Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Versuchter Teamviewer missbrauch auf meinen PC

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 03.11.2019, 12:47   #1
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Guten Tag,

nachdem mein Hoster vom Netz genommen wurde, wollte ich etwas neues ausprobieren.
Dabei wollte ich die NZB Funktion meines neuen Anbieters testen. Schnell über einen NZB-Indexer eine Datei rausgesucht und angefangen.

Die Datei war überraschend klein und als .exe verfügbar, da ich mit NZB noch keine Erfahrung hatte, habe ich blauäugig die Datei angeklickt. Nichts hat sich geöffnet.

(Es war eine angebliche Bordlerlands 3 Setup Datei,eine Verlinkung wäre möglich, bin mir aber nicht sicher ob erwünscht)


Nun, es ist nichts passiert. Habe die NZB-Sache also liegengelassen und zum altbewährten JDownloader zurückgegangen.


Ab hier wird es dann interessant, nachdem ich den PC ca 5 Minuten allein gelassen habe, komme ich also zurück und sehe wie meine Maus selbstständig in Opera auf Amazon spazieren geht. Es wurde sich über Auto-Fill-In-Formular eingeloggt und... ab hier habe ich die Maus übernommen

Opera beendet, ein kleines Teamviewer Fenster gesehen, ebenfalls beendet.

Ich wollte sofort die Borderlands Setup Datei löschen, dieses hat nicht funktioniert. Es erschien eine Fehlermeldung... Derzeit nicht möglich da geöffnet.
Ich habe im Taskmanager nichts gefunden also neugestartet und erneut versucht zu löschen, mit Erfolg.


Lasse derzeit Bitdefender Internet Security laufen, bisher keine Funde.
Übrigens, ich habe bewusst gar kein Teamviewer installiert, wahrscheinlich eine Portable Version in der angeblichen Borderlands Setup Datei?


Jetzt meine Frage, was sollte ich prüfen, wie kann ich mir wieder sicher sein, meinen PC ohne Fremdübernahme allein zu lassen?

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
durchgeführt von sasch (Administrator) auf DESKTOP-FOHP40Q (03-11-2019 12:43:39)
Gestartet von C:\Users\sasch\Desktop
Geladene Profile: sasch (Verfügbare Profile: sasch & OVRLibraryService)
Platform: Windows 10 Pro Version 1809 17763.805 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Dassault Systèmes SolidWorks Corp.) [Datei ist nicht signiert] C:\SolidWorks_Flexnet_Server\sw_d.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe
(Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectMonitor.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectService.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KStudioHostService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oculus VR, LLC -> ) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera_crashreporter.exe
(Razer USA Ltd. -> ) C:\Windows\System32\RZSurroundHelper.exe
(Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(Trend Micro Inc.) [Datei ist nicht signiert] C:\Users\sasch\Desktop\HijackThis.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019
durchgeführt von sasch (03-11-2019 12:21:56)
Gestartet von C:\Users\sasch\Desktop
Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled)
Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled)
golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled)
sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch
WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.05 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns)
Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.2.693 - Bitdefender)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark)
Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 (HKLM-x32\...\Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0) (Version:  - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation)
Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NZBGet (HKLM-x32\...\NZBGet) (Version:  - Andrey Prygunkov)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team)
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version:  - )
OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version:  - )
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.)
Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x)
Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version:  - Roblox Corporation)
ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies)
SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden
SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation)
SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2019 SP01  (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Superhot  Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot  Incl. Update 3 MULTi9 1.0) (Version:  - )
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version:  - )
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG
uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{1F8D8040-0BC8-11E5-85C5-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.)
VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - STMicroelectronics (STTub30) USB  (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat ()
Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll
2019-08-24 15:39 - 2019-08-24 15:39 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108]
AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA​ [16]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ==========

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2019-11-03 12:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run32: => "Updater"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "SE61T-UserTools"
HKLM\...\StartupApproved\Run32: => "SKILLER SGK4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "OculusTrayTool"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A68589C6-CE2A-4685-86A3-91A965FECEFA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe Keine Datei
FirewallRules: [{287FF9E7-CBBD-4BFB-A533-C085FEE51F43}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe Keine Datei
FirewallRules: [{8C32AB04-804F-4544-AB21-AA8961EFC463}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe Keine Datei
FirewallRules: [{02928025-9AF7-4E38-A658-B0D13AE92D23}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe Keine Datei
FirewallRules: [{14AC329C-96DE-419B-8D2A-D5C5D09C95AD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe Keine Datei
FirewallRules: [{132BC8D5-6B34-42BB-9D7E-06809933E2E0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe Keine Datei
FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027
FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027
FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027
FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027
FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027
FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027
FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027
FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027
FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027
FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027
FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027
FirewallRules: [{C031F3DC-E105-41C6-A5A1-386FD0919B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe Keine Datei
FirewallRules: [{7037C5AD-4A33-450C-A121-FFA5A5A7FC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe Keine Datei
FirewallRules: [{1F92F6EF-DDDD-4903-997B-17C330F3F669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe Keine Datei
FirewallRules: [{B92DFD7B-E615-4738-A124-FE077365D115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe Keine Datei
FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027
FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027
FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027
FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027
FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027
FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027
FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027

==================== Wiederherstellungspunkte =========================

02-11-2019 18:16:04 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509].

Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000701a52
ID des fehlerhaften Prozesses: 0x168c
Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts

Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/02/2019 11:02:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000021399fb7300
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d591c45509e62d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 00a7de21-caec-4766-834e-df68a6cf9605
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/02/2019 10:25:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000002eb47bc77d0
ID des fehlerhaften Prozesses: 0x4af4
Startzeit der fehlerhaften Anwendung: 0x01d591bf02640381
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 0890802c-f189-4781-8a7f-3abc7e1c952e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/02/2019 09:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm Steam.exe Version 5.45.49.1 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2638

Startzeit: 01d591bd8bf6485d

Beendigungszeit: 19

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Bericht-ID: 443ada50-9f13-411a-98d5-35f535ff30b8

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Cross-process


Systemfehler:
=============
Error: (11/03/2019 12:17:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 12:16:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 12:16:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:16:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:14:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "SOLIDWORKS Electrical Collaborative Server" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/03/2019 12:12:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:11:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:11:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================

Date: 2019-11-03 12:14:50.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 12:11:25.049
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 11:54:42.573
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 19:38:13.968
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:15:01.526
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:50.034
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:29.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 18:49:31.791
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 2003 09/19/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16324.48 MB
Verfügbarer physikalischer RAM: 9725.93 MB
Summe virtueller Speicher: 20676.48 MB
Verfügbarer virtueller Speicher: 12343.22 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:475.64 GB) (Free:36.54 GB) NTFS
Drive d: () (Fixed) (Total:920.1 GB) (Free:187.49 GB) NTFS

\\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS
\\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS
\\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:36:40, on 03.11.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0771)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Users\sasch\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O2 - BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SE61T-UserTools] C:\Program Files (x86)\uRage Reaper nxt\uRage Reaper nxt..exe /s
O4 - HKLM\..\Run: [SKILLER SGK4] C:\Program Files (x86)\SKILLER SGK4\Monitor.exe
O4 - HKLM\..\Run: [CORSAIR iCUE Software] "C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OculusTrayTool] C:\Program Files (x86)\Oculus Tray Tool\OculusTrayTool.exe
O4 - HKLM\..\Run: [OnScreen Control] C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\sasch\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Discord] C:\Users\sasch\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [CorsairLink4] C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe -startup
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - Startup: FileHoster.url
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: Twitch.lnk = sasch\AppData\Roaming\Twitch\Bin\Twitch.exe
O4 - Global Startup: SOLIDWORKS 2019 Fast Start.lnk = ?
O4 - Global Startup: SOLIDWORKS Hintergrund-Downloader.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Bitdefender Anti-tracker - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AfVpnService - AnchorFree Inc. - C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: Bitdefender Vpn Service (BdVpnService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Corsair LINK 4 (CLink4Service) - Corsair Components, Inc. - C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: Corsair Service (CorsairService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: SOLIDWORKS Electrical Collaborative Server (ewserver) - Unknown owner - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kinect Monitor (KinectMonitor) - Unknown owner - C:\WINDOWS\system32\Kinect\KinectMonitor.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Oculus VR Library Service (OVRLibraryService) - Facebook Technologies, LLC - C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe
O23 - Service: Oculus VR Runtime Service (OVRService) - Facebook Technologies, LLC - C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Remote Solver for Flow Simulation 2018 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Flexnet Server - Flexera Software LLC - C:\SolidWorks_Flexnet_Server\lmgrd.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SWVisualize2019.BoostService - Dassault Systèmes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
O23 - Service: SWVisualize2019.Queue.Server - Dassault Systèmes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Ashampoo LiveTuner 2 Service (WO_LiveService2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe

