9-4FAE-A9F6-55D3D1FACBC8}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{80C4801A-B800-4EE1-B75A-68B715969375}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AE71D734-B4B0-493F-8148-113142CAC814}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD1244D8-3CEF-4F9A-A4F2-59E3D4E6DBE9}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{B310F864-AB7F-46F8-8033-12DBB4ABDB84}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{4E5588DC-8A03-452C-A814-28A50BA283A0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{6FAA8E9A-1BFA-4B80-BF68-1CA0467272B3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8E53D14C-173C-469E-A7C0-FC634251035E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9C45902-1EE0-4ACC-ADA9-5742294F28B0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{199F447F-5289-4187-8331-07E5E48F8C9D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{978218B0-6367-4C89-A1BA-236419747157}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7834845B-A3B9-4A8E-BA47-C5CCF350686C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{939B4E88-BE25-40B1-91AD-DCDE2EAD1C68}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{BAED523B-EF2C-4F7E-A3AC-36B6F2FFEE4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{5582C2C5-8E66-48AB-8CFD-4E6865417117}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{A9599D5A-FCF6-4A13-8047-5EEC6C9DA6DF}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [UDP Query User{413A1624-EA4A-4FD1-A1C4-ECC6CC7A5A21}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EB1682A1-C4BA-4C3A-946F-1C32B10ED1CC}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [{43F29742-2B27-404F-A374-478205BA4294}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{80330737-BF6C-42C7-848C-A6732C78481D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{556DC0B1-24E8-44A0-978E-2F284096707A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{81D69276-A640-4E1A-8132-9679BD381CD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{BB290AEC-5AE9-4F47-8473-60B0DECD026D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{EBD8D74F-07DA-492A-9CD8-44E4DFC293E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{04C52C4F-CBE2-41E7-BCEC-1588F0F9E24A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{6BED1BD7-EA9E-4F1D-99D9-13AC8309FF08}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{C701686D-4ADA-4FBD-B698-6CD754F24116}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{56823176-FF81-41C2-B366-A2AC4CD39181}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [UDP Query User{931E706C-0C8F-450A-B2A1-6CFDFDA9A1D7}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{426C2B60-F3F7-4DA9-A811-0DA28546F717}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{9286A25F-2705-4B5E-906A-A99D35B85F6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{0A1E6997-17D3-4747-8106-B50C0B323E1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [UDP Query User{4898D512-B876-4D84-A582-19FD92816FB4}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{BD67A5BD-BEE6-4F4F-A79A-859EA844729E}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [{9FD52067-AF88-41C9-89A8-1CE183DA83A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{2BCD56F3-0687-451D-ABA0-C2A00E081366}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{C437CE87-A71C-43E7-BA62-1BDFCFAD7F0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6BCF7699-632C-464D-B5D6-6A280DEE14A9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [UDP Query User{EBDBC056-CADE-4223-A181-F5FDDB377A56}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [TCP Query User{927370DD-8BA9-44E7-AA86-47CA6629B42B}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{95F8A3D2-3A8C-4EDA-A729-55A671CCAEEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27EF9A32-7213-41A4-98AD-AF9DA32C3C31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94E71186-8933-4C9D-A6C3-098CCDB59886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{769D1814-4C10-4D99-9087-0DEF9A84DD42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9BA40C0A-53A8-458E-847C-F469DCE30002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{854A45F9-FC3B-4D9C-AF2A-ACC6E1D2F077}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EDDB763B-D7EB-4B44-BBC1-4B6F068D1B86}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DCC82C4C-AA14-464F-8CEF-374219504A06}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C458D6A8-9D64-4EE2-B89C-444F1D57F5D2}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{61043D88-EAA3-4BC0-8920-FF23913988AB}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{12EF483D-954A-469D-BB1A-65E18C8405B6}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{A66B7710-C51E-41A7-B65D-8461ED7E7970}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F3A2F987-9BF7-4B4D-AE65-FCC310AD82C2}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{BDEB1C7A-0B1A-4F15-9995-0F56C7D56F55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{0BE4DEDB-B609-4A08-8EDA-F7C04CC842AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{76EEA0D2-F8F5-40AD-A054-638833F75E30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{6964DBF8-F8B3-4340-845E-EDBDFAEEBAE0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [UDP Query User{E2089537-DCE3-4B3A-B332-2411C7E09E4F}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{54417066-6F8B-4E28-9F85-0A8AE3DC904B}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{747312C0-8EB8-46FB-A656-9F6E599C02A7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{542C020A-49A2-4625-BD62-3CBD888348E5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{08276856-D54A-4A66-826F-3638EF6D426D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{BAABEEDD-8579-417C-BA51-4484FD07839B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{8E3969EA-7101-4BF6-9A28-2160C0BC1960}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{1CC35AF9-409B-45AB-B49D-876C224E1DCA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{93103BC1-8D21-4350-8CE9-614D06E84813}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{11E424AA-383D-4F30-B683-AC91ADBFE99E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{45530EF2-BAF3-465E-BC26-F25EA0E19DEF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{88687C5A-DD19-4770-A83E-0091679FAD8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{F5B0530A-D302-4EA1-80B1-8F675B79CF4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{0B5E41A6-6AE2-4D7C-9A64-895CD624EC2B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{C2F978F6-405C-4E18-8B6D-61C8E10E54FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{EEED312C-DCD7-454F-95D7-4A1D141A726C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [UDP Query User{594CAB67-D8D5-41F9-A38E-8F11CEE19BFF}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AC383127-6714-4741-A6FF-004A6D97234E}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{6C075229-B17F-44DE-8514-F9DF46E544E1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{91B46C84-3D73-4E76-B72F-CD08C8A723F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{CD532599-7D0F-448B-8A61-D1418120D8F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F22BE907-5B04-4446-982C-BAC0ABC16FE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{37599D5F-4EC8-4C2B-9488-B0E5014E5641}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EA09F9AC-D798-41B7-B9BC-2B91C7F88470}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{F8B17FBB-BB43-4D85-9FEC-EEB58A81DEF6}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D2026B4C-FF8B-4202-877A-6957857CE548}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{59D3C52C-6E46-4914-8591-5CBD1DC43B59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2454A699-F7D7-4B06-8507-CDA10141C753}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C01D681C-5515-4BEA-8DD1-470D6655263F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9FC3B04-A8B6-4EEC-B236-2C5A66660648}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{59FFA24C-9527-4277-906D-49DBAC599876}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{F991024D-E179-4712-AA82-955673652A2A}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9EE4FF07-A56D-41DA-BAC1-587AD0863EE5}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9576ED4F-F3D3-421B-851A-EA8CAC010DDC}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3657D514-73CC-4A6E-BCB1-AD0FA2CED502}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{4294FE41-DAC7-4F44-9479-F36D4DBBBB92}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{6B4F058A-BB38-4242-A5E8-736F19C93D69}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{E31B9522-9A84-4C23-9F9D-B4E9296DAF9D}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8F7157CF-58CD-4E5F-93E8-F684C99B46A6}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{EA6743E4-2DDA-4596-A24C-3EBCA2CD2934}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [{51392C51-B819-4F17-B588-2F0A59CF28F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{7EDDB216-22CD-4ACE-B4CA-91DBA8065109}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{36ACE851-6FA1-43E8-8830-87489602CFAD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{9E6072B1-243E-4607-8261-9DC2D35B2BCD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{904B7528-A15C-4B24-AF16-ECAA0B3D6D87}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{553021BC-6E9F-48B2-A48A-8BFC8793293B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8E1309DC-E711-4624-BC14-06BA827F255F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{8A738709-8F43-43DB-8B41-6B8B9D659C7B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{165F9B7F-1ABD-4B75-B0B9-C9D3AF1C6C8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8D6F5A2F-AB87-4474-AE8C-268EC317D082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{882DDA1E-1797-4C8D-B7B1-7EC046C09CAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{178DB507-8C05-4B91-8D43-23F07A3F3E90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{66BB3191-9E45-47E4-B23F-9689763D1D89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{53322157-5BF7-4A59-B7DF-ECE2AA2B096D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{957B20E6-213F-4900-AE9C-2595E0FC7A73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{003B164E-96F1-44C9-8AC6-7DC763E9B37C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{4114852A-0504-41D6-B4A4-F10874A1E1E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7AA3C5D5-F9C4-4D2E-9E7F-30DF30E2298E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{3103D173-19BB-498B-BDB8-3BD93246371B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{7EAFF071-4732-4473-8434-937E416A33A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{0808623D-B568-4C2F-AB90-13C1A2A0BC79}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A2FC59C2-FE72-4DB0-BE84-C71FA67B049A}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [UDP Query User{0091A712-7316-4BB0-9567-DB4ED2CCAE2C}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [TCP Query User{88049ACA-17DC-4E8A-AD9A-22FCCEDB0F95}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{025A0A9B-CF16-490D-968A-4A519CEB05F5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{F69A8511-49F8-4A64-B903-7803F62542EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{88875109-6458-4D10-B5EC-6160942533D9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{3620D27E-0A5A-4992-94EA-28819E585337}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{4D49B0DE-78A4-4E2F-B86B-5C71B42A547F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{4F6891C3-C4C1-4CB9-82AB-9DC2CC7744D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{E60FB92B-7B1F-4FB0-9983-294FF306D5A5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{534E9AFB-53DB-4C19-9B69-B5CF03AF2621}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9CF1C447-1F74-4224-94F9-56A8E2ACAA4E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8DAA218-AB25-4A30-AF5A-B302D723FA5D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4E71A770-D637-4760-A672-924728F821D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{AB63AA2B-26BD-45B0-9CE2-0EA165118980}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{750D3D6A-9E69-4503-907F-8B84766719FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E513D3E1-8315-4D72-8112-4AE52E864B11}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8395B346-8251-44CB-9F47-19A2B8F991CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6BF77B84-E27E-49BB-85EC-084F50C01152}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [UDP Query User{D9F21994-9087-4CC1-91A7-A6AC6AC21FDA}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [TCP Query User{932DC11C-3578-4829-BB58-8DEA4451F3E8}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [{E4982598-1B17-4F9A-92B0-A97DFA0D8969}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{9882AE9D-8ACA-43EE-937C-B30A97B1EA9D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{FCBB5751-DA21-442D-B3F4-C75C850443C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E15BF8A3-61B5-4087-B52E-54CB23DCEC8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [UDP Query User{D44A29A5-9682-4184-A12A-D3848E3AF54E}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{C1F79FFE-5A29-4E9C-806A-C6E4A4AD2CF8}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{D65358B1-3C3A-438A-9C02-00A69955A4B8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4FACA89F-8360-4559-B593-8A8A62C42B60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{8B80574B-D3B4-40EB-A2CC-E6452A82A57A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{6576F812-EA0D-4CB7-9E29-4CD61F768913}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8A0128E7-BEE7-49AA-849D-0941E41787A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F2D08121-F09E-4AC9-A506-88954C015B67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{084858FE-CC1D-40CA-B216-8FE0863B5B6E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{A1584557-3DED-4262-9F18-FD7091440DC1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F53B7EA0-4176-48E3-850C-98F0F0847608}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D6D22702-F493-4DFF-8ECF-93A49B9E6085}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{821ED095-7918-4383-9C9B-3915F555E351}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{D21781BC-68D4-46AB-A324-723D1B113E51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3E4B4413-0E46-487B-A73F-3B64D9973610}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{50366807-F292-4728-B4AB-D2B736B3FB8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{F0B26C7D-DD07-4E19-AF87-EA42C8020751}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{8C009CE1-24F0-4D66-9B0C-9CDE44195540}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{2CB35982-ABC3-4C35-B315-5255C97FC7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{815BCFC8-E68A-4AB2-8F37-AFDA9D949400}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{8C05F04B-5060-4223-B4F0-042CBCB79BFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{3D3714CC-B944-44E7-B32E-EA7312DF3D60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{F49BFD88-F42C-4A40-B397-353E74AF8A47}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{50BE5F13-37EF-4D97-A843-F28155D3AED2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FA437E49-3A80-41B3-8BF6-AEBEAA632A96}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{E36A9235-3F7B-4191-A219-DE1D9D3D82DF}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{7115B09D-2CF2-44B4-9F57-E07CE944DA17}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{3270C909-24F9-454F-879D-071F39726FEB}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{33B47877-541D-4D49-9703-0C2ACEAA6341}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C3FA100E-4D78-4917-A4A7-7B0C17BDB5EC}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9CC92D98-1198-4B0E-BD70-D69CAB1455A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C7D65CDC-049A-4B8B-8D9B-2BD612D447CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{73ADE978-E53A-4D29-B42B-B438899D69CE}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{9B247D3D-34B7-40C7-A55F-D06AE3146EC6}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D5747574-B0EF-4CB4-A72F-5872AF0C6E66}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{CEE98252-4B0B-4997-8FDB-0F2A0B9BD5E1}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B11634B5-9E9A-4DEE-9DF2-22E2ABAE0262}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{F576C934-C549-43F4-8FA3-B067C82C7CF9}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{03D6DC67-94B5-47D2-AD34-D30049E9F8B9}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D7F1840C-9B7D-4D0E-9EE7-A78E3F68B3FB}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{C8BC0C11-AE31-42D1-BB26-36DA31E28D28}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{22E68F23-B492-4A4D-BB53-97AC0DB4FB59}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D4D0B3C9-5AFE-4BB9-B045-1F1A47351BDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{1DFE8043-002E-4D3D-9C3E-D5A8B4FD9FAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{89FA64F9-1D72-4512-AE62-B7934BB05DAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{786712AE-7193-427A-9544-BE17BBCC815C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{38ACF4AB-823C-47E8-9F52-C1D2550ED9C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6AA642D3-8A2F-44C3-9C55-D1B41879EE0F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [UDP Query User{2B4DA5C7-000C-44FD-979B-92910B76DA8C}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EFD73655-1356-427C-ACAB-4303F05BC13B}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DA44E897-2477-4A25-AC54-0700CEB5A6FA}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34B4BEB7-2827-4563-A860-C855B1CE9BBC}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [UDP Query User{62A688BB-FFE0-4D92-8A68-26BEC4C29FA2}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{32715F2F-269E-4E66-A9D3-C1584F472706}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{ED885F51-9EB9-4A3A-8A4E-883D26282E15}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{4DF4EC7A-9581-4ABC-B604-A876303A17E2}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{9506B136-4877-4406-8E96-A2E078EE26F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{14FD270A-F503-49FF-B521-9A1847FD8785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{731D2B39-4F01-4189-89B8-A7F89F1A0E7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{ADC968AB-A931-4E44-81F0-DB55F92D4BEC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [UDP Query User{819060AB-12D9-4783-BEC5-2151A70FDFF3}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{F2AE7830-9CED-4379-A3D9-928CD3E24032}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{D1461A24-2E2B-4341-81DB-96908BE9B6B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{14BA0501-516D-44F7-8F3C-D85C7AE9B1EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{75118281-45CA-4C42-A3D4-0C3EE99C7F75}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EBA31B81-FE0B-40C3-ABAE-E67F79C68CA4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9F978D43-9118-4B38-99D6-9AF98CACCB15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FF5D4631-DE06-44EE-8D02-1ED34F9F378D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{00A99602-0225-4E25-AF4B-5653BAF25F46}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{2D0F026A-A3C2-4462-B799-01BDDA5316F2}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{51EE29B1-FB68-4566-9B21-ED3E8FE69D9A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{2689F466-8710-4E34-92AD-467ED36F1EDD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [UDP Query User{9F411DDB-07ED-401D-B11A-561345B36BD3}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{B5FDD4EC-BD26-42D5-87A8-A4DEACBF824A}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{DE7D2B3D-A8B3-4B5B-B5C8-CB3D5A4F2779}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9C8DAB59-7C8B-4723-B666-2E281B66E04B}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [{32F81BF7-6DD4-4973-BECE-BF8D5614BB8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{98ADE586-69AD-4CE7-98D5-AB605A07E65F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{56B8E014-F687-4992-89E4-E01B71F8A251}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{0915F978-1854-485F-A388-9C4F2A67FDA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{4059C563-9EF6-471B-8209-7C28947F6233}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{F71FF282-E052-4C44-B7DB-BD381D8C3423}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2D1DA045-E6F3-4E61-8B58-09A2B4D127B7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{886AD962-8153-4159-87CD-B62FDC2082C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{7A80EFAC-6237-4B15-BAF5-BE64147FDAB0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [{77972C1E-E53F-4BED-8729-A28881C6A6DE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [UDP Query User{2E61565B-6990-4A59-AE0E-F6C62FDC1DE2}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{C8BB4F09-9EBD-4E1D-8936-B3E50C6E4D14}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{90D6DEB5-8542-451E-A9BD-2D2286A3D021}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{EBB68814-2F91-4013-8070-5C95AF8607A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [UDP Query User{9750FC29-0CA8-486F-95A9-36C4511641BE}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{F29253DD-845B-4919-998C-A17C61A6C79F}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{187B787F-EE9D-4C6F-96C3-32A8F562C51A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2CFB36F-C2CC-4D5A-8DD7-BE70E93E3E33}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2381088C-CD17-47C4-AC5F-E1506F86ECCC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{221BFBEA-B5BC-45D2-A5C5-403E609A2881}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{1F811F5D-1A1E-4A01-A9B9-8BB8E9473BA3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{0358047A-3434-4402-B322-0FACD892A43C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{80AB33F4-0E65-4A46-B32E-8E9EBE45DD3C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A952EF7-3588-466C-8A42-73B02A5AA105}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{FF71BAD1-507C-4A03-BCCC-5CC8F25A1C81}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{ACD0D2F6-E2E9-480A-9880-8EBDA343F9CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{BD06E472-490F-4FE3-8DA8-6E92828236CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{90A76F71-FE1A-4BA6-BFAD-47833C7C8DD0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{611FC127-1D6D-4C24-9311-8CB9698A04D7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{6900030B-CA52-4002-85A0-F6D062934084}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{44BD211B-77B4-4D2A-9D02-4FCC0BFB0802}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{2007D810-87C9-4BE4-B4B3-464DFC37D3DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{2DE4FE91-3DE7-4BEE-B526-1B9E3E49A63D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{3AED1BF5-E810-4E51-9364-80407CA23461}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{ECB390C3-738D-4B22-B16C-26DC851F99D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{7DC90B57-3390-4F05-900C-95684DF0C086}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [{5C498397-C8AF-4CCA-BED1-C4860DD31D4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [TCP