--
End of file - 15782 bytes
         

Alt 03.11.2019, 13:13   #2
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Code:
ATTFilter
2019/11/03 11:49:21.424 15412 17700 G7   IsWindowsServerVerifyOnce(): Is a windows server 0
2019/11/03 11:49:21.424 15412 17700 G7   Logger started.
2019/11/03 11:49:21.814 15412 17700 G7   Monitors: Generic PnP Monitor, \\.\DISPLAY1, 2560x1080 (0,0), flags=3, dpi=96
2019/11/03 11:49:21.814 15412 17700 G7   Monitors: Generic PnP Monitor, \\.\DISPLAY2, 1920x1080 (2560,0), flags=3, dpi=96
2019/11/03 11:49:21.904 15412 17700 G7   CMain::LoadResourceDLLs(): No custom resource dll found
2019/11/03 11:49:21.904 15412 17700 G7   InterProcessBase::SecureNetwork created
2019/11/03 11:49:21.908 15412 17700 G7   VoIP: Constructor
2019/11/03 11:49:21.908 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183
2019/11/03 11:49:21.908 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183
2019/11/03 11:49:21.918 15412 17700 G7   TAF::Handler::ctor: TAF initialized. MM=40
2019/11/03 11:49:21.922 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183
2019/11/03 11:49:21.941 15412 17700 G7   MsHtmlVersionInfo: 11.0.17763.802
2019/11/03 11:49:21.948 15412 17700 G7!  AsioSettings::FindExternalIP: found 0 external IPs instead of 1!
2019/11/03 11:49:21.949 15412 17700 G7!  AsioSettings::FindExternalIP: found 0 external IPs instead of 1!
2019/11/03 11:49:21.953 15412 17700 G7   Generating new RSA private/public key pair
2019/11/03 11:49:21.982 15412 17700 G7   QueryVPNRegKey: Subkey 'SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Configuration' (13) has no 'MatchingDeviceID' entry. Continuing...
2019/11/03 11:49:21.983 15412 17700 G7!! QueryVPNRegKey: RegOpenKeyEx: SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties



Start:              2019/11/03 11:49:22.126 (UTC+1:00)
Version:            14.7.1965 QS
ID:                 0
Loglevel:           Info (100)
License:            0
Server:             master9.teamviewer.com
IC:                 1794020801
CPU:                Intel64 Family 6 Model 94 Stepping 3, GenuineIntel
CPU extensions:     h9
OS:                 Win_10.0.17763_W (64-bit)
IP:                 192.168.178.36
MID:                0x00ff83c63e92_1d44cc67230d0d5_2048382725
MIDv:               0
Proxy-Settings:     Type=1 IP= User=
IE:                 11.805.17763.0
AppPath:            C:\Users\sasch\AppData\Local\Temp\TeamViewer\TeamViewer.exe
UserAccount:        sasch

2019/11/03 11:49:22.131 15412 17700 G7   Resource-Language: de
2019/11/03 11:49:22.142 15412 17756 G7   NetWatchdog: Internet is now connected
2019/11/03 11:49:22.142 15412 16960 G7   CKeepAliveClientClient::HandleStartKeepAlive: going online not wanted!
2019/11/03 11:49:22.142 15412 17700 G7   Using IPC-Port 6039
2019/11/03 11:49:22.143 15412 17700 G7   SHMR: Initializing shared memory.
2019/11/03 11:49:22.147 15412 17700 G7   Starting intra process connection
2019/11/03 11:49:22.147 15412  1248 G7   NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=0 restart=0
2019/11/03 11:49:22.153 15412  5968 G7   Received Control_InitIPC_Response processtype=1
2019/11/03 11:49:22.153 15412  5968 G7   Received Control_InitIPC_Response runningProcesses=3
2019/11/03 11:49:22.153 15412  5968 G7   Control_InitIPC_Response: all processes 3 completely initialized
2019/11/03 11:49:22.154 15412  5968 G7   NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=1 restart=0
2019/11/03 11:49:22.154 15412  5968 G7   TeamViewer is going online!
2019/11/03 11:49:22.154 15412  5968 G7   CKeepAliveClientClient::DoReconnectInternal: doing nothing, state = 0
2019/11/03 11:49:22.154 15412  5868 G7   CKeepAliveClientClient::StartConnect(): Protocol 8 proxy -- IP 
2019/11/03 11:49:22.154 15412  5868 G7   Activating Router carrier
2019/11/03 11:49:22.171 15412 17700 G7   DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0
2019/11/03 11:49:22.171 15412 17700 G7   DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0
2019/11/03 11:49:22.180 15412 13276 G7!! ProxySearch.GetProxiesFromPAC: WinHttpGetProxyForUrl(WPAD) failed for URL 'hxxp://www.teamviewer.com/' with error 12167, Errorcode=12167
2019/11/03 11:49:22.180 15412 13276 G7!! ProxySearch.GetProxiesFromPAC: WinHttpGetProxyForUrl(WPAD) failed for URL 'https://www.teamviewer.com:443/' with error 12167, Errorcode=12167
2019/11/03 11:49:22.193 15412 17700 G7   MachineHooks: Initialized Shm
2019/11/03 11:49:22.193 15412 17700 G7   MachineHooks: refcount = 1
2019/11/03 11:49:22.193 15412 17700 G7   MachineHooks: x64 Machine detected
2019/11/03 11:49:22.193 15412 17700 G7   MachineHooks: w32 Loader is starting
2019/11/03 11:49:22.193 15412 17700 G7   MachineHooks: x64 Loader is starting
2019/11/03 11:49:22.297 15412 17700 G7   CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0
2019/11/03 11:49:22.314 15412  5968 G7   IpcLoaderProcessHandlerWin: Loader process started, pid = 19828
2019/11/03 11:49:22.327 19828 18672 L32  Loader started with: "C:\Users\sasch\AppData\Local\Temp\TeamViewer\tv_w32.exe" --action hooks  --log C:\Users\sasch\AppData\Roaming\TeamViewer\TeamViewer14_Logfile.log  
2019/11/03 11:49:22.367 15412  5968 G7   IpcLoaderProcessHandlerWin: Loader process started, pid = 10100
2019/11/03 11:49:22.377 10100 20288 L64  Loader started with: "C:\Users\sasch\AppData\Local\Temp\TeamViewer\tv_x64.exe" --action hooks  --log C:\Users\sasch\AppData\Roaming\TeamViewer\TeamViewer14_Logfile.log  
2019/11/03 11:49:22.388 19828 18672 L32  Starting Loader
2019/11/03 11:49:22.192 15412 17700 H32  Loader: SharedMem Connected (seg = 0x8cf0000, refcnt = 1)
2019/11/03 11:49:22.192 15412 17700 H32  teamviewer.exe: SharedMem Connected (seg = 0x8cf0000, refcnt = 2)
2019/11/03 11:49:22.294 15412 17700 H32  teamviewer.exe: SharedMem_SetLogLevel: 0 -> 200
2019/11/03 11:49:22.397 15412 17700 G7   MainBaseWin::ExecuteMain: MainThread-Id = 17700
2019/11/03 11:49:22.411 10100 20288 L64  Starting Loader
2019/11/03 11:49:22.627 15412 16960 G7   KeepAliveSessionOutgoing::ConnectSuccessHandler(): KeepAliveConnect to router11.teamviewer.com successful
2019/11/03 11:49:22.627 15412 16960 G7   KeepAliveSessionOutgoing::KeepAliveChannelInitialized(): KeepAliveConnection to router11.teamviewer.com initialized
2019/11/03 11:49:22.627 15412 16960 G7!! KeepAliveSession::KeepAliveChannelInitialized(): KeepAlive-Connection initialized with ID 0 (IP: 2a03:8180:1501:88::9), SendQueue 0 (0 Bytes), SendIndex 0, AckIndex 0, RemoteSessionID 1
2019/11/03 11:49:22.627 15412 16960 G7!  KeepAliveSession::SendCompleteQueue(): SendQueue: 0 (0 Bytes), RemoteSession 1 (ClientID 0), Time: 0 ms
2019/11/03 11:49:22.628 15412 16960 G7   IdentifyRequest: ID = 0, IC = 1794020801, IsTemporaryID = 0, InitiativeGUID = 2abb09fd-1b92-4b82-a028-da8af59494fb, CanStoreGUID = 0, MIDHistory = {0x00ff83c63e92_1d44cc67230d0d5_2048382725|ua3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede|va3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~0dd0c5b4e712d7cef7750d93b4e6b006|windows03a3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~0dd0c5b4e712d7cef7750d93b4e6b006}, MIDv = 0, MaxSupportedMIDv = 3, RebootHash = {c4794370-5344-b2c5-d96f-8b2853b076ad}, MIDFlags = 1, MIDForceUpdateFlags = 0, AttractionGUID = 00000000-0000-0000-0000-000000000000, TerminalServerIDsInToken = 0
2019/11/03 11:49:22.677 15412  5968 G7   TVRouterClock: received router time: 20191103T104924.615133
2019/11/03 11:49:22.677 15412  5968 G7   TVRouterClock Schedule next request in 43200 seconds
2019/11/03 11:49:22.971 15412  5868 G7   Login::Identify::ManageLogin(): ID: 1663350025 IC 1794020801 MIDv2
2019/11/03 11:49:22.974 15412  5868 G7   CKeepAliveClientClient::OnKeepAliveSucceeded(): Protocol 8 proxy --
2019/11/03 11:49:22.974 15412  5868 G7   TeamViewerIDTracker::UpdateMachineID: New machineID = 1663350025
2019/11/03 11:49:22.974 15412 16960 G7   IDLabelContent::UpdateImpl() IDs changed: SessionID "1663350025", TSUserID "0", ServerID "0"
2019/11/03 11:49:22.975 15412 17700 G7   CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0
2019/11/03 11:49:22.976 15412  5968 G7   DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0
2019/11/03 11:49:23.684 15412  5868 G7   LicenseTracker::UpdateMachineLicense() local license differs from master license
2019/11/03 11:49:23.684 15412  5868 G7   Non-Commercial use
2019/11/03 11:49:23.826 15412 11116 G7   Client logged in and online
2019/11/03 11:49:23.826 15412 17700 G7   CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=1 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=1
2019/11/03 11:49:23.827 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.827 15412 15044 G7   InterProcessBase::SecureNetworkCallbackHandle created (RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a)
2019/11/03 11:49:23.827 15412 15044 G7   TAF::Handler::RequestServerURL: Request new server URL from master.
2019/11/03 11:49:23.827 15412 15044 G7   KeepAliveStateListener::OnOnline: going online
2019/11/03 11:49:23.827 15412 15044 G7   ManagerHolderStateMachine: Switching from None to ReadyForLogin
2019/11/03 11:49:23.827 15412  5968 G7   SecureNetworkIPCAdapter::RegisterSharedBCmdCallback(): CC: 30, RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a, DyngateID: 1663350025, ProcessType: 2, SessionID: 7
2019/11/03 11:49:23.828 15412  5868 G7   ChatManager::ChatManager: created
2019/11/03 11:49:23.828 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.828 15412  5868 G7   ChatManager::Factory: ChatManager created
2019/11/03 11:49:23.828 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.828 15412  5868 G7   IncomingBetterChatCommandHandler::IncomingBetterChatCommandHandler: created
2019/11/03 11:49:23.828 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.828 15412  5868 G7   IncomingCommandRegistration::Start: registering for ready state properties
2019/11/03 11:49:23.828 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.828 15412 15044 G7   DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=1 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=1
2019/11/03 11:49:23.828 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.828 15412  5868 G7   InterProcessBase::SecureNetworkCallbackHandle created (RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb)
2019/11/03 11:49:23.828 15412  5868 G7   IncomingCommandRegistration::Register: Registered successfully for incoming commands (after 0 retries)
2019/11/03 11:49:23.829 15412  5968 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:23.829 15412  5968 G7   SecureNetworkIPCAdapter::RegisterSharedBCmdCallback(): CC: 25, RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb, DyngateID: 1663350025, ProcessType: 2, SessionID: 7
2019/11/03 11:49:23.855 15412  1248 G7   TAF::Handler::ServerUrlUpdate: Received new server URL: https://client.teamviewer.com/taf/index.aspx