Query User{B2D2A1CF-D1BD-4928-A88D-CD89D25643D4}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15165249-D612-4401-A12E-73006BD53D38}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [{940A0DFB-D5B1-4853-8569-567CE94CFFB5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{72B4EC1E-53D4-49A2-B225-06F326413486}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{3988B9CA-DB40-4984-9ACF-CC92E48F2A75}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ABAA0DC2-1BE5-4550-BA80-D39A001006CF}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [{F454F959-DF9D-432C-A534-F47BD03F9D59}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D0D77C75-CD16-4342-9568-80C3B1B7A4BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A48B48B0-9FD3-4E9D-9ACA-2E14733C0628}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{50D307DD-113C-493A-B5B8-E51DD3ED25FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3EEFD00B-71C6-4632-83D8-A7590B7CBD16}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{49AA4E96-2322-487C-80C6-FB3DE7AF5B7E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [TCP Query User{AE788611-7C47-462A-AC76-0A9E97D4300A}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D0574057-5293-4840-B837-0657D8A426AB}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E7801EE-AD3D-4DCB-8FEE-10B28323BB7F}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [UDP Query User{98EBC094-13DD-4CB7-BBF5-DB7CBC61C8B6}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [TCP Query User{2DFCF6C9-A0B8-4489-9FEC-C73FFB47C816}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CA458EE1-B8AA-409A-945E-3D788C7900BE}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{302AD794-90E7-49AF-97F3-A539E626F4AC}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{93C87B87-B5FE-4FA4-BAB9-06285C9845D1}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{41301FF2-2E70-41CB-9FD7-C0E969324E8A}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [UDP Query User{26585C94-4295-4072-A5F8-E6F019C6EA4E}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [TCP Query User{B5A9F877-151D-44C0-A1B7-DDB235AD06B1}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D591AA06-5DAC-4F2F-920F-D4714E1AE010}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [{A6ADFFDB-186B-407C-A274-8895B7A7447E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{B4997078-67CC-42A8-A054-E3D59D343788}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{3C5B5F81-7BD4-4DA5-98AA-C080B1811000}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6B2D9AC0-303D-424C-96A1-A4091C3D5FFF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [TCP Query User{861C0C3B-1165-404E-9DF3-EA2A6CE86666}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1B7202E-5CE9-4968-A76C-8384B960BCB7}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [{AFB2D075-0560-4276-B353-4C5A192287BD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [{217356E9-0E31-4916-8330-56D5A50E2400}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [TCP Query User{D87974C5-6960-4B99-835C-A84A8C5F151D}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC484CF4-EDCF-4429-935F-74DDE4322EFE}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD5F9239-E1B6-471D-B3F3-DE2BC7F72536}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{95EE92CB-F7A8-4702-B84C-5EAD4A3D39DB}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{524D1693-9E29-4F9F-A543-E366FA4EB9DE}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2F6426D7-F430-41C5-9E01-7CE671E1616F}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3FC9D089-BE27-4E4A-B682-CBF0BCAFC580}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{98F45318-DDB7-4588-A7BC-E42AFF540DD5}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83DFFEEC-DDAA-48A6-9680-E945178BDE7F}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EEEC02B6-8AB2-47AB-88FA-A91084E78635}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{54C45AB9-0BBB-4FAC-AFB4-6CD753996C00}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DA3CAC01-AAF5-47C5-9790-1356B48EEEAA}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86FFF1AE-9B60-4BB2-A523-5FBA74A3E2D5}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E42A70EB-A988-45AF-984F-95B3C7B0617F}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [{B8417AE4-B69E-4608-A025-609146443F52}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.52\opera.exe
FirewallRules: [TCP Query User{095C0C30-718A-40E1-9C91-7BAF35A4C77F}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B4F82A47-2FA5-4CFB-8216-6C2116E279BE}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [{7BE53509-65C8-4556-973D-6597197D3797}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1411DA5A-5E72-43E9-8AC1-CDB55E3133B5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{01FE5BA2-9C1A-49E9-8217-2AA702B291E5}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.34\opera.exe
FirewallRules: [{3EF5EBB0-8B0F-46AF-9529-1295BD5A6BBF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
26-10-2017 12:15:27 Geplanter Prüfpunkt
04-11-2017 12:40:13 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2017 08:22:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/06/2017 06:59:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wow-64.exe, Version 7.3.2.25383 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1784
Startzeit: 01d3572705fec3f2
Beendigungszeit: 4294967295
Anwendungspfad: D:\Program Files (x86)\World of Warcraft\Wow-64.exe
Berichts-ID: fd5e60e0-aec4-48f7-8502-a3b2bedb5612
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (11/03/2017 08:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x8400000e
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x23d4
Startzeit der fehlerhaften Anwendung: 0x01d35472830fa356
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 0cec459e-07fe-4a87-8388-94a009887aed
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/01/2017 01:32:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.15063.674_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (10/31/2017 10:48:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x8400000e
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x2be0
Startzeit der fehlerhaften Anwendung: 0x01d3522d4d2cc634
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d3ad92b3-a270-4aba-88ee-b351169a6b70
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/30/2017 02:39:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/30/2017 02:39:38 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (11/12/2017 02:10:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Manager für heruntergeladene Karten" wurde nicht richtig gestartet.
Error: (11/12/2017 02:07:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.
Error: (11/12/2017 02:07:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/12/2017 02:07:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/12/2017 02:03:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/12/2017 02:03:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/12/2017 02:03:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/12/2017 02:03:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/12/2017 02:01:06 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "User-PC\User" (SID: S-1-5-21-2440112941-538450990-2588341026-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/12/2017 02:01:06 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "User-PC\User" (SID: S-1-5-21-2440112941-538450990-2588341026-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-06-24 20:48:50.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.775
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:58.615
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.228
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:22.982
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:45:33.285
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16265.62 MB
Verfügbarer physikalischer RAM: 11518.33 MB
Summe virtueller Speicher: 32649.62 MB
Verfügbarer virtueller Speicher: 27562.53 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:487.84 GB) (Free:367.1 GB) NTFS
Drive d: () (Fixed) (Total:1374.51 GB) (Free:716.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0CD429A7)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
12.11.2017, 16:09
| #17 |
| /// TB-Ausbilder   | Probleme mit nicht Löschbarer Adware.Elex.ShrtCln Servus,
__________________wir kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 2 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 3
 Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
12.11.2017, 23:06
| #18 |
| | Probleme mit nicht Löschbarer Adware.Elex.ShrtClnCode:
ATTFilter HitmanPro 3.7.20.286
www.hitmanpro.com
Computer name . . . . : USER-PC
Windows . . . . . . . : 10.0.0.15063.X64/8
User name . . . . . . : USER-PC\User
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-11-12 18:22:47
Scan mode . . . . . . : Normal
Scan duration . . . . : 14m 4s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 1
Traces . . . . . . . : 19
Objects scanned . . . : 2.264.424
Files scanned . . . . : 110.636
Remnants scanned . . : 763.862 files / 1.389.926 keys
Malware _____________________________________________________________________
C:\Users\User\Downloads\Paint NET - CHIP-Installer.exe
Size . . . . . . . : 1.496.584 bytes
Age . . . . . . . : 280.8 days (2017-02-04 23:02:59)
Entropy . . . . . : 7.1
SHA-256 . . . . . : 8AFC830B9279D7A5F6C0A92CF0292F2169FED1F45D808561BE202D21AE624D77
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
Fuzzy . . . . . . : 103.0
Suspicious files ____________________________________________________________
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3B3M94AG\FRST64[1].exe
Size . . . . . . . : 2.392.576 bytes
Age . . . . . . . : 0.2 days (2017-11-12 14:02:18)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 161D6127F697B433318BCC5B6423D6E1B63EB57CEA4556A643453D89B21BB61E
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-1.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{78F92F4B-789F-405C-98A3-36C3FBAFA5B6}
-1.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3B3M94AG\82[1].htm
-0.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCookies\E2VTLGQY.cookie
-0.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3MOOJI0H\82[1].htm
0.0s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3B3M94AG\FRST64[1].exe
0.0s C:\Users\User\Desktop\FRST64.exe
0.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\97\0D1D736922DB8315.dat
1.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\37\B0B700DA5417A9BD.dat
1.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\85\EF7E2EB4E060A351.dat
3.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\68F3C58520455393585CECC2CA28D58F
3.3s C:\Users\User\Desktop\FRST-OlderVersion\
4.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\45\45C68FBF945E49E5.dat
13.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\BrowserMetrics-active.pma
15.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{25B0C385-EF0D-463C-8AA9-D750EBCB08EC}
15.8s C:\FRST\Logs\Fixlog_12-11-2017 14.02.33.txt
18.2s C:\Users\User\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000090.db
21.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
C:\Users\User\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
Size . . . . . . . : 951.497 bytes
Age . . . . . . . : 1260.2 days (2014-06-01 14:38:56)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 43358BBCEC1EBE7927CA3B0A3DCA0597D5E8584F0FCBE987B8126A0C12D73A2B
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\User\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
Size . . . . . . . : 140.072 bytes
Age . . . . . . . : 1260.2 days (2014-06-01 14:39:07)
Entropy . . . . . : 7.7
SHA-256 . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
Size . . . . . . . : 953.886 bytes
Age . . . . . . . : 962.2 days (2015-03-26 14:30:46)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\User\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
Size . . . . . . . : 953.886 bytes
Age . . . . . . . : 962.2 days (2015-03-26 14:30:46)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\User\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
Size . . . . . . . : 138.032 bytes
Age . . . . . . . : 962.2 days (2015-03-26 14:30:58)
Entropy . . . . . : 7.8
SHA-256 . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\AppData\Local\PunkBuster\GRO\pb\dll\wc002334.dll
Size . . . . . . . : 976.576 bytes
Age . . . . . . . : 1305.4 days (2014-04-17 08:52:12)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 81321780DAB94F4E20DCC1AF77F370F7277AE4A4D8771125F7CF435F47D6F9D0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\AppData\Local\PunkBuster\GRO\pb\pbcl.dll
Size . . . . . . . : 976.576 bytes
Age . . . . . . . : 1258.1 days (2014-06-03 16:59:05)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 81321780DAB94F4E20DCC1AF77F370F7277AE4A4D8771125F7CF435F47D6F9D0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\AppData\Local\PunkBuster\GRO\pb\pbclold.dll
Size . . . . . . . : 976.576 bytes
Age . . . . . . . : 1305.4 days (2014-04-17 08:43:04)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 81321780DAB94F4E20DCC1AF77F370F7277AE4A4D8771125F7CF435F47D6F9D0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\AppData\Local\PunkBuster\GRO\pb\PnkBstrK.sys
Size . . . . . . . : 139.584 bytes
Age . . . . . . . : 1305.4 days (2014-04-17 08:43:16)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 1E1736FDACDED257CE3621990CBD216D68001A778887CECE5065FCE564CFDFE1
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\User\Desktop\FRST-OlderVersion\FRST64.exe
Size . . . . . . . : 2.403.328 bytes
Age . . . . . . . : 3.0 days (2017-11-09 19:25:19)
Entropy . . . . . : 7.6
SHA-256 . . . . . : EBA1CE9AD4DBF4C3EC0084DC9A2903037BD618482044DD4CC3135A1F7B422E19
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\User\Desktop\FRST-OlderVersion\FRST64.exe
1.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\74\BCA25B69BE74C7B2.dat
1.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\74\BCA25B69BE74C7B2.dat
5.0s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{2DCE11B9-234E-49DA-BFBB-A83936B1D352}
10.1s C:\FRST\Hives\
11.3s C:\FRST\Hives\ERDNT.INF
11.3s C:\FRST\Hives\ERDNT.CON
11.3s C:\FRST\Hives\SYSTEM
12.0s C:\FRST\Hives\SOFTWARE
12.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\40\9E4B90858055AAD4.dat
12.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\26\4A6D46E8F573A0F6.dat
13.8s C:\FRST\Hives\DEFAULT
13.8s C:\FRST\Hives\SECURITY
13.8s C:\FRST\Hives\SAM
13.9s C:\FRST\Hives\BCD
13.9s C:\FRST\Hives\Users\
13.9s C:\FRST\Hives\Users\00000001\
13.9s C:\FRST\Hives\Users\00000001\NTUSER.DAT
14.0s C:\FRST\Hives\Users\00000002\
14.0s C:\FRST\Hives\Users\00000002\UsrClass.dat
14.1s C:\FRST\Hives\DRIVERS
14.4s C:\FRST\Hives\ERDNT.EXE
14.4s C:\FRST\Hives\ERDNTWIN.LOC
14.4s C:\FRST\Hives\ERDNTDOS.LOC
14.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\74\BCA25B69BE74C7B2.dat
19.7s C:\Windows\Prefetch\FRST64.EXE-BB427519.pf
20.8s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{B04445D0-D9F8-4724-9B92-54C706B73182}
C:\Users\User\Desktop\FRST64.exe
Size . . . . . . . : 2.392.576 bytes
Age . . . . . . . : 0.2 days (2017-11-12 14:02:18)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 161D6127F697B433318BCC5B6423D6E1B63EB57CEA4556A643453D89B21BB61E
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-1.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{78F92F4B-789F-405C-98A3-36C3FBAFA5B6}
-1.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3B3M94AG\82[1].htm
-0.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCookies\E2VTLGQY.cookie
-0.5s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3MOOJI0H\82[1].htm
-0.0s C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\3B3M94AG\FRST64[1].exe
0.0s C:\Users\User\Desktop\FRST64.exe
0.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\97\0D1D736922DB8315.dat
1.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\37\B0B700DA5417A9BD.dat
1.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\85\EF7E2EB4E060A351.dat
3.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\68F3C58520455393585CECC2CA28D58F
3.3s C:\Users\User\Desktop\FRST-OlderVersion\
4.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\45\45C68FBF945E49E5.dat
13.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\BrowserMetrics-active.pma
15.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{25B0C385-EF0D-463C-8AA9-D750EBCB08EC}
15.8s C:\FRST\Logs\Fixlog_12-11-2017 14.02.33.txt
18.2s C:\Users\User\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000090.db
21.4s C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
Potential Unwanted Programs _________________________________________________
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}\ (BrowserExtensions)
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}\ (BrowserExtensions)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}\ (Shopperz)
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}\ (Shopperz)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}\ (Shopperz)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
Code:
ATTFilter C:\AdwCleaner\Quarantine\exuieaoEiI\SPPD.sys Variante von Win64/Conduit.SearchProtect.C eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Program Files (x86)\AGEIA Technologies\b10a0213-acef-4521-99fa-0d6aa48db07e.dll.xBAD Variante von Win64/Toolbar.Crossrider.Q eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Program Files (x86)\b10a0213-acef-4521-99fa-0d6aa48db07e\01ce341f-554d-422d-a88f-8dde5a10a59e.dll.xBAD Variante von Win64/Toolbar.Crossrider.Q eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Qoobox\Quarantine\C\Users\User\AppData\Roaming\03000200-1424452279-0500-0006-000700080009\jnsqBF49.tmp.vir.xBAD Win32/Adware.ConvertAd.AR Anwendung
C:\FRST\Quarantine\C\Qoobox\Quarantine\C\Users\User\AppData\Roaming\03000200-1424452279-0500-0006-000700080009\Uninstall.exe.vir.xBAD Win32/Adware.ConvertAd.AQ Anwendung
C:\FRST\Quarantine\C\Qoobox\Quarantine\C\Users\User\AppData\Roaming\03000200-1424452279-0500-0006-000700080009\vnsq896D.tmp.vir.xBAD Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Local\03000200-1424452320-0500-0006-000700080009\onsa27FE.tmp.xBAD Variante von Win32/Adware.ConvertAd.AL Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Local\03000200-1424452320-0500-0006-000700080009\pnsa27FF.exe.xBAD Variante von Win32/Adware.ConvertAd.QH Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Local\03000200-1424452320-0500-0006-000700080009\snsa27FC.tmp.xBAD Variante von Win32/Adware.AdService.AN Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Local\03000200-1424452320-0500-0006-000700080009\Uninstall.exe.xBAD Win32/Adware.ConvertAd.AQ Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk\1.26.102_0\extensionData\plugins\91.js.xBAD JS/Toolbar.Crossrider.B eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk\1.26.105_0\extensionData\plugins\91.js.xBAD JS/Toolbar.Crossrider.B eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk\1.26.95_0\extensionData\plugins\91.js.xBAD JS/Toolbar.Crossrider.B eventuell unerwünschte Anwendung
C:\FRST\Quarantine\C\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll.xBAD Variante von Win32/Toolbar.Linkury.G eventuell unerwünschte Anwendung
C:\Qoobox\Quarantine\C\Users\User\AppData\Roaming\03000200-1424452279-0500-0006-000700080009\nsv93D0.tmpfs.vir Variante von Win32/Adware.ConvertAd.BM Anwendung
C:\Qoobox\Quarantine\C\Users\User\AppData\Roaming\03000200-1424452279-0500-0006-000700080009\rnsaBD13.exe.vir Variante von Win32/Adware.ConvertAd.GM Anwendung
C:\Users\User\Downloads\Paint NET - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll Variante von MSIL/Toolbar.Linkury.BJ eventuell unerwünschte Anwendung
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
durchgeführt von User (Administrator) auf USER-PC (12-11-2017 23:03:24)
Gestartet von C:\Users\User\Desktop
Geladene Profile: User & DefaultAppPool (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098952 2017-11-02] (Electronic Arts)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5187648 2017-10-19] (GOG.com)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [228864 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => Keine Datei
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-07-08] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8b0d2022-b991-4718-93be-7a02131a75f6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2440112941-538450990-2588341026-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2440112941-538450990-2588341026-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-11-06] ()
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MD713A93F-1957-49B5-B20A-CF925371BF4A&SearchSource=55&CUI=&UM=8&UP=SP40A464AF-B91F-4B2C-A91C-81DF8F108ABA&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MD713A93F-1957-49B5-B20A-CF925371BF4A&SearchSource=55&CUI=&UM=8&UP=SP40A464AF-B91F-4B2C-A91C-81DF8F108ABA&SSPV=","hxxp://myhome.vi-view.com/?type=hp&ts=1421856106&from=cor&uid=WDCXWD20EFRX-68EUZN0_WD-WMC4M118017580175","hxxp://istart.webssearches.com/?type=hp&ts=1424448595&from=exp&uid=WDCXWD20EFRX-68EUZN0_WD-WMC4M118017580175","hxxps://encrypted.google.com"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.de/webhp?hl=de
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-11-12]
CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-11-12]
CHR Extension: (Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-12]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-12]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-12]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-12]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-12]
CHR Extension: (Tabellen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-12]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-12]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-11-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-12]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Session Restore: -> ist aktiviert.