2019/11/03 11:49:23.857 15412 19716 G7   TAF::Hander::RequestListInternal: Request new list for license type=10000
2019/11/03 11:49:23.943 15412 16960 G7   RequestIPAddress::RequestResult: Client country code: DE
2019/11/03 11:49:23.986 15412  5968 G7!! TAF::Handler::ParseJson: Received answer is empty.
2019/11/03 11:49:38.646 15412 12012 G7   Activating Router carrier
2019/11/03 11:49:38.646 15412 12012 G7   CommandHandlerRouting[2]::CreatePassiveSession(): incoming session via NL-AMS-ANX-R002.teamviewer.com, protocol Tcp
2019/11/03 11:49:38.937 15412 16960 G7   Negotiating session encryption: client hello received from 1225706102, RSA key length = 2048
2019/11/03 11:49:38.937 15412 16960 G7   Negotiating session encryption: client hello received from 1225706102, RSA key length = 2048
2019/11/03 11:49:38.944 15412 16960 G7   Negotiating session encryption: server hello sent
2019/11/03 11:49:39.091 15412 16960 G7   Negotiating session encryption: client handshake received
2019/11/03 11:49:39.091 15412 16960 G7   Negotiating session encryption: client handshake received
2019/11/03 11:49:39.095 15412 12012 G7   ProcessControlBase[4]: Start Desktop process in session 7, pid 18004
2019/11/03 11:49:39.095 15412 12012 G7   ConnectionGuard: incoming remote control in sessions: 7(1)
2019/11/03 11:49:39.095 15412  5868 G7   Connection incoming, sessionID = -671648659
2019/11/03 11:49:39.099 15412 16960 G7   Negotiating session encryption: server handshake sent, encryption established with AES key length 256
2019/11/03 11:49:39.356 15412 16960 G7   CAcceptServer::HandleAccept: new connection from 127.0.0.1:52271
2019/11/03 11:49:39.360 15412  1248 G7   Received Control_InitIPC processtype=4
2019/11/03 11:49:39.392 15412  1248 G7   ProcessControlBase[4]::ProcessConnected: Process pid 18004 in session 7 connected
2019/11/03 11:49:39.115 18004 15736 D7   IsWindowsServerVerifyOnce(): Is a windows server 0
2019/11/03 11:49:39.116 18004 15736 D7   Logger started.
2019/11/03 11:49:39.310 18004 15736 D7   TeamViewerDesktop started, PID=18004
2019/11/03 11:49:39.319 18004 15736 D7   Monitors: Generic PnP Monitor, \\.\DISPLAY1, 2560x1080 (0,0), flags=3, dpi=96
2019/11/03 11:49:39.319 18004 15736 D7   Monitors: Generic PnP Monitor, \\.\DISPLAY2, 1920x1080 (2560,0), flags=3, dpi=96
2019/11/03 11:49:39.322 18004 15196 D7   WindowsDesktopSpecificThread::Init(default): ChangeThreadDesktop(): SetThreadDesktop to default successful
2019/11/03 11:49:39.322 18004  1824 D7   WindowsDesktopSpecificThread::Init(winlogon): ChangeThreadDesktop(): SetThreadDesktop to winlogon successful
2019/11/03 11:49:39.323 18004 15736 D7   Changing keyboard layout to: 04070407
2019/11/03 11:49:39.332 18004 15736 D7   MachineHooks: Initialized Shm
2019/11/03 11:49:39.332 18004 15736 D7   MachineHooks: refcount = 2
2019/11/03 11:49:39.332 18004 15736 D7   MachineHooks: x64 Machine detected
2019/11/03 11:49:39.332 18004 15736 D7   RemoveLoginScreenWallpaper: inputDesktopName=Default
2019/11/03 11:49:39.352 18004 15736 D7    tvdesktop::BlackScreen::BlackScreen - state BSCR_OFF; m_showInstallMonitorDialog 0
2019/11/03 11:49:39.352 18004 15736 D7    tvdesktop::BlackScreen::BlackScrState - moving from BSCR_OFF ---> BSCR_OFF
2019/11/03 11:49:39.352 18004 15736 D7    tvdesktop::BlackScreen::RegisterChangeEvent
2019/11/03 11:49:39.353 18004 15736 D7   InterProcessBase::StartTcpCommunicationInternal(): setting m_NetworkConnector to new TCP connector
2019/11/03 11:49:39.355 18004 15736 D7   Opening local TCP connection to 127.0.0.1:6039
2019/11/03 11:49:39.356 18004   896 D7   Local TCP connection established
2019/11/03 11:49:39.369 18004 13928 D7   Received Control_InitIPC_Response processtype=1
2019/11/03 11:49:39.369 18004 13928 D7   Received Control_InitIPC_Response runningProcesses=7
2019/11/03 11:49:39.385 18004  7716 D7   Received Control_InitIPC_Response processtype=2
2019/11/03 11:49:39.385 18004  7716 D7   Control_InitIPC_Response: all processes 7 completely initialized
2019/11/03 11:49:39.449 18004 15736 D7   InterProcessBase::SecureNetwork created
2019/11/03 11:49:39.454 18004 15460 D7   LoginDesktopWindowImpl::GuiThreadFunction(): ChangeThreadDesktop(): SetThreadDesktop to winlogon successful
2019/11/03 11:49:39.454 18004  7716 D7   Connection incoming, sessionID = -671648659
2019/11/03 11:49:39.454 18004  3608 D7!! InterProcessBase::ProcessControlCommand Command 39 not handled
2019/11/03 11:49:39.455 18004 19808 D7   CLogin::run()
2019/11/03 11:49:39.455 18004  3608 D7   IpcRouterClock: received router time: 20191103T104941.380133
2019/11/03 11:49:39.455 18004 19808 D7   CLogin::NegotiateVersionServer()
2019/11/03 11:49:39.564 18004 19808 D7   CLoginServer::CheckIfConnectionIsAllowed()
2019/11/03 11:49:39.565 18004 19808 D7   LoginServer::runServer: using condition set: {}
2019/11/03 11:49:39.565 18004 19808 D7   CLoginServer::AuthenticateServer()
2019/11/03 11:49:39.567 15412  5968 G7   AuthenticationBlocker::Allocate: allocate ok for DyngateID 1225706102, attempt number 1
2019/11/03 11:49:41.716 18004 19808 D7!! CAuthenticationSRP_Passive, Step_Receive_VerifyClientSecret: clientSecret!=serverSecret
2019/11/03 11:49:41.716 18004 19808 D7   AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using dynamic password was denied
2019/11/03 11:49:41.716 18004 19808 D7   AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using fixed password was denied
2019/11/03 11:49:41.717 15412 12012 G7   AuthenticationBlocker::Allocate: allocate ok for DyngateID 1225706102, attempt number 2
2019/11/03 11:49:46.838 18004 19808 D7   AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using dynamic password was successful
2019/11/03 11:49:46.838 15412  5968 G7   AuthenticationBlocker::Reset: attempts reset for DyngateID 1225706102
2019/11/03 11:49:46.969 15412  1248 G7   UDPv6: ProcessHandshake: (*)
2019/11/03 11:49:46.969 15412  1248 G7   Initializing transmission control v2
2019/11/03 11:49:46.983 15412  1248 G7   UDPv4: ProcessHandshake: (*)
2019/11/03 11:49:46.983 15412  1248 G7   Initializing transmission control v2
2019/11/03 11:49:46.988 18004 19808 D7   CLoginServer::runServer: ConnectionMode == 1
2019/11/03 11:49:46.988 18004 19808 D7   SessionManagerDesktop::ChangeToServermode: creating session with TVSessionID = -671648659
2019/11/03 11:49:46.989 15412 11116 G7   PseudoRoutableCmdHandler[2]::StartPseudoRouter(): PseudoRouter has been started
2019/11/03 11:49:46.989 15412 11116 G7   CPersistentParticipantManager::AddParticipant: [1663350025,-671648659] type=3 name=DESKTOP-FOHP40Q
2019/11/03 11:49:46.989 15412  1248 G7   CPersistentParticipantManager::AddParticipant: [1663350025,-671648659] type=3 name=DESKTOP-FOHP40Q
2019/11/03 11:49:46.990 15412  5868 G7   ReadStreamParameters(): streamID=1 type=5 (StreamType_Chat), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:46.990 15412  5868 G7   ReadStreamParameters(): streamID=2 type=7 (StreamType_VPN), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:46.990 18004 19808 D7   WorkstationLockerWin::ShouldAutoLockWorkstation: Autolock: no, Local user logged-in: 1, window session locked: 0, secure screen saver running: no disabled by policy: 0
2019/11/03 11:49:46.990 18004 19808 D7   WorkstationLocker::SetInitialSessionLockState() TVSessionID: -671648659 auto lock: 0
2019/11/03 11:49:46.991 18004 19808 D7   WindowObserver::SessionStart: -1; type: 1
2019/11/03 11:49:46.992 18004  5596 D7   DesktopThread started, number of Cores: 8
2019/11/03 11:49:46.992 18004 19808 D7   SessionManagerDesktop::ReportSession(): report incoming session -> isManagedDevice: 0; reportIncomingSession setting: 0
2019/11/03 11:49:46.992 18004 19808 D7   CLogin::run() leave
2019/11/03 11:49:46.992 18004 19808 D7   tvhelper::CThread::weakJoin - thread {Not-any-thread} has succesfully detached itself
2019/11/03 11:49:46.994 15412 12012 G7   CPersistentParticipantManager::AddParticipant: [1225706102,-1115162109] type=6 name=WIN-8VLDG9NG6KU
2019/11/03 11:49:46.997 15412  5968 G7   VoIP: Meeting session created: MeetingID = m00-000-000, ParticipantID = [1663350025,-671648659], MeetingGUID = 
2019/11/03 11:49:46.998 15412  5968 G7   CacheManager::SetCleanupLimit: 26214400
2019/11/03 11:49:47.011 15412  5968 G7   VoIP: using pipeline factory async = 1
2019/11/03 11:49:47.011 15412  5968 G7   VoIP: CreateComponentsAndStartThreads start
2019/11/03 11:49:47.011 15412  5968 G7   VoIP: using pipeline factory async = 1
2019/11/03 11:49:47.014 15412  5968 G7   VoIP: Receiver: Audio pipeline: Building pipeline finished
2019/11/03 11:49:47.014 15412  5968 G7   VoIP: Receiver: Audio pipeline: VoiceReceiverAudioPipeline RegisterPlaybackDataObserver
2019/11/03 11:49:47.015 15412  5968 G7   VoIP: using pipeline factory async = 1
2019/11/03 11:49:47.016 15412 13764 G7   VoiceSenderAudioPipeline: Building pipeline started
2019/11/03 11:49:47.016 15412  5968 G7   VoIP: CreateComponentsAndStartThreads end
2019/11/03 11:49:47.016 15412 20856 G7   VoIP: Receiver: Audio pipeline: StartTicking called
2019/11/03 11:49:47.016 15412 20856 G7   VoIP: Receiver: ****** Playback status changed to VoiceReceiverPlaybackUnavailable ******
2019/11/03 11:49:47.016 15412 18488 G7   RebuildingAutoVoiceCapturerWorkingClass: Data streaming activity changed to 0
2019/11/03 11:49:47.016 15412 18488 G7   VoiceSenderAudioPipeline: RebuildingAutoVoiceCapturer: Tick streaming activity changed to 0
2019/11/03 11:49:47.017 15412 13764 G7   VoiceSenderAudioPipeline: Building pipeline finished
2019/11/03 11:49:47.018 15412 13764 G7   CAudCodecSpeex:: fpp is 4 
2019/11/03 11:49:47.019 15412  5968 G7   RA: Creating audio server
2019/11/03 11:49:47.019 15412 13764 G7   VoIP: Sender: Initialized
2019/11/03 11:49:47.019 15412 18488 G7   VoIP: Sender: Audio pipeline: StartTicking called
2019/11/03 11:49:47.019 15412  5968 G7   RA: quality suggestion by capacity measurement: (350)
2019/11/03 11:49:47.019 15412  5968 G7   RA: Audio quality set to 120000
2019/11/03 11:49:47.020 15412  7584 G7   VoIP: Receiver: Added session -671648659. Meeting id is -. Our participant id is "1 663 350 025" [1663350025,-671648659].
2019/11/03 11:49:47.079 15412  5968 G7   UDPv6: sending pings...: (*)
2019/11/03 11:49:47.119 15412  5968 G7   UDPv6: UHP.PING response received: (*)
2019/11/03 11:49:47.123 15412  5968 G7   UDPv6: UHP.PING response received: (*)
2019/11/03 11:49:47.129 15412  5968 G7   UDPv6: UHP.PING response received: (*)
2019/11/03 11:49:47.129 15412  5968 G7   UDPv6: punching: (*)
2019/11/03 11:49:47.129 15412  5968 G7   UDPv6: PingOK.PunchInit: (*)
2019/11/03 11:49:47.135 15412 17700 G7   BaseSessionEndpoint::StartProcessingCommands Start processing commands for session -671648659
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: Available Capturing endpoints: "Soundkarte - Mikrofon (Realtek High Definition Audio)", "Rift S - Kopfhörermikrofon", "Standard Aufnahmegerät", "Standardkommunikationsgerät", 
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: Endpoint: "Mikrofon" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21BE1-F70F-11D0-B917-00A0C9223196}, echocat=1
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: Endpoint: "Kopfhörermikrofon" "Rift S" (USB\VID_2833&PID_0051&MI_04), cat={DFF21BE3-F70F-11D0-B917-00A0C9223196}, echocat=2
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.150 15412  2020 G7   VoIP: AudioControl: No VoIPRadioAudioControl installed!
2019/11/03 11:49:47.152 15412  5968 G7   UDPv6: UHP.PING response received: (*)
2019/11/03 11:49:47.185 15412  5968 G7   CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3
2019/11/03 11:49:47.204 15412  5968 G7   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]
2019/11/03 11:49:47.204 15412  5968 G7   CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Available Rendering endpoints: "NVIDIA High Definition Audio - LG ULTRAWIDE", "Soundkarte - Lautsprecher (Realtek High Definition Audio)", "NVIDIA High Definition Audio - SMBX2231", "Soundkarte - Realtek Digital Output (Realtek High Definition Audio)", "Rift S - Kopfhörer  (#2)", "Standard Wiedergabegerät", "Standardkommunikationsgerät", 
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Endpoint: "LG ULTRAWIDE" "NVIDIA High Definition Audio" (HDAUDIO\FUNC_01&VEN_10DE&DEV_0083&SUBSYS_10DE1B81&REV_1001), cat=, echocat=0
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Endpoint: "Lautsprecher" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21CE1-F70F-11D0-B917-00A0C9223196}, echocat=1
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Endpoint: "SMBX2231" "NVIDIA High Definition Audio" (HDAUDIO\FUNC_01&VEN_10DE&DEV_0083&SUBSYS_10DE1B81&REV_1001), cat=, echocat=0
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Endpoint: "Realtek Digital Output" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21FE5-F70F-11D0-B917-00A0C9223196}, echocat=0
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Endpoint: "Kopfhörer" "2- Rift S" (USB\VID_2833&PID_0051&MI_02), cat={DFF21CE2-F70F-11D0-B917-00A0C9223196}, echocat=2
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.207 15412  2020 G7   VoIP: AudioControl: No VoIPRadioAudioControl installed!
2019/11/03 11:49:47.208 15412  2020 G7   VoIP: AudioControl: LoadEndpointPairSettingsFromStorage
2019/11/03 11:49:47.208 15412  2020 G7   VoIP: AudioControl: Request capturing endpoint: "UndefinedEndpoint"
2019/11/03 11:49:47.208 15412  2020 G7   VoIP: AudioControl: Request rendering endpoint: "UndefinedEndpoint"
2019/11/03 11:49:47.208 15412  2020 G7   VoIP: AudioControl: Fallback-mode = 1
2019/11/03 11:49:47.212 15412 12012 G7   CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3
2019/11/03 11:49:47.212 15412 12012 G7   New Participant added in CParticipantManager DESKTOP-FOHP40Q ([1663350025,-671648659])
2019/11/03 11:49:47.212 18004  7716 D7   CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3
2019/11/03 11:49:47.213 18004  7716 D7   New Participant added in CParticipantManager DESKTOP-FOHP40Q ([1663350025,-671648659])
2019/11/03 11:49:47.213 18004  3608 D7   CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6
2019/11/03 11:49:47.213 18004  3608 D7   New Participant added in CParticipantManager WIN-8VLDG9NG6KU ([1225706102,-1115162109])
2019/11/03 11:49:47.214 15412  2020 G7   VoIP: AudioControl: New used capturing endpoint: "Standardkommunikationsgerät"
2019/11/03 11:49:47.214 15412 12012 G7   SessionFeatureVoip::HandleEvent: AllowedToSpeak's new state = 0
2019/11/03 11:49:47.214 15412  2020 G7   VoIP: AudioControl: Previous capturing endpoint: "UndefinedEndpoint"
2019/11/03 11:49:47.214 15412 12012 G7   SessionStateVoip::SetMicrophoneState: Mic's new state = Off / old state = Disabled
2019/11/03 11:49:47.214 15412  2020 G7   VoIP: AudioControl: Previous capturing endpoint volumes: Histogram (#samples=0): 
2019/11/03 11:49:47.214 15412  5868 G7   CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6
2019/11/03 11:49:47.214 15412  5868 G7   New Participant added in CParticipantManager WIN-8VLDG9NG6KU ([1225706102,-1115162109])
2019/11/03 11:49:47.215 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Created for session -671648659
2019/11/03 11:49:47.215 15412  7584 G7   VoIP: Receiver: Session -671648659: Channel created for participant [1225706102,-1115162109] called "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]
2019/11/03 11:49:47.216 15412 12012 G7   SessionFeatureVoip::HandleEvent: AllowedToSpeak's new state = 1
2019/11/03 11:49:47.222 15412  5968 G7   CPersistentParticipantManager::SendPMSynchronizationComplete 07FDF028
2019/11/03 11:49:47.222 15412 12012 G7   CParticipantManager::SynchronizationComplete: session=-671648659, this=07F4FD18
2019/11/03 11:49:47.223 15412 12012 G7   StringCompare locale: 
2019/11/03 11:49:47.223 15412  5868 G7   ReadStreamParameters(): streamID=3 type=5 (StreamType_Chat), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.224 15412  5868 G7   ReadStreamParameters(): streamID=4 type=7 (StreamType_VPN), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.224 15412  5868 G7   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=4 type=7 required=1 supported=1
2019/11/03 11:49:47.225 15412 12012 G7   PrintingDatabaseNotificationHandler::Init: successfully created event Global\tvprint_ab33b492d370482abd6608d6921e348a
2019/11/03 11:49:47.226 15412 13764 G7   VoIP: Sender: Added session -671648659. Meeting id is WIN-8VLDG9NG6KU (1 225 706 102). Our participant id is "DESKTOP-FOHP40Q (1 663 350 025)" [1663350025,-671648659].
2019/11/03 11:49:47.226 15412  1248 G7   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=3 type=5 required=1 supported=1
2019/11/03 11:49:47.227 15412 13764 G7   VoIP: Sender: Session -671648659: VoIP streams: Participant added: "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]
2019/11/03 11:49:47.227 15412  5868 G7   ReadStreamParameters(): streamID=5 type=26 (StreamType_VoIP_Data), source=[1663350025,-671648659], features=1, compression=1