OPR Extension: (Radio Canyon) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk [2015-06-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-10-02] () [Datei ist nicht signiert]
S3 DAUpdaterSvc; D:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-01-28] (BioWare)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [536128 2017-10-19] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8256576 2017-10-11] (GOG.com)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-12] (Malwarebytes)
R1 MpKslb43a4178; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{76B664E1-8378-4AEC-878C-55A977ACAACF}\MpKslb43a4178.sys [58120 2017-11-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-04-27] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-12 23:03 - 2017-11-12 23:04 - 000020995 _____ C:\Users\User\Desktop\FRST.txt
2017-11-12 23:01 - 2017-11-12 23:01 - 000006254 _____ C:\Users\User\Desktop\eset.txt
2017-11-12 18:38 - 2017-11-12 18:38 - 006974584 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_deu (1).exe
2017-11-12 18:38 - 2017-11-12 18:38 - 000000000 ____D C:\Users\User\AppData\Local\ESET
2017-11-12 18:24 - 2017-11-12 18:24 - 006974584 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_deu.exe
2017-11-12 18:21 - 2017-11-12 18:21 - 000001974 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-11-12 18:21 - 2017-11-12 18:21 - 000000000 ____D C:\Program Files\HitmanPro
2017-11-12 18:20 - 2017-11-12 18:22 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-12 18:20 - 2017-11-12 18:20 - 011584088 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe
2017-11-12 14:02 - 2017-11-12 23:02 - 000000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2017-11-12 14:01 - 2017-11-12 14:01 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-12 14:01 - 2017-11-12 14:01 - 000002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-12 14:00 - 2017-11-12 14:00 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-12 14:00 - 2017-11-12 14:00 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-11 16:04 - 2017-11-11 16:04 - 001783198 _____ C:\Users\User\Downloads\Nicht bestätigt 309963.crdownload
2017-11-10 22:29 - 2017-11-10 22:36 - 000001806 _____ C:\Users\User\Desktop\mbam.txt.txt
2017-11-09 19:25 - 2017-11-12 23:02 - 002392576 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2017-11-08 22:51 - 2017-11-08 22:51 - 008261584 _____ (Malwarebytes) C:\Users\User\Desktop\AdwCleaner_7.0.4.0.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-12 23:03 - 2015-02-22 13:06 - 000000000 ____D C:\FRST
2017-11-12 22:53 - 2013-10-01 21:09 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2017-11-12 22:45 - 2017-05-21 09:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-12 19:51 - 2017-05-21 10:15 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C722207A-59FA-447E-9A7F-6EE09C1510F3}
2017-11-12 19:32 - 2013-12-26 21:04 - 000000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2017-11-12 18:51 - 2016-06-10 22:28 - 000000000 ____D C:\Users\User\AppData\Roaming\obs-studio
2017-11-12 14:10 - 2014-05-29 21:40 - 000000000 ____D C:\Users\User\AppData\Roaming\Origin
2017-11-12 14:09 - 2014-05-29 21:38 - 000000000 ____D C:\ProgramData\Origin
2017-11-12 14:04 - 2016-04-30 07:35 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2017-11-12 14:03 - 2017-10-05 22:14 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-12 14:03 - 2017-05-21 10:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-12 14:03 - 2016-09-22 06:47 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-12 14:02 - 2017-03-18 12:40 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2017-11-12 14:01 - 2013-10-01 20:28 - 000000000 ____D C:\Users\User\AppData\Local\Google
2017-11-12 14:00 - 2013-10-01 20:28 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-12 13:58 - 2013-11-02 10:35 - 000000426 _____ C:\Users\User\Desktop\Ragnarok.txt
2017-11-12 06:57 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-12 06:57 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-12 00:43 - 2015-03-26 14:24 - 000000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2017-11-11 17:39 - 2014-04-17 18:35 - 000000000 ____D C:\Users\User\AppData\Local\Battle.net
2017-11-11 16:54 - 2014-04-17 18:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-11 15:56 - 2017-06-29 15:13 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2017-11-11 15:56 - 2017-05-21 10:15 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1380645316
2017-11-11 15:56 - 2013-10-01 16:45 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-11 15:43 - 2016-05-02 04:54 - 000000000 ____D C:\Users\User\AppData\LocalLow\Temp
2017-11-10 22:20 - 2017-05-21 09:57 - 002427406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-10 22:20 - 2017-03-20 05:35 - 001068990 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-10 22:20 - 2017-03-20 05:35 - 000249490 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-10 22:12 - 2015-02-20 23:11 - 000000000 ____D C:\AdwCleaner
2017-11-08 23:26 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-08 16:31 - 2013-12-16 20:18 - 000000851 _____ C:\Users\User\Desktop\adressen.txt
2017-11-07 00:16 - 2017-07-27 16:17 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2440112941-538450990-2588341026-1000
2017-11-07 00:16 - 2016-04-30 07:44 - 000002380 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 00:16 - 2016-04-30 07:44 - 000000000 ___RD C:\Users\User\OneDrive
2017-11-06 21:29 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-05 14:14 - 2017-05-21 10:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-11-04 09:48 - 2014-05-29 21:38 - 000000000 ____D C:\Program Files (x86)\Origin
2017-11-03 23:59 - 2014-06-05 19:28 - 000000000 ____D C:\Users\User\AppData\Local\SniperV2
2017-10-30 14:42 - 2014-01-10 17:52 - 000000000 ____D C:\Users\User\AppData\Roaming\Audacity
2017-10-27 16:04 - 2013-12-26 21:03 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-10-26 12:48 - 2014-07-27 01:10 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2017-10-26 08:14 - 2017-05-21 10:15 - 000004642 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-26 08:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-26 08:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-25 21:31 - 2015-01-21 17:02 - 000000000 ____D C:\Users\User\AppData\Local\JDownloader v2.0
2017-10-13 14:16 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-23 13:41 - 2014-03-23 13:41 - 000000044 _____ () C:\Users\User\AppData\Roaming\WB.CFG
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-05 15:13
==================== Ende von FRST.txt ============================
|
|
13.11.2017, 10:46
| #19 |
| | Probleme mit nicht Löschbarer Adware.Elex.ShrtClnCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
durchgeführt von User (12-11-2017 23:05:25)
Gestartet von C:\Users\User\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-21 09:23:43)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2440112941-538450990-2588341026-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2440112941-538450990-2588341026-503 - Limited - Disabled)
Gast (S-1-5-21-2440112941-538450990-2588341026-501 - Limited - Disabled)
User (S-1-5-21-2440112941-538450990-2588341026-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Player 6.2.20 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.2.20 - Aiseesoft Studio)
Akamai NetSession Interface (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version: - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse Client (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.6.7 - Graeme Gott)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 49.0.2725.34 (HKLM-x32\...\Opera 49.0.2725.34) (Version: 49.0.2725.34 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Rage of Mages (HKLM-x32\...\1459856053_is1) (Version: 2.1.0.3 - GOG.com)
Rage of Mages (HKLM-x32\...\Rage of Mages) (Version: - )
Ragnarok Restart (HKLM-x32\...\{06A73F7C-3719-4664-89DC-21FB0B3D7C9D}) (Version: 1.0.2 - Gravity Interactive, Inc.) Hidden
Ragnarok Restart (HKLM-x32\...\Ragnarok Restart 1.0.2) (Version: 1.0.2 - Gravity Interactive, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
skate's Thumbnail Tool Version 1.1.2 (HKLM-x32\...\{E68C580F-B6A5-4D47-89EC-307B9096FC10}_is1) (Version: 1.1.2 - skate702.de)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.60 - NCH Software)
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\{A7A1153A-3CA3-4366-B37D-291522538794}) (Version: 7.0.0.0 - VisioForge) Hidden
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\VisioForge Media Player SDK ActiveX LITE 7.0.0.0) (Version: 7.0.0.0 - VisioForge)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Warcraft III) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{d966ac89-a571-4a5c-bcf0-638a3cdf1b14}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02CBCC90-3E56-4541-96EC-B200672D50B5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04DCEB08-147F-4B59-88EB-9F3F89DE852C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {0E64ADC2-2056-475B-A71C-FFFE220DD0A1} - System32\Tasks\Opera scheduled Autoupdate 1380645316 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-07] (Opera Software)
Task: {132A5559-4118-4295-A1E1-C141CB2F74F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {14EE976F-63B2-4DD4-99DE-1835879794C7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {1B41679F-8512-4E70-8E44-8A344FBCA5D7} - System32\Tasks\{68198F9C-F8D5-440A-A307-2045870E9B9A} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings old.exe" -d "D:\Program Files (x86)\epicRO Ragnarok Online"
Task: {1FA9B476-5068-4DF9-A7C0-DE98215EA21A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {2098291A-6826-4D8E-90E2-E7C7DE426F36} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BF954F7-B5F8-4A34-8C72-ED4883865256} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C1B2D-FB8D-4193-8444-231AD0F9BBED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {309921DD-F04E-4995-AA50-9A6470930DC9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3515463A-AD78-4987-86A5-060287B7AB95} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD)
Task: {3754061D-CD83-4496-8AA0-8FE1BA314C47} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {3EF7C9D3-8A19-4234-810A-2DDB201C8958} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {427CCE13-B111-4A80-BBB0-6D6F981E965F} - System32\Tasks\{A5DBFEE4-0356-4708-A655-BFA7E35BF624} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings.exe" -d "d:\Program Files (x86)\epicRO Ragnarok Online\"
Task: {4478F7FB-D260-4CB8-82E0-5CA44CDF79C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {5256B3A6-7B23-454C-AD22-5E2A693BC4C4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {55978C82-CC08-4BBE-8D03-B568E1E8E4E0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61160297-9C11-42C4-AA85-47CC9FA41C41} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61C34886-4054-4DD8-A557-3A7B140BEBBF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {65342EE4-2ADC-4994-8633-40C4B9E686C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {751916EA-7824-4174-B568-FC51A3F7BFE5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {760979B4-03D3-42CA-9AC0-C4FC833C0332} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8130F5FA-AF7D-4943-B2BA-060B3A46CDAE} - System32\Tasks\{438FA2C7-F30F-4579-A499-B2964FEB6E44} => C:\WINDOWS\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {83D8EA44-D5EA-48DC-AD74-8BAE0ABD30A4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8612CAD8-A91C-4A81-A388-BD870CF508D5} - System32\Tasks\easyVPN => C:\Program Files (x86)\EasyVpn\app\easyvpn.exe
Task: {89F9EDD9-7C6B-442A-80AE-7C781EA7CEFB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BD8CDAB-DB90-48FD-9680-5746409A4010} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A10630E0-7C00-4372-A960-4FC859BA913C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {B55CF8D6-4BF9-4075-BC29-60C0CC07BD2C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF5E2522-FE1D-4E8C-9FA9-E1B27B81D2DA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8A508EB-2906-4504-9BFC-EBFF5AE097B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {D603657B-A4C5-4DD5-AB65-50C5B5C8B92D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {DB881C0E-C3BE-4699-AA40-CA7398035898} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DE82B7E1-A074-4B4B-96F8-B77C47A4381E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEC8126C-17DA-4FAD-A5F2-57CB2B91A8B0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {E0E54520-18CA-4D7E-963B-A5AA232C6777} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDFDCDC2-3F60-4BC2-ACE9-FA32929FA671} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F191C630-1ACC-4331-9C15-E924A011A9C0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6112400-8A8F-4A0B-B5DA-75DC52204405} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\User\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-05-21 09:57 - 2017-05-01 21:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-29 10:28 - 2015-05-29 10:28 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-09-02 12:09 - 2017-10-10 12:28 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-04 09:48 - 2017-11-02 07:51 - 000021848 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-09-07 17:12 - 2017-09-07 17:12 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-11-12 14:01 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll
2017-11-12 14:01 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll
2015-03-31 17:25 - 2016-05-02 07:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-11-04 09:47 - 2017-11-01 07:30 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-11-04 09:47 - 2017-11-01 07:30 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2014-05-29 21:40 - 2016-06-10 14:21 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000507968 _____ () D:\Program Files (x86)\GOG Galaxy\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001076800 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNet.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 053018112 _____ () D:\Program Files (x86)\GOG Galaxy\libcef.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001854528 _____ () D:\Program Files (x86)\GOG Galaxy\PocoData.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000393280 _____ () D:\Program Files (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001589312 _____ () D:\Program Files (x86)\GOG Galaxy\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000307776 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNetSSL.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000330816 _____ () D:\Program Files (x86)\GOG Galaxy\PocoJSON.dll
2017-06-21 21:52 - 2017-10-19 17:33 - 000130112 _____ () D:\Program Files (x86)\GOG Galaxy\xdelta3.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000104000 _____ () D:\Program Files (x86)\GOG Galaxy\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000520768 _____ () D:\Program Files (x86)\GOG Galaxy\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000272448 _____ () D:\Program Files (x86)\GOG Galaxy\PocoZip.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000680000 _____ () D:\Program Files (x86)\GOG Galaxy\sqlite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000425536 _____ () D:\Program Files (x86)\GOG Galaxy\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000157760 _____ () D:\Program Files (x86)\GOG Galaxy\PocoCrypto.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000152128 _____ () D:\Program Files (x86)\GOG Galaxy\expat.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 001738752 _____ () D:\Program Files (x86)\GOG Galaxy\libglesv2.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 000078848 _____ () D:\Program Files (x86)\GOG Galaxy\libegl.dll
2013-10-01 15:05 - 2012-06-25 09:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-08-09 08:19 - 2017-08-08 14:13 - 001893880 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-12 22:00 - 2017-08-12 22:00 - 001577976 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-08-09 08:19 - 2017-08-08 14:13 - 001938424 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-09 08:19 - 2017-08-08 14:13 - 000095736 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-08-12 22:00 - 2017-10-06 10:48 - 009722360 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-12 22:00 - 2017-11-07 20:29 - 001471992 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-11-12 15:04 - 2017-11-12 15:04 - 000148992 _____ () \\?\C:\Users\User\AppData\Local\Temp\8C70.tmp.node
2017-08-12 22:00 - 2017-08-12 22:00 - 002658296 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-12 22:00 - 2017-08-12 22:00 - 002673656 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