2019/11/03 11:49:47.227 15412 13764 G7   VoIP: Sender: Session -671648659 initialized. 
2019/11/03 11:49:47.227 15412  5868 G7   VoIP: Sender: Session -671648659: VoIP streams: We registered VoIPV3 data stream 5
2019/11/03 11:49:47.227 15412 16960 G7   ReadStreamParameters(): streamID=6 type=25 (StreamType_VoIP_Control), source=[1663350025,-671648659], features=1, compression=1
2019/11/03 11:49:47.227 15412  1248 G7   VoIP: Sender: Session -671648659: VoIP streams: We registered VoIPV3 control stream 6
2019/11/03 11:49:47.227 15412  1248 G7   VoIP: Sender: Session -671648659: VoIP streams: We registered all streams of VoIPV3 channel
2019/11/03 11:49:47.231 18004 21184 D7   CParticipantManager::SynchronizationComplete: session=-671648659, this=0337BFB0
2019/11/03 11:49:47.232 15412  2020 G7   VoIP: AudioControl: New used rendering endpoint: "Standardkommunikationsgerät"
2019/11/03 11:49:47.233 15412  2020 G7   VoIP: AudioControl: Previous rendering endpoint: "UndefinedEndpoint"
2019/11/03 11:49:47.232 18004 21184 D7   SendInfo() executed.
2019/11/03 11:49:47.233 15412 21400 G7   ReadStreamParameters(): streamID=7 type=1 (StreamType_Misc), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:47.234 18004  7716 D7   SendInfo() executed.
2019/11/03 11:49:47.238 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.238 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.238 15412  2020 G7   VoIP: AudioControl: No VoIPRadioAudioControl installed!
2019/11/03 11:49:47.238 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.238 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.239 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.239 15412  2020 G7   VoIP: AudioControl: Establish audio endpoint pair in pipeline
2019/11/03 11:49:47.239 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Creating new session...
2019/11/03 11:49:47.240 15412  2020 G7   VoIP: AudioControl: Audio endpointing disabled!
2019/11/03 11:49:47.240 15412  2020 G7   VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.240 15412  2020 G7   VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ******
2019/11/03 11:49:47.240 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: Build without capturer
2019/11/03 11:49:47.240 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Creating new session succeeded!
2019/11/03 11:49:47.240 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested
2019/11/03 11:49:47.240 15412 18488 G7   VoIP: Sender: ****** Audio: Voice capturer state changed to Unavailable ******
2019/11/03 11:49:47.240 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested
2019/11/03 11:49:47.240 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested
2019/11/03 11:49:47.240 15412 18488 G7   VoIP: Sender: ****** Visible sender status changed to VoiceSenderUnavailable ******
2019/11/03 11:49:47.288 15412 12012 G7   UDPv4: sending pings...: (*)
2019/11/03 11:49:47.330 15412 12012 G7   UDPv4: UHP.PING response received: (*)
2019/11/03 11:49:47.331 15412 12012 G7   UDPv4: UHP.PING response received: (*)
2019/11/03 11:49:47.334 15412 12012 G7   UDPv4: UHP.PING response received: (*)
2019/11/03 11:49:47.334 15412 12012 G7   UDPv4: punching: (*)
2019/11/03 11:49:47.334 15412 12012 G7   UDPv4: PingOK.PunchInit: (*)
2019/11/03 11:49:47.336 15412 16960 G7   UDPv4: UHP.PING response received: (*)
2019/11/03 11:49:47.346 15412 16960 G7   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]
2019/11/03 11:49:47.346 18004 13928 D7   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]
2019/11/03 11:49:47.346 15412  1248 G7   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]
2019/11/03 11:49:47.346 15412 16960 G7   UDPv4: UHP.PING response received: (*)
2019/11/03 11:49:47.406 15412  5868 G7   ReadStreamParameters(): streamID=8 type=1 (StreamType_Misc), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.407 15412 16960 G7   ReadStreamParameters(): streamID=9 type=26 (StreamType_VoIP_Data), source=[1225706102,-1115162109], features=1, compression=1
2019/11/03 11:49:47.407 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner registered VoIPV3 audio stream 9
2019/11/03 11:49:47.407 15412  1248 G7   ReadStreamParameters(): streamID=10 type=25 (StreamType_VoIP_Control), source=[1225706102,-1115162109], features=1, compression=1
2019/11/03 11:49:47.407 15412  7584 G7   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=9 type=26 required=1 supported=1
2019/11/03 11:49:47.407 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: We subscribed VoIPV3 audio stream 9
2019/11/03 11:49:47.408 15412 20856 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner registered VoIPV3 control stream 10
2019/11/03 11:49:47.408 15412 20856 G7   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=10 type=25 required=1 supported=1
2019/11/03 11:49:47.408 15412 12012 G7   VoIP: Sender: Session -671648659: VoIP streams: Partner "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] subscribed VoIPV3 control stream. We have to send an init command.
2019/11/03 11:49:47.408 15412 20856 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: We subscribed VoIPV3 control stream 10 (waiting for init command)
2019/11/03 11:49:47.408 15412 11116 G7   ReadStreamParameters(): streamID=11 type=1 (StreamType_Misc, private), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.408 15412 18488 G7   VoIP: Sender: Session-format channel (-671648659, V3): Init VoIP channel
2019/11/03 11:49:47.408 15412 12012 G7   VoIP: Sender: Session -671648659: VoIP streams: Partners changed subscriptions and so the receiving usage of the VoIPV3 channel changed to 1
2019/11/03 11:49:47.408 15412 18488 G7   VoIP: Sender: Session-format channel (-671648659, V3): VoIPV3BCommandSender: We sent init command on stream 6
2019/11/03 11:49:47.408 15412 13764 G7   VoIP: Sender: Session-format channel (-671648659, V3): Receiving usage by partners changed to 1
2019/11/03 11:49:47.438 15412  5968 G7   ReadStreamParameters(): streamID=12 type=24 (StreamType_Clipboard, private), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.438 15412 12012 G7   ReadStreamParameters(): streamID=13 type=9 (StreamType_DragDrop, private), source=[1225706102,-1115162109], features=1, compression=2
2019/11/03 11:49:47.439 15412 12012 G7   ReadStreamParameters(): streamID=14 type=3 (StreamType_Audio), source=[1225706102,-1115162109], features=1, compression=1
2019/11/03 11:49:47.462 15412  5868 G7   UDPv4: SendUDPPunches: (*)
2019/11/03 11:49:47.551 15412 21400 G7!! DataTransceiver: DataTransceiver => DataTransceiverFileBox::HandleEvent: routerInstance is null
2019/11/03 11:49:47.551 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner sent init command on stream 10
2019/11/03 11:49:47.551 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: Initialize to version V3
2019/11/03 11:49:47.552 18004  7716 D7   InfoCommandHandlerDesktop::ReceivedInfo: connected to 1225706102, client version is 14.7.1965 , OS=13
2019/11/03 11:49:47.552 18004 13928 D7   CacheManager::SetCleanupLimit: 26214400
2019/11/03 11:49:47.552 18004  7716 D7   DisplayQuality m=0, bpp=32, q=80, echo=-1, conRating=2, cpu=13632, capacity=36429, RTT=0, reliability=1, disable animation=1 remove wallpaper=1
2019/11/03 11:49:47.552 15412 12012 G7   ServerThreadInfo connected to 1225706102, client version is 14.7.1965 , OS=13
2019/11/03 11:49:47.552 15412 21400 G7   ReadStreamParameters(): streamID=15 type=1 (StreamType_Misc, private), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:47.553 15412  5868 G7   ReadStreamParameters(): streamID=16 type=2 (StreamType_Screen), source=[1663350025,-671648659], features=127, compression=3
2019/11/03 11:49:47.553 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Building pipeline finished
2019/11/03 11:49:47.553 15412  1248 G7   ReadStreamParameters(): streamID=17 type=10 (StreamType_ScreenVideo), source=[1663350025,-671648659], features=127, compression=1
2019/11/03 11:49:47.554 15412  5968 G7   ReadStreamParameters(): streamID=18 type=24 (StreamType_Clipboard, private), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:47.555 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Added to mixer
2019/11/03 11:49:47.555 15412  7584 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Initialized
2019/11/03 11:49:47.556 15412  5868 G7   ReadStreamParameters(): streamID=19 type=9 (StreamType_DragDrop, private), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:47.556 15412 11116 G7   CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation'
2019/11/03 11:49:47.556 15412 11116 G7   ServerThreadInfo connected to 1225706102, client version is 14.7.1965 , OS=13
2019/11/03 11:49:47.556 15412  1248 G7   MachineHooks: Start DragInterceptor
2019/11/03 11:49:47.557 19828 18672 H32  tv_w32.exe: DragInterceptor: Starting Up
2019/11/03 11:49:47.556 10100 20288 H64  tv_x64.exe: DragInterceptor: Starting Up
2019/11/03 11:49:47.557 19828 18672 H32  tv_w32.exe: DragInterceptor: started
2019/11/03 11:49:47.557 10100 20288 H64  tv_x64.exe: DragInterceptor: started
2019/11/03 11:49:47.557 15412 11116 G7   CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation'
2019/11/03 11:49:47.566 18004   836 D7   runLLHook(): ChangeThreadDesktop(): SetThreadDesktop to default successful
2019/11/03 11:49:47.568 15412  1248 G7   UDPv4: punch received a=91.90.44.21:56034: (*)
2019/11/03 11:49:47.563 19828 18672 H32  tv_w32.exe: Starting Update Hook
2019/11/03 11:49:47.563 10100 20288 H64  tv_x64.exe: Starting Update Hook
2019/11/03 11:49:47.568 15412  1248 G7   UDPv4: send UDPFLOW_PUNCHRECEIVED: (*)
2019/11/03 11:49:47.568 15412  1248 G7   UDPv4: SendUDPPunches: (*)
2019/11/03 11:49:47.568 15412  1248 G7   UDPv4: received punch: (*)
2019/11/03 11:49:47.629 18004  3608 D7   GuiWindowCheckBase::CheckForValidGUIWindows() ok
2019/11/03 11:49:47.651 15412  1248 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:47.651 15412  1248 G7   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38
2019/11/03 11:49:47.675 15412  5968 G7   UDPv4: send UDPFLOW_MTUTESTRECEIVED (size = 448): (*)
2019/11/03 11:49:47.675 15412 11116 G7   UDPv4: send UDPFLOW_MTUTESTRECEIVED (size = 1008): (*)
2019/11/03 11:49:47.707 15412  5968 G7   UDPv4: send UDPFLOW_UDPSENDPOSSIBLE: (*)
2019/11/03 11:49:47.707 15412  1248 G7   UDPv4: send UDPFLOW_UDPSENDPOSSIBLE: (*)
2019/11/03 11:49:47.821 15412 11116 G7!  UHP.DispatchCmd: ignore ccmd type 111
2019/11/03 11:49:47.826 15412 11116 G7   UDPv4: UDP prepare switch received: (*)
2019/11/03 11:49:47.827 15412 11116 G7   UDPv4: [2]: create udp connection was successful: (*)
2019/11/03 11:49:47.827 15412  1248 G7   UDPv6: [2]: create udp connection was not successful: UdpHolePuncher shutting down: (*)
2019/11/03 11:49:47.827 15412 11116 G7!! EmergingUdpConnection[2]::AsyncReceiveHandler receive failed e=10009
2019/11/03 11:49:47.827 15412  1248 G7!  UdpConnection[3]: UDP statistics: nb=7 
2019/11/03 11:49:47.827 15412 11116 G7   CarrierContainer.SendCarrierSwitch: state=1, carrier=2
2019/11/03 11:49:47.878 18004  5596 D7   CGrabMethodDuplication::Initialize() m_State=1
2019/11/03 11:49:47.885 18004  5596 D7   first fullscreen grab time in ms = 6
2019/11/03 11:49:47.896 18004  5596 D7!  Desktop: Grabbed screen is black.
2019/11/03 11:49:47.897 18004  3608 D7   Desktop grab succeeded.
2019/11/03 11:49:47.950 18004  5596 D7   Desktop: Grabbed screen is ok.
2019/11/03 11:49:48.037 18004   896 D7   ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation'
2019/11/03 11:49:48.038 18004   896 D7   InfoCommandHandlerDesktop::ReceivedInfo: connected to 1225706102, client version is 14.7.1965 , OS=13
2019/11/03 11:49:48.038 18004   896 D7   DisplayQuality m=0, bpp=8, q=60, echo=-1, conRating=0, cpu=13632, capacity=0, RTT=0, reliability=2, disable animation=1 remove wallpaper=1
2019/11/03 11:49:48.243 18004   896 D7   ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation'
2019/11/03 11:49:48.244 18004   896 D7   StreamControlDesktop::StreamRegistered: Registered Clipboard Stream (00000012)
2019/11/03 11:49:48.244 18004   896 D7   StreamControlDesktop::StreamRegistered: Registered Drag&Drop Stream (00000013)
2019/11/03 11:49:48.244 18004   896 D7   tvdesktop::MachineControlDesktop::Received_AutoLockOnSessionEnd - received lockWSAfterSessionEnd = false, cp = 0620B478, this = 0655D36C
2019/11/03 11:49:48.244 18004   896 D7   WorkstationLocker::SetAutoLockOnSessionEnd() TVSessionID: -671648659 lock: 0 can lock: 1
2019/11/03 11:49:48.244 18004   896 D7   tvdesktop::MachineControlDesktop::Received_AutoLockOnSessionEnd - received lockWSAfterSessionEnd = false, cp = 0620B478, this = 0655D36C
2019/11/03 11:49:48.244 18004   896 D7   WorkstationLocker::SetAutoLockOnSessionEnd() TVSessionID: -671648659 lock: 0 can lock: 1
2019/11/03 11:49:48.259 18004   896 D7   Desktopencoding: Tiles, buffer depth=32bpp, transmitted color depth=4bpc, features=127
2019/11/03 11:49:48.270 18004   896 D7   Tile caching activated. Size divisor 1
2019/11/03 11:49:48.277 18004   896 D7   CScreenStreamSender::SendDisplayParams() 2560x1080x8 on 16 to 3
2019/11/03 11:49:48.277 15412 11116 G7   RA: RemoteAudioSender get started
2019/11/03 11:49:48.277 15412 12012 G7   StreamCompressor[2]: change compression to ZLibLevel6 for stream 16
2019/11/03 11:49:48.277 15412 11116 G7   RA: Control stream will get created
2019/11/03 11:49:48.285 15412 11116 G7   ReadStreamParameters(): streamID=20 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:48.285 15412 11116 G7   RA: Controlstream succesfull registered with id 20
2019/11/03 11:49:49.736  7016 18492 H64  explorer.exe: ResumeAllThreads: resumed 77 threads, max count 77
2019/11/03 11:49:49.736  7016 18492 H64  explorer.exe: DragInterceptor: interception successful (new interface)
2019/11/03 11:49:50.133 15412 11116 G7   RA: quality suggestion by capacity measurement: (350)
2019/11/03 11:49:50.133 18004   896 D7   Max cache size: 198.40 MB for stream 16
2019/11/03 11:49:50.133 15412 11116 G7   RA: Audio quality set to 32000
2019/11/03 11:49:50.133 18004   896 D7   CacheManager::SetCleanupLimit: 69345826
2019/11/03 11:49:50.133 15412 11116 G7   RA: Control stream will get created
2019/11/03 11:49:50.133 15412 12012 G7!  CStreamManager::StreamUnregistered: Could not find outgoing stream 20
2019/11/03 11:49:50.134 15412 11116 G7   ReadStreamParameters(): streamID=21 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:49:50.134 15412  5968 G7   RA: Controlstream succesfull registered with id 21
2019/11/03 11:49:50.134 18004   896 D7   Received cache version 2 from [1225706102,-1115162109]
2019/11/03 11:49:50.134 18004 13340 D7   Max cache size: 195.20 MB for stream 16
2019/11/03 11:49:50.134 18004 13340 D7   CacheManager::SetCleanupLimit: 68227345
2019/11/03 11:49:50.141 15412  5968 G7   CarrierContainer.ProcessCarrierSwitch: state=2, carrier=2
2019/11/03 11:49:50.141 15412  5968 G7   Activating UDP carrier ...
2019/11/03 11:49:50.243 18004  3076 D7   Caching activated, partners version is 2, own version is 2
2019/11/03 11:49:50.340 18004  3076 D7   Max cache size: 192.00 MB for stream 16
2019/11/03 11:49:50.340 18004  3076 D7   CacheManager::SetCleanupLimit: 67108864
2019/11/03 11:49:50.354 15412 11116 G7   ReadStreamParameters(): streamID=22 type=11 (StreamType_RemoteAudio), source=[1663350025,-671648659], features=1, compression=1
2019/11/03 11:49:50.354 15412 11116 G7   RA: Datastream registered with id 22
2019/11/03 11:49:50.373 15412  5968 G7   UdpOutputTracker(): max 0 effectiveSent 89 RTT 0
2019/11/03 11:49:50.473 15412 11116 G7   RA: New remote audio data subscriber added [1225706102,-1115162109]
2019/11/03 11:49:53.270 15412  5868 G7   UdpOutputTracker(): max 89 effectiveSent 2530 RTT 99860
2019/11/03 11:49:53.985 15412 11116 G7   UdpOutputTracker(): max 2530 effectiveSent 5768 RTT 99860
2019/11/03 11:49:53.996 18004 13928 D7   GlyphEncoderColorCache::CleanUp(): removed 924 colors from cache
2019/11/03 11:49:54.116 15412 12012 G7   UdpOutputTracker(): max 5768 effectiveSent 32379 RTT 99860
2019/11/03 11:49:59.734 15412 12012 G7   Estimated RTT to Router: 49 ms, Reliability: 3, Carrier: 1
2019/11/03 11:50:00.036 18004  7716 D7   DisplayQuality m=0, bpp=8, q=60, echo=125, conRating=0, cpu=13632, capacity=0, RTT=113991, reliability=2, disable animation=1 remove wallpaper=1
2019/11/03 11:50:02.771 15412 16960 G7   UdpOutputTracker(): max 32379 effectiveSent 39013 RTT 98586
2019/11/03 11:50:06.817 15412 12012 G7   StreamCompressionSelectorOutgoing: switching compression to 10 (bandwidth 118028, lan=0)
2019/11/03 11:50:06.817 15412 12012 G7   RA: quality suggestion by capacity measurement: (944229)
2019/11/03 11:50:06.817 15412 12012 G7   RA: Audio quality set to 120000
2019/11/03 11:50:06.817 15412 21196 G7   RA: Stopping capturing thread