2013-08-21 13:18 - 2017-09-09 20:25 - 000688416 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 15:17 - 2017-10-31 04:22 - 002546976 _____ () D:\Program Files (x86)\Steam\video.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 002549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2013-09-21 09:35 - 2017-10-31 04:22 - 000901408 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 10:59 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 06:22 - 2017-09-07 03:04 - 000678400 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-14 14:24 - 2017-08-16 23:28 - 073130272 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-20 16:13 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2017-07-11 10:32 - 2017-08-16 23:29 - 001936672 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-07-11 10:32 - 2017-08-16 23:29 - 000113952 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-06-18 08:56 - 000000029 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\Desktop\black-rock-shooter11.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{9C3706ED-64EE-462D-AAC4-745260CD6FBB}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C169F269-54EE-4253-AF5D-4B55C15F1775}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{695FAF78-0DBE-45B8-A05F-E1B4BAA59FCE}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{09B5A604-B7E3-4625-B7A6-CFED54329A9C}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D892EF5A-DCC7-4FB0-A4E0-74D8A766440C}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{B3FB41F1-79B3-413C-B008-0001AAE7FBD3}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [{E3C4DEBD-FD96-4789-A362-859D9FD41B64}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{31812AB7-9EB1-4B6D-855C-B28552F64977}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{0BBA4094-B486-4BD8-BD46-7C0A8517B2B4}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{33751D31-A83B-43A3-9DE2-808B05A1B520}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{2ADDDE45-FFED-4DF4-B5B9-728AB583858F}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9D7F081C-EB2E-4288-B03A-8395972D4B75}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [UDP Query User{923B508F-9F5D-4736-B953-3F24F729A1D6}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F5659E42-B74A-494A-A8AF-A9541DFAF5AD}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E8D1EEDE-AC10-488C-A308-7A3D95633109}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B9422F32-ED23-4E77-95BE-1C8233C30CFA}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9095436E-783B-47EF-86BC-8870FE9245E3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{0D545466-2DB6-43A5-B930-F5FF09CBD54F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{3E98866F-EB4C-4254-A94D-4A240BCB0810}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [TCP Query User{C77808E2-8F06-4C7B-9D6A-89E709CC510E}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [{034B23A9-B7F7-41BC-AAD2-C3EAF9995FC6}] => (Allow) D:\Program Files (x86)\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [UDP Query User{F9497AD2-3548-45B8-B03D-AC8BDDAF00BB}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63CB44E6-8816-4F9E-BEC8-F43B341F13FE}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4B60DBDC-8500-4884-A6D6-85CA309AF5E8}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C9D014AE-64A9-407E-8C50-9B0B4B956CDD}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{454C40F0-077B-4441-86C6-5CEA893D16D4}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E2694FD4-2DDF-4A8F-9612-485E47DB2A68}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE534BD4-C74C-4126-A126-F096C261E9B4}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83F87CDE-9639-48A9-9D2C-29F06783669B}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{96A0F636-1016-47B0-9613-0838C573627C}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [TCP Query User{FE7968CC-68BD-4058-BA5E-DC6CE5390C53}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [{00C61FF4-17AB-42E3-AF35-4E125D337D5C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{FEAC0CEF-CCF3-481B-983C-289FC5D90A06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [UDP Query User{22C8D6D8-21AC-48A7-B237-F110416F8C62}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{D9BC6E22-9F8B-48C4-AD56-84EDC163AF26}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [{138D4B24-E374-408F-B77C-CAB04725CB4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{2E74C4B3-E1DB-4017-A634-089C73E3BCC5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{C5005979-5EB3-4275-BA81-941B5BCA303D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9549E5A5-22C2-4148-B904-EFA25A3A1EDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{A93E3F9B-68D2-4AC5-9E6E-753A5893817E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{946AF9B7-81E4-405F-BC10-879736EA5FC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{F67FF78E-10CC-4937-84C3-79D4E637771B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{B6E043D3-CCEC-4261-8EA2-ABD080F46CAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{DB413EC0-A14F-4E83-B401-3584D74AC9DB}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{06670257-4FD9-4B83-B20C-8BD10B937C8D}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{3F4F719E-7FB6-42BE-AFB1-41F9A3F67E0C}D:\program files (x86)\tom clancy's the division\thedivision.exe] => (Allow) D:\program files (x86)\tom clancy's the division\thedivision.exe
FirewallRules: [UDP Query User{56062B46-5268-47A5-8E3C-2F707B84A363}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{5150902E-AE6C-46A5-8A2F-EA4D374487E6}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{AC698FB7-8262-4B5F-AE3C-EA35071684B7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{105A53C0-E656-4632-8371-77B9CAA10444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{DE45B7B9-33A9-46F3-B80C-186992B98BFF}] => (Allow) LPort=1900
FirewallRules: [{51700128-C169-4AF0-ABB3-6019B2234BEB}] => (Allow) LPort=2869
FirewallRules: [{F87F89FA-B567-48B1-B68A-49BFE0EC8F02}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{DF780692-03C9-4FAE-A9F6-55D3D1FACBC8}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{80C4801A-B800-4EE1-B75A-68B715969375}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AE71D734-B4B0-493F-8148-113142CAC814}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD1244D8-3CEF-4F9A-A4F2-59E3D4E6DBE9}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{B310F864-AB7F-46F8-8033-12DBB4ABDB84}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{4E5588DC-8A03-452C-A814-28A50BA283A0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{6FAA8E9A-1BFA-4B80-BF68-1CA0467272B3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8E53D14C-173C-469E-A7C0-FC634251035E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9C45902-1EE0-4ACC-ADA9-5742294F28B0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{199F447F-5289-4187-8331-07E5E48F8C9D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{978218B0-6367-4C89-A1BA-236419747157}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7834845B-A3B9-4A8E-BA47-C5CCF350686C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{939B4E88-BE25-40B1-91AD-DCDE2EAD1C68}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{BAED523B-EF2C-4F7E-A3AC-36B6F2FFEE4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{5582C2C5-8E66-48AB-8CFD-4E6865417117}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{A9599D5A-FCF6-4A13-8047-5EEC6C9DA6DF}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [UDP Query User{413A1624-EA4A-4FD1-A1C4-ECC6CC7A5A21}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EB1682A1-C4BA-4C3A-946F-1C32B10ED1CC}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [{43F29742-2B27-404F-A374-478205BA4294}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{80330737-BF6C-42C7-848C-A6732C78481D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{556DC0B1-24E8-44A0-978E-2F284096707A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{81D69276-A640-4E1A-8132-9679BD381CD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{BB290AEC-5AE9-4F47-8473-60B0DECD026D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{EBD8D74F-07DA-492A-9CD8-44E4DFC293E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{04C52C4F-CBE2-41E7-BCEC-1588F0F9E24A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{6BED1BD7-EA9E-4F1D-99D9-13AC8309FF08}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{C701686D-4ADA-4FBD-B698-6CD754F24116}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{56823176-FF81-41C2-B366-A2AC4CD39181}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [UDP Query User{931E706C-0C8F-450A-B2A1-6CFDFDA9A1D7}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{426C2B60-F3F7-4DA9-A811-0DA28546F717}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{9286A25F-2705-4B5E-906A-A99D35B85F6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{0A1E6997-17D3-4747-8106-B50C0B323E1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [UDP Query User{4898D512-B876-4D84-A582-19FD92816FB4}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{BD67A5BD-BEE6-4F4F-A79A-859EA844729E}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [{9FD52067-AF88-41C9-89A8-1CE183DA83A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{2BCD56F3-0687-451D-ABA0-C2A00E081366}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{C437CE87-A71C-43E7-BA62-1BDFCFAD7F0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6BCF7699-632C-464D-B5D6-6A280DEE14A9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [UDP Query User{EBDBC056-CADE-4223-A181-F5FDDB377A56}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [TCP Query User{927370DD-8BA9-44E7-AA86-47CA6629B42B}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{95F8A3D2-3A8C-4EDA-A729-55A671CCAEEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27EF9A32-7213-41A4-98AD-AF9DA32C3C31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94E71186-8933-4C9D-A6C3-098CCDB59886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{769D1814-4C10-4D99-9087-0DEF9A84DD42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9BA40C0A-53A8-458E-847C-F469DCE30002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{854A45F9-FC3B-4D9C-AF2A-ACC6E1D2F077}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EDDB763B-D7EB-4B44-BBC1-4B6F068D1B86}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DCC82C4C-AA14-464F-8CEF-374219504A06}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C458D6A8-9D64-4EE2-B89C-444F1D57F5D2}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{61043D88-EAA3-4BC0-8920-FF23913988AB}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{12EF483D-954A-469D-BB1A-65E18C8405B6}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{A66B7710-C51E-41A7-B65D-8461ED7E7970}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F3A2F987-9BF7-4B4D-AE65-FCC310AD82C2}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{BDEB1C7A-0B1A-4F15-9995-0F56C7D56F55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{0BE4DEDB-B609-4A08-8EDA-F7C04CC842AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{76EEA0D2-F8F5-40AD-A054-638833F75E30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{6964DBF8-F8B3-4340-845E-EDBDFAEEBAE0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [UDP Query User{E2089537-DCE3-4B3A-B332-2411C7E09E4F}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{54417066-6F8B-4E28-9F85-0A8AE3DC904B}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{747312C0-8EB8-46FB-A656-9F6E599C02A7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{542C020A-49A2-4625-BD62-3CBD888348E5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{08276856-D54A-4A66-826F-3638EF6D426D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{BAABEEDD-8579-417C-BA51-4484FD07839B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{8E3969EA-7101-4BF6-9A28-2160C0BC1960}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{1CC35AF9-409B-45AB-B49D-876C224E1DCA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{93103BC1-8D21-4350-8CE9-614D06E84813}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{11E424AA-383D-4F30-B683-AC91ADBFE99E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{45530EF2-BAF3-465E-BC26-F25EA0E19DEF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{88687C5A-DD19-4770-A83E-0091679FAD8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{F5B0530A-D302-4EA1-80B1-8F675B79CF4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{0B5E41A6-6AE2-4D7C-9A64-895CD624EC2B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{C2F978F6-405C-4E18-8B6D-61C8E10E54FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{EEED312C-DCD7-454F-95D7-4A1D141A726C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [UDP Query User{594CAB67-D8D5-41F9-A38E-8F11CEE19BFF}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AC383127-6714-4741-A6FF-004A6D97234E}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{6C075229-B17F-44DE-8514-F9DF46E544E1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{91B46C84-3D73-4E76-B72F-CD08C8A723F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{CD532599-7D0F-448B-8A61-D1418120D8F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F22BE907-5B04-4446-982C-BAC0ABC16FE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{37599D5F-4EC8-4C2B-9488-B0E5014E5641}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EA09F9AC-D798-41B7-B9BC-2B91C7F88470}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{F8B17FBB-BB43-4D85-9FEC-EEB58A81DEF6}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D2026B4C-FF8B-4202-877A-6957857CE548}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{59D3C52C-6E46-4914-8591-5CBD1DC43B59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2454A699-F7D7-4B06-8507-CDA10141C753}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C01D681C-5515-4BEA-8DD1-470D6655263F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9FC3B04-A8B6-4EEC-B236-2C5A66660648}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{59FFA24C-9527-4277-906D-49DBAC599876}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{F991024D-E179-4712-AA82-955673652A2A}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9EE4FF07-A56D-41DA-BAC1-587AD0863EE5}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9576ED4F-F3D3-421B-851A-EA8CAC010DDC}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3657D514-73CC-4A6E-BCB1-AD0FA2CED502}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{4294FE41-DAC7-4F44-9479-F36D4DBBBB92}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{6B4F058A-BB38-4242-A5E8-736F19C93D69}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{E31B9522-9A84-4C23-9F9D-B4E9296DAF9D}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8F7157CF-58CD-4E5F-93E8-F684C99B46A6}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{EA6743E4-2DDA-4596-A24C-3EBCA2CD2934}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [{51392C51-B819-4F17-B588-2F0A59CF28F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{7EDDB216-22CD-4ACE-B4CA-91DBA8065109}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{36ACE851-6FA1-43E8-8830-87489602CFAD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{9E6072B1-243E-4607-8261-9DC2D35B2BCD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{904B7528-A15C-4B24-AF16-ECAA0B3D6D87}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{553021BC-6E9F-48B2-A48A-8BFC8793293B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8E1309DC-E711-4624-BC14-06BA827F255F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{8A738709-8F43-43DB-8B41-6B8B9D659C7B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{165F9B7F-1ABD-4B75-B0B9-C9D3AF1C6C8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8D6F5A2F-AB87-4474-AE8C-268EC317D082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{882DDA1E-1797-4C8D-B7B1-7EC046C09CAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{178DB507-8C05-4B91-8D43-23F07A3F3E90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{66BB3191-9E45-47E4-B23F-9689763D1D89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{53322157-5BF7-4A59-B7DF-ECE2AA2B096D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{957B20E6-213F-4900-AE9C-2595E0FC7A73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{003B164E-96F1-44C9-8AC6-7DC763E9B37C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{4114852A-0504-41D6-B4A4-F10874A1E1E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7AA3C5D5-F9C4-4D2E-9E7F-30DF30E2298E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{3103D173-19BB-498B-BDB8-3BD93246371B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{7EAFF071-4732-4473-8434-937E416A33A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{0808623D-B568-4C2F-AB90-13C1A2A0BC79}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A2FC59C2-FE72-4DB0-BE84-C71FA67B049A}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [UDP Query User{0091A712-7316-4BB0-9567-DB4ED2CCAE2C}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [TCP Query User{88049ACA-17DC-4E8A-AD9A-22FCCEDB0F95}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{025A0A9B-CF16-490D-968A-4A519CEB05F5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{F69A8511-49F8-4A64-B903-7803F62542EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{88875109-6458-4D10-B5EC-6160942533D9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{3620D27E-0A5A-4992-94EA-28819E585337}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{4D49B0DE-78A4-4E2F-B86B-5C71B42A547F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{4F6891C3-C4C1-4CB9-82AB-9DC2CC7744D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{E60FB92B-7B1F-4FB0-9983-294FF306D5A5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{534E9AFB-53DB-4C19-9B69-B5CF03AF2621}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9CF1C447-1F74-4224-94F9-56A8E2ACAA4E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8DAA218-AB25-4A30-AF5A-B302D723FA5D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4E71A770-D637-4760-A672-924728F821D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{AB63AA2B-26BD-45B0-9CE2-0EA165118980}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{750D3D6A-9E69-4503-907F-8B84766719FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E513D3E1-8315-4D72-8112-4AE52E864B11}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8395B346-8251-44CB-9F47-19A2B8F991CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6BF77B84-E27E-49BB-85EC-084F50C01152}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [UDP Query User{D9F21994-9087-4CC1-91A7-A6AC6AC21FDA}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [TCP Query User{932DC11C-3578-4829-BB58-8DEA4451F3E8}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [{E4982598-1B17-4F9A-92B0-A97DFA0D8969}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{9882AE9D-8ACA-43EE-937C-B30A97B1EA9D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{FCBB5751-DA21-442D-B3F4-C75C850443C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E15BF8A3-61B5-4087-B52E-54CB23DCEC8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [UDP Query User{D44A29A5-9682-4184-A12A-D3848E3AF54E}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{C1F79FFE-5A29-4E9C-806A-C6E4A4AD2CF8}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{D65358B1-3C3A-438A-9C02-00A69955A4B8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4FACA89F-8360-4559-B593-8A8A62C42B60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{8B80574B-D3B4-40EB-A2CC-E6452A82A57A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{6576F812-EA0D-4CB7-9E29-4CD61F768913}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8A0128E7-BEE7-49AA-849D-0941E41787A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F2D08121-F09E-4AC9-A506-88954C015B67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{084858FE-CC1D-40CA-B216-8FE0863B5B6E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{A1584557-3DED-4262-9F18-FD7091440DC1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F53B7EA0-4176-48E3-850C-98F0F0847608}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D6D22702-F493-4DFF-8ECF-93A49B9E6085}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{821ED095-7918-4383-9C9B-3915F555E351}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{D21781BC-68D4-46AB-A324-723D1B113E51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3E4B4413-0E46-487B-A73F-3B64D9973610}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{50366807-F292-4728-B4AB-D2B736B3FB8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{F0B26C7D-DD07-4E19-AF87-EA42C8020751}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{8C009CE1-24F0-4D66-9B0C-9CDE44195540}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{2CB35982-ABC3-4C35-B315-5255C97FC7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{815BCFC8-E68A-4AB2-8F37-AFDA9D949400}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{8C05F04B-5060-4223-B4F0-042CBCB79BFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{3D3714CC-B944-44E7-B32E-EA7312DF3D60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{F49BFD88-F42C-4A40-B397-353E74AF8A47}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{50BE5F13-37EF-4D97-A843-F28155D3AED2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FA437E49-3A80-41B3-8BF6-AEBEAA632A96}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{E36A9235-3F7B-4191-A219-DE1D9D3D82DF}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{7115B09D-2CF2-44B4-9F57-E07CE944DA17}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{3270C909-24F9-454F-879D-071F39726FEB}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{33B47877-541D-4D49-9703-0C2ACEAA6341}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C3FA100E-4D78-4917-A4A7-7B0C17BDB5EC}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9CC92D98-1198-4B0E-BD70-D69CAB1455A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C7D65CDC-049A-4B8B-8D9B-2BD612D447CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{73ADE978-E53A-4D29-B42B-B438899D69CE}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{9B247D3D-34B7-40C7-A55F-D06AE3146EC6}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D5747574-B0EF-4CB4-A72F-5872AF0C6E66}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{CEE98252-4B0B-4997-8FDB-0F2A0B9BD5E1}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B11634B5-9E9A-4DEE-9DF2-22E2ABAE0262}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{F576C934-C549-43F4-8FA3-B067C82C7CF9}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{03D6DC67-94B5-47D2-AD34-D30049E9F8B9}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D7F1840C-9B7D-4D0E-9EE7-A78E3F68B3FB}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{C8BC0C11-AE31-42D1-BB26-36DA31E28D28}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{22E68F23-B492-4A4D-BB53-97AC0DB4FB59}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D4D0B3C9-5AFE-4BB9-B045-1F1A47351BDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{1DFE8043-002E-4D3D-9C3E-D5A8B4FD9FAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{89FA64F9-1D72-4512-AE62-B7934BB05DAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{786712AE-7193-427A-9544-BE17BBCC815C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{38ACF4AB-823C-47E8-9F52-C1D2550ED9C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6AA642D3-8A2F-44C3-9C55-D1B41879EE0F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [UDP Query User{2B4DA5C7-000C-44FD-979B-92910B76DA8C}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EFD73655-1356-427C-ACAB-4303F05BC13B}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DA44E897-2477-4A25-AC54-0700CEB5A6FA}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34B4BEB7-2827-4563-A860-C855B1CE9BBC}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [UDP Query User{62A688BB-FFE0-4D92-8A68-26BEC4C29FA2}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{32715F2F-269E-4E66-A9D3-C1584F472706}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{ED885F51-9EB9-4A3A-8A4E-883D26282E15}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{4DF4EC7A-9581-4ABC-B604-A876303A17E2}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{9506B136-4877-4406-8E96-A2E078EE26F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{14FD270A-F503-49FF-B521-9A1847FD8785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{731D2B39-4F01-4189-89B8-A7F89F1A0E7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{ADC968AB-A931-4E44-81F0-DB55F92D4BEC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [UDP Query User{819060AB-12D9-4783-BEC5-2151A70FDFF3}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{F2AE7830-9CED-4379-A3D9-928CD3E24032}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{D1461A24-2E2B-4341-81DB-96908BE9B6B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{14BA0501-516D-44F7-8F3C-D85C7AE9B1EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{75118281-45CA-4C42-A3D4-0C3EE99C7F75}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EBA31B81-FE0B-40C3-ABAE-E67F79C68CA4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9F978D43-9118-4B38-99D6-9AF98CACCB15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FF5D4631-DE06-44EE-8D02-1ED34F9F378D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{00A99602-0225-4E25-AF4B-5653BAF25F46}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{2D0F026A-A3C2-4462-B799-01BDDA5316F2}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{51EE29B1-FB68-4566-9B21-ED3E8FE69D9A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{2689F466-8710-4E34-92AD-467ED36F1EDD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [UDP Query User{9F411DDB-07ED-401D-B11A-561345B36BD3}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{B5FDD4EC-BD26-42D5-87A8-A4DEACBF824A}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{DE7D2B3D-A8B3-4B5B-B5C8-CB3D5A4F2779}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9C8DAB59-7C8B-4723-B666-2E281B66E04B}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [{32F81BF7-6DD4-4973-BECE-BF8D5614BB8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{98ADE586-69AD-4CE7-98D5-AB605A07E65F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{56B8E014-F687-4992-89E4-E01B71F8A251}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{0915F978-1854-485F-A388-9C4F2A67FDA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{4059C563-9EF6-471B-8209-7C28947F6233}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{F71FF282-E052-4C44-B7DB-BD381D8C3423}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2D1DA045-E6F3-4E61-8B58-09A2B4D127B7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{886AD962-8153-4159-87CD-B62FDC2082C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{7A80EFAC-6237-4B15-BAF5-BE64147FDAB0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [{77972C1E-E53F-4BED-8729-A28881C6A6DE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [UDP Query User{2E61565B-6990-4A59-AE0E-F6C62FDC1DE2}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{C8BB4F09-9EBD-4E1D-8936-B3E50C6E4D14}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{90D6DEB5-8542-451E-A9BD-2D2286A3D021}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{EBB68814-2F91-4013-8070-5C95AF8607A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [UDP Query User{9750FC29-0CA8-486F-95A9-36C4511641BE}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{F29253DD-845B-4919-998C-A17C61A6C79F}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{187B787F-EE9D-4C6F-96C3-32A8F562C51A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2CFB36F-C2CC-4D5A-8DD7-BE70E93E3E33}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2381088C-CD17-47C4-AC5F-E1506F86ECCC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{221BFBEA-B5BC-45D2-A5C5-403E609A2881}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{1F811F5D-1A1E-4A01-A9B9-8BB8E9473BA3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{0358047A-3434-4402-B322-0FACD892A43C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{80AB33F4-0E65-4A46-B32E-8E9EBE45DD3C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A952EF7-3588-466C-8A42-73B02A5AA105}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{FF71BAD1-507C-4A03-BCCC-5CC8F25A1C81}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{ACD0D2F6-E2E9-480A-9880-8EBDA343F9CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{BD06E472-490F-4FE3-8DA8-6E92828236CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{90A76F71-FE1A-4BA6-BFAD-47833C7C8DD0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{611FC127-1D6D-4C24-9311-8CB9698A04D7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{6900030B-CA52-4002-85A0-F6D062934084}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{44BD211B-77B4-4D2A-9D02-4FCC0BFB0802}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{2007D810-87C9-4BE4-B4B3-464DFC37D3DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{2DE4FE91-3DE7-4BEE-B526-1B9E3E49A63D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{3AED1BF5-E810-4E51-9364-80407CA23461}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{ECB390C3-738D-4B22-B16C-26DC851F99D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{7DC90B57-3390-4F05-900C-95684DF0C086}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [{5C498397-C8AF-4CCA-BED1-C4860DD31D4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [TCP Query User{B2D2A1CF-D1BD-4928-A88D-CD89D25643D4}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15165249-D612-4401-A12E-73006BD53D38}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [{940A0DFB-D5B1-4853-8569-567CE94CFFB5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{72B4EC1E-53D4-49A2-B225-06F326413486}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{3988B9CA-DB40-4984-9ACF-CC92E48F2A75}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ABAA0DC2-1BE5-4550-BA80-D39A001006CF}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [{F454F959-DF9D-432C-A534-F47BD03F9D59}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D0D77C75-CD16-4342-9568-80C3B1B7A4BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A48B48B0-9FD3-4E9D-9ACA-2E14733C0628}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{50D307DD-113C-493A-B5B8-E51DD3ED25FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3EEFD00B-71C6-4632-83D8-A7590B7CBD16}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{49AA4E96-2322-487C-80C6-FB3DE7AF5B7E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [TCP Query User{AE788611-7C47-462A-AC76-0A9E97D4300A}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D0574057-5293-4840-B837-0657D8A426AB}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E7801EE-AD3D-4DCB-8FEE-10B28323BB7F}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [UDP Query User{98EBC094-13DD-4CB7-BBF5-DB7CBC61C8B6}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [TCP Query User{2DFCF6C9-A0B8-4489-9FEC-C73FFB47C816}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CA458EE1-B8AA-409A-945E-3D788C7900BE}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{302AD794-90E7-49AF-97F3-A539E626F4AC}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{93C87B87-B5FE-4FA4-BAB9-06285C9845D1}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{41301FF2-2E70-41CB-9FD7-C0E969324E8A}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [UDP Query User{26585C94-4295-4072-A5F8-E6F019C6EA4E}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [TCP Query User{B5A9F877-151D-44C0-A1B7-DDB235AD06B1}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D591AA06-5DAC-4F2F-920F-D4714E1AE010}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [{A6ADFFDB-186B-407C-A274-8895B7A7447E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{B4997078-67CC-42A8-A054-E3D59D343788}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{3C5B5F81-7BD4-4DA5-98AA-C080B1811000}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6B2D9AC0-303D-424C-96A1-A4091C3D5FFF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [TCP Query User{861C0C3B-1165-404E-9DF3-EA2A6CE86666}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1B7202E-5CE9-4968-A76C-8384B960BCB7}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [{AFB2D075-0560-4276-B353-4C5A192287BD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [{217356E9-0E31-4916-8330-56D5A50E2400}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [TCP Query User{D87974C5-6960-4B99-835C-A84A8C5F151D}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC484CF4-EDCF-4429-935F-74DDE4322EFE}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD5F9239-E1B6-471D-B3F3-DE2BC7F72536}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{95EE92CB-F7A8-4702-B84C-5EAD4A3D39DB}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{524D1693-9E29-4F9F-A543-E366FA4EB9DE}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2F6426D7-F430-41C5-9E01-7CE671E1616F}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3FC9D089-BE27-4E4A-B682-CBF0BCAFC580}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{98F45318-DDB7-4588-A7BC-E42AFF540DD5}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83DFFEEC-DDAA-48A6-9680-E945178BDE7F}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EEEC02B6-8AB2-47AB-88FA-A91084E78635}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{54C45AB9-0BBB-4FAC-AFB4-6CD753996C00}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DA3CAC01-AAF5-47C5-9790-1356B48EEEAA}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86FFF1AE-9B60-4BB2-A523-5FBA74A3E2D5}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E42A70EB-A988-45AF-984F-95B3C7B0617F}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [{B8417AE4-B69E-4608-A025-609146443F52}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.52\opera.exe
FirewallRules: [TCP Query User{095C0C30-718A-40E1-9C91-7BAF35A4C77F}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B4F82A47-2FA5-4CFB-8216-6C2116E279BE}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [{7BE53509-65C8-4556-973D-6597197D3797}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1411DA5A-5E72-43E9-8AC1-CDB55E3133B5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{01FE5BA2-9C1A-49E9-8217-2AA702B291E5}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.34\opera.exe
FirewallRules: [{3EF5EBB0-8B0F-46AF-9529-1295BD5A6BBF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
26-10-2017 12:15:27 Geplanter Prüfpunkt
04-11-2017 12:40:13 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2017 08:22:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/06/2017 06:59:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wow-64.exe, Version 7.3.2.25383 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1784
Startzeit: 01d3572705fec3f2
Beendigungszeit: 4294967295
Anwendungspfad: D:\Program Files (x86)\World of Warcraft\Wow-64.exe
Berichts-ID: fd5e60e0-aec4-48f7-8502-a3b2bedb5612
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (11/03/2017 08:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x8400000e
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x23d4
Startzeit der fehlerhaften Anwendung: 0x01d35472830fa356
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 0cec459e-07fe-4a87-8388-94a009887aed
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/01/2017 01:32:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.15063.674_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (10/31/2017 10:48:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x8400000e
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x2be0
Startzeit der fehlerhaften Anwendung: 0x01d3522d4d2cc634
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d3ad92b3-a270-4aba-88ee-b351169a6b70
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/30/2017 02:39:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (10/30/2017 02:39:38 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (11/12/2017 06:44:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/12/2017 06:44:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (11/12/2017 06:44:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/12/2017 06:44:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (11/12/2017 06:44:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/12/2017 06:44:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (11/12/2017 06:44:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/12/2017 06:44:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (11/12/2017 06:44:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (11/12/2017 06:44:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2017-06-24 20:48:50.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.775
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:58.615
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.228
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:22.982
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:45:33.285
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16265.62 MB
Verfügbarer physikalischer RAM: 12079.76 MB
Summe virtueller Speicher: 32649.62 MB
Verfügbarer virtueller Speicher: 27960.99 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:487.84 GB) (Free:366.09 GB) NTFS
Drive d: () (Fixed) (Total:1374.51 GB) (Free:716.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0CD429A7)
Partition: GPT.
==================== Ende von Addition.txt ============================
falls noch was sein sollte würde ich mich Morgen nochmal melden und es erwähnen da ich heute nicht mehr die Zeit habe. Aber Vielen herlichendank okay ich hab nochmal malewarebytes drüber laufen lassen und die maleware ist Immer noch da ... habe ich was falsch gemacht und soll ich die letzten 2 schritte wieder holen? |
|
13.11.2017, 21:56
| #20 | |
| /// TB-Ausbilder | Probleme mit nicht Löschbarer Adware.Elex.ShrtCln Servus, Zitat:
Schritt 1
Schritt 2 Die Syncronisierung von Google Chrome verhindert, dass die Adware vollständig entfernt werden kann. Daher bitte die Syncronisation zurücksetzen, dann Google Chrome zurücksetzen. Schritt 3
Nach Schritt 3 sollte keine Adware mehr in Chrome auftauchen... ansonsten hast du die Schritte 2 und 3 nicht richtig durchgeführt. Kurz Rückmeldung geben. Kontrolle mit FRST: Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
13.11.2017, 23:31
| #21 |
| | Probleme mit nicht Löschbarer Adware.Elex.ShrtClnCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
durchgeführt von User (Administrator) auf USER-PC (13-11-2017 23:28:29)
Gestartet von C:\Users\User\Desktop
Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.298\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098952 2017-11-02] (Electronic Arts)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5187648 2017-10-19] (GOG.com)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [228864 2017-03-18] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => Keine Datei
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-07-08] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8b0d2022-b991-4718-93be-7a02131a75f6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2440112941-538450990-2588341026-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2440112941-538450990-2588341026-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-11-06] ()
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-11-13]
CHR Extension: (Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-13]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-13]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-13]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-13]
CHR Extension: (Tabellen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-13]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Session Restore: -> ist aktiviert.
OPR Extension: (Radio Canyon) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk [2015-06-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-10-02] () [Datei ist nicht signiert]
S3 DAUpdaterSvc; D:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-01-28] (BioWare)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [536128 2017-10-19] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8256576 2017-10-11] (GOG.com)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-13] (Malwarebytes)
R1 MpKsl121620ff; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6C8E0552-EA33-430E-9813-7D91C407B822}\MpKsl121620ff.sys [58120 2017-11-13] (Microsoft Corporation)
R1 MpKsl1dc9b96b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C70ED52-E197-408F-86B9-1B410B0165F2}\MpKsl1dc9b96b.sys [58120 2017-11-13] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-04-27] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-13 23:28 - 2017-11-13 23:28 - 000019409 _____ C:\Users\User\Desktop\FRST.txt
2017-11-13 23:18 - 2017-11-13 23:18 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 23:18 - 2017-11-13 23:18 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 23:18 - 2017-11-13 23:18 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-13 23:18 - 2017-11-13 23:18 - 000002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-13 22:56 - 2017-11-13 22:56 - 000002033 _____ C:\Users\User\Desktop\Fixlog.txt
2017-11-12 18:38 - 2017-11-12 18:38 - 006974584 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_deu (1).exe
2017-11-12 18:38 - 2017-11-12 18:38 - 000000000 ____D C:\Users\User\AppData\Local\ESET
2017-11-12 18:24 - 2017-11-12 18:24 - 006974584 _____ (ESET spol. s r.o.) C:\Users\User\Downloads\esetonlinescanner_deu.exe
2017-11-12 18:21 - 2017-11-12 18:21 - 000001974 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-11-12 18:21 - 2017-11-12 18:21 - 000000000 ____D C:\Program Files\HitmanPro
2017-11-12 18:20 - 2017-11-12 18:22 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-12 18:20 - 2017-11-12 18:20 - 011584088 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe
2017-11-12 14:02 - 2017-11-13 22:59 - 000000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2017-11-11 16:04 - 2017-11-11 16:04 - 001783198 _____ C:\Users\User\Downloads\Nicht bestätigt 309963.crdownload
2017-11-09 19:25 - 2017-11-12 23:02 - 002392576 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2017-11-08 22:51 - 2017-11-08 22:51 - 008261584 _____ (Malwarebytes) C:\Users\User\Desktop\AdwCleaner_7.0.4.0.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-13 23:28 - 2015-02-22 13:06 - 000000000 ____D C:\FRST
2017-11-13 23:28 - 2013-11-02 10:35 - 000000488 _____ C:\Users\User\Desktop\Ragnarok.txt
2017-11-13 23:18 - 2013-10-01 20:28 - 000000000 ____D C:\Users\User\AppData\Local\Google
2017-11-13 23:18 - 2013-10-01 20:28 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-13 23:17 - 2013-10-01 21:09 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2017-11-13 23:06 - 2017-07-10 19:38 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2017-11-13 23:05 - 2014-05-29 21:40 - 000000000 ____D C:\Users\User\AppData\Roaming\Origin
2017-11-13 23:04 - 2014-05-29 21:38 - 000000000 ____D C:\ProgramData\Origin
2017-11-13 22:58 - 2016-04-30 07:35 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2017-11-13 22:57 - 2017-10-05 22:14 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-13 22:57 - 2017-05-21 10:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-13 22:57 - 2016-09-22 06:47 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-13 22:56 - 2017-03-18 12:40 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2017-11-13 20:32 - 2017-05-21 10:15 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C722207A-59FA-447E-9A7F-6EE09C1510F3}
2017-11-13 20:17 - 2017-05-21 09:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-13 16:04 - 2014-04-17 18:35 - 000000000 ____D C:\Users\User\AppData\Local\Battle.net
2017-11-13 11:36 - 2014-04-17 18:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-12 19:32 - 2013-12-26 21:04 - 000000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2017-11-12 18:51 - 2016-06-10 22:28 - 000000000 ____D C:\Users\User\AppData\Roaming\obs-studio
2017-11-12 06:57 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-12 06:57 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-12 00:43 - 2015-03-26 14:24 - 000000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2017-11-11 15:56 - 2017-06-29 15:13 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2017-11-11 15:56 - 2017-05-21 10:15 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1380645316
2017-11-11 15:56 - 2013-10-01 16:45 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-11 15:43 - 2016-05-02 04:54 - 000000000 ____D C:\Users\User\AppData\LocalLow\Temp
2017-11-10 22:20 - 2017-05-21 09:57 - 002427406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-10 22:20 - 2017-03-20 05:35 - 001068990 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-10 22:20 - 2017-03-20 05:35 - 000249490 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-10 22:12 - 2015-02-20 23:11 - 000000000 ____D C:\AdwCleaner
2017-11-08 23:26 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-08 16:31 - 2013-12-16 20:18 - 000000851 _____ C:\Users\User\Desktop\adressen.txt
2017-11-07 00:16 - 2017-07-27 16:17 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2440112941-538450990-2588341026-1000
2017-11-07 00:16 - 2016-04-30 07:44 - 000002380 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 00:16 - 2016-04-30 07:44 - 000000000 ___RD C:\Users\User\OneDrive
2017-11-06 21:29 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-05 14:14 - 2017-05-21 10:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-11-04 09:48 - 2014-05-29 21:38 - 000000000 ____D C:\Program Files (x86)\Origin
2017-11-03 23:59 - 2014-06-05 19:28 - 000000000 ____D C:\Users\User\AppData\Local\SniperV2
2017-10-30 14:42 - 2014-01-10 17:52 - 000000000 ____D C:\Users\User\AppData\Roaming\Audacity
2017-10-27 16:04 - 2013-12-26 21:03 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-10-26 12:48 - 2014-07-27 01:10 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2017-10-26 08:14 - 2017-05-21 10:15 - 000004642 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-26 08:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-26 08:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-25 21:31 - 2015-01-21 17:02 - 000000000 ____D C:\Users\User\AppData\Local\JDownloader v2.0
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-23 13:41 - 2014-03-23 13:41 - 000000044 _____ () C:\Users\User\AppData\Roaming\WB.CFG
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-05 15:13
==================== Ende von FRST.txt ============================
|
|
13.11.2017, 23:33
| #22 |
| | Probleme mit nicht Löschbarer Adware.Elex.ShrtClnCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
durchgeführt von User (13-11-2017 23:29:17)
Gestartet von C:\Users\User\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-21 09:23:43)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2440112941-538450990-2588341026-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2440112941-538450990-2588341026-503 - Limited - Disabled)
Gast (S-1-5-21-2440112941-538450990-2588341026-501 - Limited - Disabled)
User (S-1-5-21-2440112941-538450990-2588341026-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Player 6.2.20 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.2.20 - Aiseesoft Studio)
Akamai NetSession Interface (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version: - )
Canon iP2600 series Benutzerregistrierung (HKLM-x32\...\Canon iP2600 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse Client (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.6.7 - Graeme Gott)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 49.0.2725.34 (HKLM-x32\...\Opera 49.0.2725.34) (Version: 49.0.2725.34 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Rage of Mages (HKLM-x32\...\1459856053_is1) (Version: 2.1.0.3 - GOG.com)
Rage of Mages (HKLM-x32\...\Rage of Mages) (Version: - )
Ragnarok Restart (HKLM-x32\...\{06A73F7C-3719-4664-89DC-21FB0B3D7C9D}) (Version: 1.0.2 - Gravity Interactive, Inc.) Hidden
Ragnarok Restart (HKLM-x32\...\Ragnarok Restart 1.0.2) (Version: 1.0.2 - Gravity Interactive, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
skate's Thumbnail Tool Version 1.1.2 (HKLM-x32\...\{E68C580F-B6A5-4D47-89EC-307B9096FC10}_is1) (Version: 1.1.2 - skate702.de)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.60 - NCH Software)
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\{A7A1153A-3CA3-4366-B37D-291522538794}) (Version: 7.0.0.0 - VisioForge) Hidden
VisioForge Media Player SDK ActiveX LITE (HKLM-x32\...\VisioForge Media Player SDK ActiveX LITE 7.0.0.0) (Version: 7.0.0.0 - VisioForge)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Warcraft III) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2440112941-538450990-2588341026-1000_Classes\CLSID\{d966ac89-a571-4a5c-bcf0-638a3cdf1b14}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-11-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-11-15] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02CBCC90-3E56-4541-96EC-B200672D50B5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {04DCEB08-147F-4B59-88EB-9F3F89DE852C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {0E64ADC2-2056-475B-A71C-FFFE220DD0A1} - System32\Tasks\Opera scheduled Autoupdate 1380645316 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-07] (Opera Software)
Task: {132A5559-4118-4295-A1E1-C141CB2F74F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {14EE976F-63B2-4DD4-99DE-1835879794C7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {1B41679F-8512-4E70-8E44-8A344FBCA5D7} - System32\Tasks\{68198F9C-F8D5-440A-A307-2045870E9B9A} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings old.exe" -d "D:\Program Files (x86)\epicRO Ragnarok Online"
Task: {1FA9B476-5068-4DF9-A7C0-DE98215EA21A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {2098291A-6826-4D8E-90E2-E7C7DE426F36} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BF954F7-B5F8-4A34-8C72-ED4883865256} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3C1B2D-FB8D-4193-8444-231AD0F9BBED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {309921DD-F04E-4995-AA50-9A6470930DC9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3515463A-AD78-4987-86A5-060287B7AB95} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD)
Task: {3754061D-CD83-4496-8AA0-8FE1BA314C47} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {3EF7C9D3-8A19-4234-810A-2DDB201C8958} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {427CCE13-B111-4A80-BBB0-6D6F981E965F} - System32\Tasks\{A5DBFEE4-0356-4708-A655-BFA7E35BF624} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\epicRO Ragnarok Online\settings.exe" -d "d:\Program Files (x86)\epicRO Ragnarok Online\"
Task: {4478F7FB-D260-4CB8-82E0-5CA44CDF79C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {5256B3A6-7B23-454C-AD22-5E2A693BC4C4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {55978C82-CC08-4BBE-8D03-B568E1E8E4E0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61160297-9C11-42C4-AA85-47CC9FA41C41} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61C34886-4054-4DD8-A557-3A7B140BEBBF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {65342EE4-2ADC-4994-8633-40C4B9E686C5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {751916EA-7824-4174-B568-FC51A3F7BFE5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {760979B4-03D3-42CA-9AC0-C4FC833C0332} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8130F5FA-AF7D-4943-B2BA-060B3A46CDAE} - System32\Tasks\{438FA2C7-F30F-4579-A499-B2964FEB6E44} => C:\WINDOWS\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {83D8EA44-D5EA-48DC-AD74-8BAE0ABD30A4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8612CAD8-A91C-4A81-A388-BD870CF508D5} - System32\Tasks\easyVPN => C:\Program Files (x86)\EasyVpn\app\easyvpn.exe
Task: {89F9EDD9-7C6B-442A-80AE-7C781EA7CEFB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BD8CDAB-DB90-48FD-9680-5746409A4010} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {8E6B0F0C-D1B6-44B7-9E68-49BE4E8587F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-13] (Google Inc.)
Task: {A76CF364-7A1C-4804-8A56-D7766A8A80BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-13] (Google Inc.)
Task: {B55CF8D6-4BF9-4075-BC29-60C0CC07BD2C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF5E2522-FE1D-4E8C-9FA9-E1B27B81D2DA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D603657B-A4C5-4DD5-AB65-50C5B5C8B92D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {DB881C0E-C3BE-4699-AA40-CA7398035898} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DE82B7E1-A074-4B4B-96F8-B77C47A4381E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEC8126C-17DA-4FAD-A5F2-57CB2B91A8B0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {E0E54520-18CA-4D7E-963B-A5AA232C6777} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDFDCDC2-3F60-4BC2-ACE9-FA32929FA671} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F191C630-1ACC-4331-9C15-E924A011A9C0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6112400-8A8F-4A0B-B5DA-75DC52204405} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\User\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-29 10:28 - 2015-05-29 10:28 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-09-02 12:09 - 2017-10-10 12:28 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-12 06:56 - 2017-11-12 06:57 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 06:56 - 2017-11-12 06:57 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-09-07 17:12 - 2017-09-07 17:12 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-11-04 09:48 - 2017-11-02 07:51 - 000021848 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-11-13 23:18 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-13 23:18 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2015-03-31 17:25 - 2016-05-02 07:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-08-21 13:18 - 2017-09-09 20:25 - 000688416 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2014-05-22 15:17 - 2017-10-31 04:22 - 002546976 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 000485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-31 15:21 - 2016-01-27 08:49 - 002549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2015-01-20 16:13 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2013-09-21 09:35 - 2017-10-31 04:22 - 000901408 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 10:59 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-11-04 09:47 - 2017-11-01 07:30 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-11-04 09:47 - 2017-11-01 07:30 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2014-05-29 21:40 - 2016-06-10 14:21 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-06-09 06:22 - 2017-09-07 03:04 - 000678400 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-14 14:24 - 2017-08-16 23:28 - 073130272 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-20 16:13 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000507968 _____ () D:\Program Files (x86)\GOG Galaxy\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001076800 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNet.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 053018112 _____ () D:\Program Files (x86)\GOG Galaxy\libcef.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001854528 _____ () D:\Program Files (x86)\GOG Galaxy\PocoData.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000393280 _____ () D:\Program Files (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 001589312 _____ () D:\Program Files (x86)\GOG Galaxy\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000307776 _____ () D:\Program Files (x86)\GOG Galaxy\PocoNetSSL.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000330816 _____ () D:\Program Files (x86)\GOG Galaxy\PocoJSON.dll
2017-06-21 21:52 - 2017-10-19 17:33 - 000130112 _____ () D:\Program Files (x86)\GOG Galaxy\xdelta3.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000104000 _____ () D:\Program Files (x86)\GOG Galaxy\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000520768 _____ () D:\Program Files (x86)\GOG Galaxy\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000272448 _____ () D:\Program Files (x86)\GOG Galaxy\PocoZip.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000680000 _____ () D:\Program Files (x86)\GOG Galaxy\sqlite.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000425536 _____ () D:\Program Files (x86)\GOG Galaxy\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000157760 _____ () D:\Program Files (x86)\GOG Galaxy\PocoCrypto.dll
2017-03-23 06:38 - 2017-10-19 17:33 - 000152128 _____ () D:\Program Files (x86)\GOG Galaxy\expat.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-03-23 06:38 - 2017-10-19 17:32 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 001738752 _____ () D:\Program Files (x86)\GOG Galaxy\libglesv2.dll
2017-03-23 06:38 - 2017-03-16 16:46 - 000078848 _____ () D:\Program Files (x86)\GOG Galaxy\libegl.dll
2013-10-01 15:05 - 2012-06-25 09:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-08-09 08:19 - 2017-08-08 14:13 - 001893880 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-12 22:00 - 2017-08-12 22:00 - 001577976 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-08-09 08:19 - 2017-08-08 14:13 - 001938424 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-09 08:19 - 2017-08-08 14:13 - 000095736 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-08-12 22:00 - 2017-10-06 10:48 - 009722360 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-12 22:00 - 2017-11-07 20:29 - 001471992 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-11-13 23:06 - 2017-11-13 23:06 - 000148992 _____ () \\?\C:\Users\User\AppData\Local\Temp\9072.tmp.node
2017-08-12 22:00 - 2017-08-12 22:00 - 002658296 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-12 22:00 - 2017-08-12 22:00 - 002673656 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\skype.com -> hxxps://apps.skype.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-06-18 08:56 - 000000029 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\Desktop\black-rock-shooter11.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2440112941-538450990-2588341026-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{9C3706ED-64EE-462D-AAC4-745260CD6FBB}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C169F269-54EE-4253-AF5D-4B55C15F1775}D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{695FAF78-0DBE-45B8-A05F-E1B4BAA59FCE}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{09B5A604-B7E3-4625-B7A6-CFED54329A9C}D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D892EF5A-DCC7-4FB0-A4E0-74D8A766440C}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{B3FB41F1-79B3-413C-B008-0001AAE7FBD3}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [{E3C4DEBD-FD96-4789-A362-859D9FD41B64}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{31812AB7-9EB1-4B6D-855C-B28552F64977}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Styx\Binaries\Win64\StyxGame.exe
FirewallRules: [{0BBA4094-B486-4BD8-BD46-7C0A8517B2B4}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{33751D31-A83B-43A3-9DE2-808B05A1B520}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{2ADDDE45-FFED-4DF4-B5B9-728AB583858F}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9D7F081C-EB2E-4288-B03A-8395972D4B75}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [UDP Query User{923B508F-9F5D-4736-B953-3F24F729A1D6}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F5659E42-B74A-494A-A8AF-A9541DFAF5AD}D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E8D1EEDE-AC10-488C-A308-7A3D95633109}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B9422F32-ED23-4E77-95BE-1C8233C30CFA}D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9095436E-783B-47EF-86BC-8870FE9245E3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{0D545466-2DB6-43A5-B930-F5FF09CBD54F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{3E98866F-EB4C-4254-A94D-4A240BCB0810}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [TCP Query User{C77808E2-8F06-4C7B-9D6A-89E709CC510E}D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe] => (Allow) D:\program files (x86)\gog galaxy\games\rage of mages\rom.exe
FirewallRules: [{034B23A9-B7F7-41BC-AAD2-C3EAF9995FC6}] => (Allow) D:\Program Files (x86)\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [UDP Query User{F9497AD2-3548-45B8-B03D-AC8BDDAF00BB}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63CB44E6-8816-4F9E-BEC8-F43B341F13FE}D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4B60DBDC-8500-4884-A6D6-85CA309AF5E8}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C9D014AE-64A9-407E-8C50-9B0B4B956CDD}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{454C40F0-077B-4441-86C6-5CEA893D16D4}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E2694FD4-2DDF-4A8F-9612-485E47DB2A68}D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50441\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE534BD4-C74C-4126-A126-F096C261E9B4}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83F87CDE-9639-48A9-9D2C-29F06783669B}D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{96A0F636-1016-47B0-9613-0838C573627C}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [TCP Query User{FE7968CC-68BD-4058-BA5E-DC6CE5390C53}D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Block) D:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [{00C61FF4-17AB-42E3-AF35-4E125D337D5C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{FEAC0CEF-CCF3-481B-983C-289FC5D90A06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Enter the Gungeon\EtG.exe
FirewallRules: [UDP Query User{22C8D6D8-21AC-48A7-B237-F110416F8C62}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{D9BC6E22-9F8B-48C4-AD56-84EDC163AF26}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [{138D4B24-E374-408F-B77C-CAB04725CB4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{2E74C4B3-E1DB-4017-A634-089C73E3BCC5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{C5005979-5EB3-4275-BA81-941B5BCA303D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9549E5A5-22C2-4148-B904-EFA25A3A1EDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{A93E3F9B-68D2-4AC5-9E6E-753A5893817E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{946AF9B7-81E4-405F-BC10-879736EA5FC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{F67FF78E-10CC-4937-84C3-79D4E637771B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{B6E043D3-CCEC-4261-8EA2-ABD080F46CAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{DB413EC0-A14F-4E83-B401-3584D74AC9DB}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{06670257-4FD9-4B83-B20C-8BD10B937C8D}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{3F4F719E-7FB6-42BE-AFB1-41F9A3F67E0C}D:\program files (x86)\tom clancy's the division\thedivision.exe] => (Allow) D:\program files (x86)\tom clancy's the division\thedivision.exe
FirewallRules: [UDP Query User{56062B46-5268-47A5-8E3C-2F707B84A363}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{5150902E-AE6C-46A5-8A2F-EA4D374487E6}D:\program files (x86)\overwatch\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{AC698FB7-8262-4B5F-AE3C-EA35071684B7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{105A53C0-E656-4632-8371-77B9CAA10444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{DE45B7B9-33A9-46F3-B80C-186992B98BFF}] => (Allow) LPort=1900
FirewallRules: [{51700128-C169-4AF0-ABB3-6019B2234BEB}] => (Allow) LPort=2869
FirewallRules: [{F87F89FA-B567-48B1-B68A-49BFE0EC8F02}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{DF780692-03C9-4FAE-A9F6-55D3D1FACBC8}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{80C4801A-B800-4EE1-B75A-68B715969375}D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AE71D734-B4B0-493F-8148-113142CAC814}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD1244D8-3CEF-4F9A-A4F2-59E3D4E6DBE9}D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{B310F864-AB7F-46F8-8033-12DBB4ABDB84}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{4E5588DC-8A03-452C-A814-28A50BA283A0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{6FAA8E9A-1BFA-4B80-BF68-1CA0467272B3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{8E53D14C-173C-469E-A7C0-FC634251035E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{F9C45902-1EE0-4ACC-ADA9-5742294F28B0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{199F447F-5289-4187-8331-07E5E48F8C9D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\devildaggers\dd.exe
FirewallRules: [{978218B0-6367-4C89-A1BA-236419747157}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7834845B-A3B9-4A8E-BA47-C5CCF350686C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{939B4E88-BE25-40B1-91AD-DCDE2EAD1C68}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{BAED523B-EF2C-4F7E-A3AC-36B6F2FFEE4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{5582C2C5-8E66-48AB-8CFD-4E6865417117}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{A9599D5A-FCF6-4A13-8047-5EEC6C9DA6DF}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [UDP Query User{413A1624-EA4A-4FD1-A1C4-ECC6CC7A5A21}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EB1682A1-C4BA-4C3A-946F-1C32B10ED1CC}D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [{43F29742-2B27-404F-A374-478205BA4294}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{80330737-BF6C-42C7-848C-A6732C78481D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{556DC0B1-24E8-44A0-978E-2F284096707A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{81D69276-A640-4E1A-8132-9679BD381CD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Koi-Koi Japan [Hanafuda playing cards]\KoiKoiJapan.exe
FirewallRules: [{BB290AEC-5AE9-4F47-8473-60B0DECD026D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{EBD8D74F-07DA-492A-9CD8-44E4DFC293E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{04C52C4F-CBE2-41E7-BCEC-1588F0F9E24A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{6BED1BD7-EA9E-4F1D-99D9-13AC8309FF08}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{C701686D-4ADA-4FBD-B698-6CD754F24116}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{56823176-FF81-41C2-B366-A2AC4CD39181}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [UDP Query User{931E706C-0C8F-450A-B2A1-6CFDFDA9A1D7}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{426C2B60-F3F7-4DA9-A811-0DA28546F717}D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{9286A25F-2705-4B5E-906A-A99D35B85F6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{0A1E6997-17D3-4747-8106-B50C0B323E1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [UDP Query User{4898D512-B876-4D84-A582-19FD92816FB4}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{BD67A5BD-BEE6-4F4F-A79A-859EA844729E}D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\program files (x86)\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [{9FD52067-AF88-41C9-89A8-1CE183DA83A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{2BCD56F3-0687-451D-ABA0-C2A00E081366}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{C437CE87-A71C-43E7-BA62-1BDFCFAD7F0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6BCF7699-632C-464D-B5D6-6A280DEE14A9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [UDP Query User{EBDBC056-CADE-4223-A181-F5FDDB377A56}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [TCP Query User{927370DD-8BA9-44E7-AA86-47CA6629B42B}D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{95F8A3D2-3A8C-4EDA-A729-55A671CCAEEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27EF9A32-7213-41A4-98AD-AF9DA32C3C31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94E71186-8933-4C9D-A6C3-098CCDB59886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{769D1814-4C10-4D99-9087-0DEF9A84DD42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9BA40C0A-53A8-458E-847C-F469DCE30002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{854A45F9-FC3B-4D9C-AF2A-ACC6E1D2F077}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{EDDB763B-D7EB-4B44-BBC1-4B6F068D1B86}D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DCC82C4C-AA14-464F-8CEF-374219504A06}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C458D6A8-9D64-4EE2-B89C-444F1D57F5D2}D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{61043D88-EAA3-4BC0-8920-FF23913988AB}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{12EF483D-954A-469D-BB1A-65E18C8405B6}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{A66B7710-C51E-41A7-B65D-8461ED7E7970}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F3A2F987-9BF7-4B4D-AE65-FCC310AD82C2}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{BDEB1C7A-0B1A-4F15-9995-0F56C7D56F55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{0BE4DEDB-B609-4A08-8EDA-F7C04CC842AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{76EEA0D2-F8F5-40AD-A054-638833F75E30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{6964DBF8-F8B3-4340-845E-EDBDFAEEBAE0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [UDP Query User{E2089537-DCE3-4B3A-B332-2411C7E09E4F}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{54417066-6F8B-4E28-9F85-0A8AE3DC904B}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{747312C0-8EB8-46FB-A656-9F6E599C02A7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{542C020A-49A2-4625-BD62-3CBD888348E5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{08276856-D54A-4A66-826F-3638EF6D426D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{BAABEEDD-8579-417C-BA51-4484FD07839B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{8E3969EA-7101-4BF6-9A28-2160C0BC1960}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{1CC35AF9-409B-45AB-B49D-876C224E1DCA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\HuniePop\HuniePop.exe
FirewallRules: [{93103BC1-8D21-4350-8CE9-614D06E84813}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{11E424AA-383D-4F30-B683-AC91ADBFE99E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{45530EF2-BAF3-465E-BC26-F25EA0E19DEF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{88687C5A-DD19-4770-A83E-0091679FAD8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{F5B0530A-D302-4EA1-80B1-8F675B79CF4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{0B5E41A6-6AE2-4D7C-9A64-895CD624EC2B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{C2F978F6-405C-4E18-8B6D-61C8E10E54FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{EEED312C-DCD7-454F-95D7-4A1D141A726C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [UDP Query User{594CAB67-D8D5-41F9-A38E-8F11CEE19BFF}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AC383127-6714-4741-A6FF-004A6D97234E}D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{6C075229-B17F-44DE-8514-F9DF46E544E1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{91B46C84-3D73-4E76-B72F-CD08C8A723F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SanctuaryRPG - Black Edition\SanctuaryRPG.exe
FirewallRules: [{CD532599-7D0F-448B-8A61-D1418120D8F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F22BE907-5B04-4446-982C-BAC0ABC16FE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{37599D5F-4EC8-4C2B-9488-B0E5014E5641}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EA09F9AC-D798-41B7-B9BC-2B91C7F88470}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{F8B17FBB-BB43-4D85-9FEC-EEB58A81DEF6}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{D2026B4C-FF8B-4202-877A-6957857CE548}] => (Allow) C:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{59D3C52C-6E46-4914-8591-5CBD1DC43B59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2454A699-F7D7-4B06-8507-CDA10141C753}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C01D681C-5515-4BEA-8DD1-470D6655263F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9FC3B04-A8B6-4EEC-B236-2C5A66660648}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{59FFA24C-9527-4277-906D-49DBAC599876}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{F991024D-E179-4712-AA82-955673652A2A}D:\program files (x86)games\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9EE4FF07-A56D-41DA-BAC1-587AD0863EE5}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9576ED4F-F3D3-421B-851A-EA8CAC010DDC}D:\program files (x86)games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3657D514-73CC-4A6E-BCB1-AD0FA2CED502}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{4294FE41-DAC7-4F44-9479-F36D4DBBBB92}D:\program files (x86)\games\world_of_tanks\worldoftanks.exe] => (Block) D:\program files (x86)\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{6B4F058A-BB38-4242-A5E8-736F19C93D69}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{E31B9522-9A84-4C23-9F9D-B4E9296DAF9D}D:\program files (x86)\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8F7157CF-58CD-4E5F-93E8-F684C99B46A6}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{EA6743E4-2DDA-4596-A24C-3EBCA2CD2934}C:\users\user\downloads\dune 2000\dune2000.dat] => (Block) C:\users\user\downloads\dune 2000\dune2000.dat
FirewallRules: [{51392C51-B819-4F17-B588-2F0A59CF28F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{7EDDB216-22CD-4ACE-B4CA-91DBA8065109}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheLongDark\tld.exe
FirewallRules: [{36ACE851-6FA1-43E8-8830-87489602CFAD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{9E6072B1-243E-4607-8261-9DC2D35B2BCD}] => (Allow) C:\Program Files (x86)\EasyVpn\app\EasyVpn.exe
FirewallRules: [{904B7528-A15C-4B24-AF16-ECAA0B3D6D87}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{553021BC-6E9F-48B2-A48A-8BFC8793293B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{8E1309DC-E711-4624-BC14-06BA827F255F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{8A738709-8F43-43DB-8B41-6B8B9D659C7B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Shadowgate\Shadowgate.exe
FirewallRules: [{165F9B7F-1ABD-4B75-B0B9-C9D3AF1C6C8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8D6F5A2F-AB87-4474-AE8C-268EC317D082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{882DDA1E-1797-4C8D-B7B1-7EC046C09CAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{178DB507-8C05-4B91-8D43-23F07A3F3E90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{66BB3191-9E45-47E4-B23F-9689763D1D89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{53322157-5BF7-4A59-B7DF-ECE2AA2B096D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{957B20E6-213F-4900-AE9C-2595E0FC7A73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{003B164E-96F1-44C9-8AC6-7DC763E9B37C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FORCED\FORCED.exe
FirewallRules: [{4114852A-0504-41D6-B4A4-F10874A1E1E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7AA3C5D5-F9C4-4D2E-9E7F-30DF30E2298E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{3103D173-19BB-498B-BDB8-3BD93246371B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{7EAFF071-4732-4473-8434-937E416A33A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{0808623D-B568-4C2F-AB90-13C1A2A0BC79}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A2FC59C2-FE72-4DB0-BE84-C71FA67B049A}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [UDP Query User{0091A712-7316-4BB0-9567-DB4ED2CCAE2C}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [TCP Query User{88049ACA-17DC-4E8A-AD9A-22FCCEDB0F95}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [{025A0A9B-CF16-490D-968A-4A519CEB05F5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{F69A8511-49F8-4A64-B903-7803F62542EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Final Exam\final_exam.exe
FirewallRules: [{88875109-6458-4D10-B5EC-6160942533D9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{3620D27E-0A5A-4992-94EA-28819E585337}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{4D49B0DE-78A4-4E2F-B86B-5C71B42A547F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{4F6891C3-C4C1-4CB9-82AB-9DC2CC7744D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{E60FB92B-7B1F-4FB0-9983-294FF306D5A5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{534E9AFB-53DB-4C19-9B69-B5CF03AF2621}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9CF1C447-1F74-4224-94F9-56A8E2ACAA4E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E8DAA218-AB25-4A30-AF5A-B302D723FA5D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4E71A770-D637-4760-A672-924728F821D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{AB63AA2B-26BD-45B0-9CE2-0EA165118980}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\strikesuitzero\pc\main\Binary\SSZ.exe
FirewallRules: [{750D3D6A-9E69-4503-907F-8B84766719FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E513D3E1-8315-4D72-8112-4AE52E864B11}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8395B346-8251-44CB-9F47-19A2B8F991CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6BF77B84-E27E-49BB-85EC-084F50C01152}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [UDP Query User{D9F21994-9087-4CC1-91A7-A6AC6AC21FDA}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [TCP Query User{932DC11C-3578-4829-BB58-8DEA4451F3E8}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [{E4982598-1B17-4F9A-92B0-A97DFA0D8969}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{9882AE9D-8ACA-43EE-937C-B30A97B1EA9D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{FCBB5751-DA21-442D-B3F4-C75C850443C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E15BF8A3-61B5-4087-B52E-54CB23DCEC8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [UDP Query User{D44A29A5-9682-4184-A12A-D3848E3AF54E}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{C1F79FFE-5A29-4E9C-806A-C6E4A4AD2CF8}D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{D65358B1-3C3A-438A-9C02-00A69955A4B8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4FACA89F-8360-4559-B593-8A8A62C42B60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{8B80574B-D3B4-40EB-A2CC-E6452A82A57A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{6576F812-EA0D-4CB7-9E29-4CD61F768913}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8A0128E7-BEE7-49AA-849D-0941E41787A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F2D08121-F09E-4AC9-A506-88954C015B67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{084858FE-CC1D-40CA-B216-8FE0863B5B6E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{A1584557-3DED-4262-9F18-FD7091440DC1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F53B7EA0-4176-48E3-850C-98F0F0847608}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D6D22702-F493-4DFF-8ECF-93A49B9E6085}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{821ED095-7918-4383-9C9B-3915F555E351}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{D21781BC-68D4-46AB-A324-723D1B113E51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3E4B4413-0E46-487B-A73F-3B64D9973610}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{50366807-F292-4728-B4AB-D2B736B3FB8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{F0B26C7D-DD07-4E19-AF87-EA42C8020751}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{8C009CE1-24F0-4D66-9B0C-9CDE44195540}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{2CB35982-ABC3-4C35-B315-5255C97FC7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{815BCFC8-E68A-4AB2-8F37-AFDA9D949400}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{8C05F04B-5060-4223-B4F0-042CBCB79BFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{3D3714CC-B944-44E7-B32E-EA7312DF3D60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{F49BFD88-F42C-4A40-B397-353E74AF8A47}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{50BE5F13-37EF-4D97-A843-F28155D3AED2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FA437E49-3A80-41B3-8BF6-AEBEAA632A96}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{E36A9235-3F7B-4191-A219-DE1D9D3D82DF}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{7115B09D-2CF2-44B4-9F57-E07CE944DA17}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{3270C909-24F9-454F-879D-071F39726FEB}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{33B47877-541D-4D49-9703-0C2ACEAA6341}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C3FA100E-4D78-4917-A4A7-7B0C17BDB5EC}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9CC92D98-1198-4B0E-BD70-D69CAB1455A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C7D65CDC-049A-4B8B-8D9B-2BD612D447CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{73ADE978-E53A-4D29-B42B-B438899D69CE}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{9B247D3D-34B7-40C7-A55F-D06AE3146EC6}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D5747574-B0EF-4CB4-A72F-5872AF0C6E66}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{CEE98252-4B0B-4997-8FDB-0F2A0B9BD5E1}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B11634B5-9E9A-4DEE-9DF2-22E2ABAE0262}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{F576C934-C549-43F4-8FA3-B067C82C7CF9}D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{03D6DC67-94B5-47D2-AD34-D30049E9F8B9}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D7F1840C-9B7D-4D0E-9EE7-A78E3F68B3FB}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{C8BC0C11-AE31-42D1-BB26-36DA31E28D28}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{22E68F23-B492-4A4D-BB53-97AC0DB4FB59}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D4D0B3C9-5AFE-4BB9-B045-1F1A47351BDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{1DFE8043-002E-4D3D-9C3E-D5A8B4FD9FAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{89FA64F9-1D72-4512-AE62-B7934BB05DAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{786712AE-7193-427A-9544-BE17BBCC815C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{38ACF4AB-823C-47E8-9F52-C1D2550ED9C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6AA642D3-8A2F-44C3-9C55-D1B41879EE0F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [UDP Query User{2B4DA5C7-000C-44FD-979B-92910B76DA8C}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EFD73655-1356-427C-ACAB-4303F05BC13B}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DA44E897-2477-4A25-AC54-0700CEB5A6FA}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34B4BEB7-2827-4563-A860-C855B1CE9BBC}] => (Allow) D:\Program Files (x86)\Gamigo\Dragon Nest Europe\DragonNest.exe
FirewallRules: [UDP Query User{62A688BB-FFE0-4D92-8A68-26BEC4C29FA2}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{32715F2F-269E-4E66-A9D3-C1584F472706}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{ED885F51-9EB9-4A3A-8A4E-883D26282E15}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{4DF4EC7A-9581-4ABC-B604-A876303A17E2}D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{9506B136-4877-4406-8E96-A2E078EE26F1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{14FD270A-F503-49FF-B521-9A1847FD8785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{731D2B39-4F01-4189-89B8-A7F89F1A0E7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{ADC968AB-A931-4E44-81F0-DB55F92D4BEC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [UDP Query User{819060AB-12D9-4783-BEC5-2151A70FDFF3}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{F2AE7830-9CED-4379-A3D9-928CD3E24032}D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{D1461A24-2E2B-4341-81DB-96908BE9B6B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{14BA0501-516D-44F7-8F3C-D85C7AE9B1EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{75118281-45CA-4C42-A3D4-0C3EE99C7F75}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EBA31B81-FE0B-40C3-ABAE-E67F79C68CA4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9F978D43-9118-4B38-99D6-9AF98CACCB15}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FF5D4631-DE06-44EE-8D02-1ED34F9F378D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{00A99602-0225-4E25-AF4B-5653BAF25F46}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{2D0F026A-A3C2-4462-B799-01BDDA5316F2}] => (Allow) D:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{51EE29B1-FB68-4566-9B21-ED3E8FE69D9A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{2689F466-8710-4E34-92AD-467ED36F1EDD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [UDP Query User{9F411DDB-07ED-401D-B11A-561345B36BD3}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{B5FDD4EC-BD26-42D5-87A8-A4DEACBF824A}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{DE7D2B3D-A8B3-4B5B-B5C8-CB3D5A4F2779}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9C8DAB59-7C8B-4723-B666-2E281B66E04B}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [{32F81BF7-6DD4-4973-BECE-BF8D5614BB8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{98ADE586-69AD-4CE7-98D5-AB605A07E65F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{56B8E014-F687-4992-89E4-E01B71F8A251}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{0915F978-1854-485F-A388-9C4F2A67FDA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{4059C563-9EF6-471B-8209-7C28947F6233}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{F71FF282-E052-4C44-B7DB-BD381D8C3423}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2D1DA045-E6F3-4E61-8B58-09A2B4D127B7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{886AD962-8153-4159-87CD-B62FDC2082C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{7A80EFAC-6237-4B15-BAF5-BE64147FDAB0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [{77972C1E-E53F-4BED-8729-A28881C6A6DE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Pit\ThePit.exe
FirewallRules: [UDP Query User{2E61565B-6990-4A59-AE0E-F6C62FDC1DE2}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{C8BB4F09-9EBD-4E1D-8936-B3E50C6E4D14}D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{90D6DEB5-8542-451E-A9BD-2D2286A3D021}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{EBB68814-2F91-4013-8070-5C95AF8607A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [UDP Query User{9750FC29-0CA8-486F-95A9-36C4511641BE}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{F29253DD-845B-4919-998C-A17C61A6C79F}D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{187B787F-EE9D-4C6F-96C3-32A8F562C51A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2CFB36F-C2CC-4D5A-8DD7-BE70E93E3E33}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2381088C-CD17-47C4-AC5F-E1506F86ECCC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{221BFBEA-B5BC-45D2-A5C5-403E609A2881}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{1F811F5D-1A1E-4A01-A9B9-8BB8E9473BA3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{0358047A-3434-4402-B322-0FACD892A43C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{80AB33F4-0E65-4A46-B32E-8E9EBE45DD3C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A952EF7-3588-466C-8A42-73B02A5AA105}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{FF71BAD1-507C-4A03-BCCC-5CC8F25A1C81}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{ACD0D2F6-E2E9-480A-9880-8EBDA343F9CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{BD06E472-490F-4FE3-8DA8-6E92828236CB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{90A76F71-FE1A-4BA6-BFAD-47833C7C8DD0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{611FC127-1D6D-4C24-9311-8CB9698A04D7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{6900030B-CA52-4002-85A0-F6D062934084}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{44BD211B-77B4-4D2A-9D02-4FCC0BFB0802}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{2007D810-87C9-4BE4-B4B3-464DFC37D3DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{2DE4FE91-3DE7-4BEE-B526-1B9E3E49A63D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{3AED1BF5-E810-4E51-9364-80407CA23461}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{ECB390C3-738D-4B22-B16C-26DC851F99D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{7DC90B57-3390-4F05-900C-95684DF0C086}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [{5C498397-C8AF-4CCA-BED1-C4860DD31D4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ziggurat\Ziggurat.exe
FirewallRules: [TCP Query User{B2D2A1CF-D1BD-4928-A88D-CD89D25643D4}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{15165249-D612-4401-A12E-73006BD53D38}D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [{940A0DFB-D5B1-4853-8569-567CE94CFFB5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{72B4EC1E-53D4-49A2-B225-06F326413486}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{3988B9CA-DB40-4984-9ACF-CC92E48F2A75}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ABAA0DC2-1BE5-4550-BA80-D39A001006CF}D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [{F454F959-DF9D-432C-A534-F47BD03F9D59}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D0D77C75-CD16-4342-9568-80C3B1B7A4BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A48B48B0-9FD3-4E9D-9ACA-2E14733C0628}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{50D307DD-113C-493A-B5B8-E51DD3ED25FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3EEFD00B-71C6-4632-83D8-A7590B7CBD16}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [{49AA4E96-2322-487C-80C6-FB3DE7AF5B7E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 4\Launcher\SniperElite4.exe
FirewallRules: [TCP Query User{AE788611-7C47-462A-AC76-0A9E97D4300A}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D0574057-5293-4840-B837-0657D8A426AB}D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E7801EE-AD3D-4DCB-8FEE-10B28323BB7F}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [UDP Query User{98EBC094-13DD-4CB7-BBF5-DB7CBC61C8B6}C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.9093\battle.net.exe
FirewallRules: [TCP Query User{2DFCF6C9-A0B8-4489-9FEC-C73FFB47C816}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CA458EE1-B8AA-409A-945E-3D788C7900BE}D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56175\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{302AD794-90E7-49AF-97F3-A539E626F4AC}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{93C87B87-B5FE-4FA4-BAB9-06285C9845D1}D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56361\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{41301FF2-2E70-41CB-9FD7-C0E969324E8A}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [UDP Query User{26585C94-4295-4072-A5F8-E6F019C6EA4E}D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) D:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [TCP Query User{B5A9F877-151D-44C0-A1B7-DDB235AD06B1}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D591AA06-5DAC-4F2F-920F-D4714E1AE010}D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [{A6ADFFDB-186B-407C-A274-8895B7A7447E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{B4997078-67CC-42A8-A054-E3D59D343788}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{3C5B5F81-7BD4-4DA5-98AA-C080B1811000}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{6B2D9AC0-303D-424C-96A1-A4091C3D5FFF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [TCP Query User{861C0C3B-1165-404E-9DF3-EA2A6CE86666}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1B7202E-5CE9-4968-A76C-8384B960BCB7}D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [{AFB2D075-0560-4276-B353-4C5A192287BD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [{217356E9-0E31-4916-8330-56D5A50E2400}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dementium 2\DII_Beta.exe
FirewallRules: [TCP Query User{D87974C5-6960-4B99-835C-A84A8C5F151D}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC484CF4-EDCF-4429-935F-74DDE4322EFE}D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{FD5F9239-E1B6-471D-B3F3-DE2BC7F72536}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{95EE92CB-F7A8-4702-B84C-5EAD4A3D39DB}D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57589\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{524D1693-9E29-4F9F-A543-E366FA4EB9DE}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2F6426D7-F430-41C5-9E01-7CE671E1616F}D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base57797\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3FC9D089-BE27-4E4A-B682-CBF0BCAFC580}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{98F45318-DDB7-4588-A7BC-E42AFF540DD5}D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{83DFFEEC-DDAA-48A6-9680-E945178BDE7F}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EEEC02B6-8AB2-47AB-88FA-A91084E78635}D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{54C45AB9-0BBB-4FAC-AFB4-6CD753996C00}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DA3CAC01-AAF5-47C5-9790-1356B48EEEAA}D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{86FFF1AE-9B60-4BB2-A523-5FBA74A3E2D5}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E42A70EB-A988-45AF-984F-95B3C7B0617F}D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [{B8417AE4-B69E-4608-A025-609146443F52}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.52\opera.exe
FirewallRules: [TCP Query User{095C0C30-718A-40E1-9C91-7BAF35A4C77F}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B4F82A47-2FA5-4CFB-8216-6C2116E279BE}D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [{01FE5BA2-9C1A-49E9-8217-2AA702B291E5}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.34\opera.exe
FirewallRules: [{2B9C3192-1E05-4EED-A951-71F7E6FB6C18}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B704894E-9C50-446D-9B36-EC664C1F66D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4A2D7233-C43D-41F7-BCD9-41E0F3F18FE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
26-10-2017 12:15:27 Geplanter Prüfpunkt
04-11-2017 12:40:13 Geplanter Prüfpunkt
13-11-2017 13:35:46 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/13/2017 11:16:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdgeCP.exe, Version: 11.0.15063.674, Zeitstempel: 0x59cdf479
Name des fehlerhaften Moduls: win32u.dll, Version: 10.0.15063.608, Zeitstempel: 0xd9592a17
Ausnahmecode: 0xcfffffff
Fehleroffset: 0x0000000000001144
ID des fehlerhaften Prozesses: 0x2c60
Startzeit der fehlerhaften Anwendung: 0x01d35cccfad624d3
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\win32u.dll
Berichtskennung: b52b1230-aa01-4ae6-afbf-60ee43a06edc
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ContentProcess
Error: (11/13/2017 10:32:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/13/2017 10:31:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x84000013
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x21dc
Startzeit der fehlerhaften Anwendung: 0x01d35c62152be3ae
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d45187bb-f965-4247-a8ed-e6d25fa9178c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2017 12:36:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2017 08:22:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/06/2017 06:59:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wow-64.exe, Version 7.3.2.25383 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1784
Startzeit: 01d3572705fec3f2
Beendigungszeit: 4294967295
Anwendungspfad: D:\Program Files (x86)\World of Warcraft\Wow-64.exe
Berichts-ID: fd5e60e0-aec4-48f7-8502-a3b2bedb5612
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (11/03/2017 08:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x8400000e
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x23d4
Startzeit der fehlerhaften Anwendung: 0x01d35472830fa356
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 0cec459e-07fe-4a87-8388-94a009887aed
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/01/2017 01:32:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.15063.674_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Systemfehler:
=============
Error: (11/13/2017 11:02:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/13/2017 11:02:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/13/2017 11:02:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.
Error: (11/13/2017 10:57:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/13/2017 10:57:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (11/13/2017 10:57:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/13/2017 10:57:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/13/2017 10:32:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2017 10:32:22 AM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: Der Server "Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c!App.AppX8nrbv53bn39r31x29ht05thp7rde7ecc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2017 10:29:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2017-06-24 20:48:50.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:13.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.775
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 20:48:12.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:58.615
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.228
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:23.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:46:22.982
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-06-24 14:45:33.285
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16265.62 MB
Verfügbarer physikalischer RAM: 11514.35 MB
Summe virtueller Speicher: 32649.62 MB
Verfügbarer virtueller Speicher: 27543.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:487.84 GB) (Free:366.46 GB) NTFS
Drive d: () (Fixed) (Total:1374.51 GB) (Free:716.2 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0CD429A7)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
14.11.2017, 16:57
| #23 |
| /// TB-Ausbilder | Probleme mit nicht Löschbarer Adware.Elex.ShrtCln Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  Vielleicht möchtest du das Forum mit einer kleinen Spende  unterstützen.  Hinweise: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen. Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware. Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird) Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen. Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms. Absicherungen Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen. Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:
Optionale Browsererweiterungen
Grundsätzliches
Lesestoff:Backup-/Image-Tools IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen. Option 1: Drivesnapshot Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html  Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot. Option 2: Seagate DiscWizard Download => Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Option 3: Acronis TrueImage WD Edition Download => Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg |
|
16.11.2017, 14:52
| #24 |
| /// TB-Ausbilder | Probleme mit nicht Löschbarer Adware.Elex.ShrtCln Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM inklusive Link zum Thema. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Probleme mit nicht Löschbarer Adware.Elex.ShrtCln |
| adware, appdata, bedrohungen, bereits, build, bösartige, code, default, einfach, entfernung, erneut, fehlgeschlagen, gen, google, hoffe, laufen, local, mehrfach, probleme, protokol, quarantäne, secure, update, users, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