2019/11/03 11:50:06.817 15412 21196 G7   RA: LoopbackCapture with 2 discon events within 16531 ms
2019/11/03 11:50:06.817 15412  8288 G7   RA: RemoteAudioSender stopped
2019/11/03 11:50:06.817 15412 12012 G7   RA: LoopBackCapture stopped
2019/11/03 11:50:06.819 15412 12012 G7   RA: RemoteAudioSender stopping...
2019/11/03 11:50:06.819 15412 12012 G7   RA: Control stream will get created
2019/11/03 11:50:06.819 15412 16960 G7!  CStreamManager::StreamUnregistered: Could not find outgoing stream 21
2019/11/03 11:50:06.819 15412 21400 G7!  CStreamManager::StreamUnregistered: Could not find outgoing stream 22
2019/11/03 11:50:06.820 15412 21400 G7   ReadStreamParameters(): streamID=23 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2
2019/11/03 11:50:06.820 15412  5868 G7   RA: Controlstream succesfull registered with id 23
2019/11/03 11:50:06.927 15412 15044 G7   StreamCompressor[2]: change compression to LZ4 for stream 16
2019/11/03 11:50:06.995 15412 16960 G7   StreamCompressor[2]: change compression to LZ4 for stream 15
2019/11/03 11:50:06.998 15412 16960 G7   StreamCompressor[2]: change compression to LZ4 for stream 7
2019/11/03 11:50:07.075 15412 21400 G7   ReadStreamParameters(): streamID=24 type=11 (StreamType_RemoteAudio), source=[1663350025,-671648659], features=1, compression=1
2019/11/03 11:50:07.075 15412 21400 G7   RA: Datastream registered with id 24
2019/11/03 11:50:07.174 15412 16960 G7   RA: New remote audio data subscriber added [1225706102,-1115162109]
2019/11/03 11:50:08.916 15412 15044 G7   UdpOutputTracker(): max 39013 effectiveSent 44092 RTT 98545
2019/11/03 11:50:11.787 15412  5868 G7   Estimated RTT to 1225706102: 110 ms, Reliability: 3, Carrier: 2
2019/11/03 11:50:12.792 15412 17700 G7   CMainWindow::InitCloseTV(): Prepare to close TeamViewer
2019/11/03 11:50:12.793 15412 17700 G7!! DataTransceiver: DataTransceiver => DataTransceiverBaseInstance::AbortTransfer: m_transferProtocol is null
2019/11/03 11:50:12.793 15412 17700 G7   RA: RemoteAudioSender get stopped
2019/11/03 11:50:12.793 15412  1748 G7   RA: Stopping capturing thread
2019/11/03 11:50:12.793 15412  1748 G7   RA: LoopbackCapture with 2 discon events within 5765 ms
2019/11/03 11:50:12.793 15412 12992 G7   RA: RemoteAudioSender stopped
2019/11/03 11:50:12.793 15412 17700 G7   RA: LoopBackCapture stopped
2019/11/03 11:50:12.795 15412 17700 G7   RA: RemoteAudioSender stopping...
2019/11/03 11:50:12.795 15412 16960 G7!  CStreamManager::StreamUnregistered: Could not find outgoing stream 24
2019/11/03 11:50:12.795 15412 21400 G7!  CStreamManager::StreamUnregistered: Could not find outgoing stream 23
2019/11/03 11:50:12.797 15412 11116 G7   CPersistentParticipantManager::RemoveParticipant: [1663350025,-671648659]
2019/11/03 11:50:12.797 15412 11116 G7   CStreamManager::ParticipantRemoved: Our own participant was removed, we must terminate our session
2019/11/03 11:50:12.797 15412 17700 G7   RA: RemoteAudioSender get stopped
2019/11/03 11:50:12.797 15412 18488 G7   VoIP: Sender: Removed session -671648659
2019/11/03 11:50:12.798 15412 12012 G7!  UdpConnection[4]: UDP statistics: scf=110 nb=138 
2019/11/03 11:50:12.798 15412  1248 G7   CarrierContainer.SendCarrierSwitch: state=2, carrier=1
2019/11/03 11:50:12.798 15412  1248 G7   UdpCarrierDeactivationState::DiscloseStateToCarrier: flush send buffer to partner (1 commands)
2019/11/03 11:50:12.798 15412  1248 G7   Activating Router carrier
2019/11/03 11:50:12.842 15412 12012 G7!  Carrier[2]::EndCarrierInternal: Discarded 2 commands, ClientID 1225706102, ShutdownGracefully 1, SessionType_RoutingSession
2019/11/03 11:50:12.842 15412 12012 G7   ConnectionGuard: no restrictions
2019/11/03 11:50:12.842 15412 18932 G7   VoIP: Receiver: Remove channels of all participants of session -671648659
2019/11/03 11:50:12.842 15412 18932 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Removed from mixer
2019/11/03 11:50:12.843 15412 17340 G7   Periods (in ms): Variability (#samples=0): (Undefined)
2019/11/03 11:50:12.843 15412 18932 G7   VoIP: Receiver: Session -671648659: Channel removed for participant [1225706102,-1115162109] called "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]
2019/11/03 11:50:12.843 15412 17340 G7   Periods (in ms): Histogram (#samples=0): avg=0.000000, 
2019/11/03 11:50:12.843 15412 18932 G7   VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): JitterBuffer statistics block (JBS V5) (StreamId=9): -------------------
2019/11/03 11:50:12.843 15412 18932 G7   JBS ("WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]): JitterBuffer was permanently shut!
2019/11/03 11:50:12.843 15412 18932 G7   VoIP: Receiver: Removed session -671648659
2019/11/03 11:50:12.845 15412 12012 G7   SessionStatistics[2] Session to 1225706102 ended. Estimated capacity=944229kBit/s, Latency=110ms
2019/11/03 11:50:12.846 15412 12012 G7   DesktopProcessControl::StopDesktopProcess terminate process 18004 in session 7
2019/11/03 11:50:12.846 15412 12012 G7   InterProcessNetwork::TerminateProcessInSession session=7, ptype=4
2019/11/03 11:50:12.846 18004  3608 D7   SessionManagerDesktop::SessionTerminate: removing session with TVSessionID = -671648659
2019/11/03 11:50:12.846 18004  3608 D7   WorkstationLocker::OnSessionEnd() TVSessionID: -671648659
2019/11/03 11:50:12.895 15412 17700 G7   CMainWindow::OnDestroy(): Closing TeamViewer
2019/11/03 11:50:12.902 15412 17700 G7   Chat::Stop: Stopping chat
2019/11/03 11:50:12.902 15412 17700 G7   ChatManager::UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration
2019/11/03 11:50:12.902 15412 17700 G7   IncomingCommandRegistration::Stop: disconnecting ready state properties
2019/11/03 11:50:12.902 15412 17700 G7   IncomingCommandRegistration::UnregisterIncomingCommands: Unregistering incoming commands
2019/11/03 11:50:12.902 15412 17700 G7   InterProcessBase::SecureNetworkCallbackHandle destroyed (RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb)
2019/11/03 11:50:12.902 15412 11116 G7   SecureNetworkIPCAdapter::UnregisterSharedBCmdCallback(): RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb
2019/11/03 11:50:12.902 15412 12012 G7   ChatManager::Close
2019/11/03 11:50:12.902 15412 12012 G7   ChatManager::UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration
2019/11/03 11:50:12.902 15412 12012 G7   ChatManager::ClearAccountChat: clearPersistently = 0
2019/11/03 11:50:12.902 15412 12012 G7   ChatManager::ClearNonAccountChat
2019/11/03 11:50:12.902 15412 12012 G7   ChatManager::~ChatManager: destroyed
2019/11/03 11:50:12.902 15412 12012 G7   IncomingBetterChatCommandHandler::IncomingBetterChatCommandHandler: destroyed
2019/11/03 11:50:12.903 15412 17700 G7   TrayIcon HWND does not exist!
2019/11/03 11:50:12.903 15412 20112 G7   MachineHooks: got quit event
2019/11/03 11:50:12.904 15412 17700 G7   MachineHooks: Stop DragInterceptor
2019/11/03 11:50:12.904 15412 17700 G7   ~MachineHooks: refcount = 1
2019/11/03 11:50:12.932 15412 17700 G7   VoIP: DestroyComponents start
2019/11/03 11:50:12.932 15412 18488 G7   VoIP: Sender: Terminate
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: TickUsersAndSinksHub: Stopping tick usage...
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: Audio pipeline: TickUsersHub: Stopping tick usage...
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: EndTickUsage
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: Audio pipeline: TickUsersHub: Tick usage stopped by all users
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: TickUsersAndSinksHub: Tick usage stopped by all users
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: Audio pipeline: StopTicking called
2019/11/03 11:50:12.932 15412 18932 G7   VoIP: Receiver: Terminate
2019/11/03 11:50:12.932 15412 13764 G7   VoIP: Sender: Audio pipeline: Terminate
2019/11/03 11:50:12.933 15412 18488 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: StopTicking called
2019/11/03 11:50:12.933 15412 18932 G7   VoIP: Receiver: Audio pipeline: Channel-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Variability (#samples=0): (Undefined)
2019/11/03 11:50:12.933 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: TerminatePipeline called
2019/11/03 11:50:12.933 15412 18932 G7   VoIP: Receiver: Audio pipeline: Channel-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Histogram (#samples=0): avg=0.000000, 
2019/11/03 11:50:12.933 15412 18488 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: ****** Terminate ******
2019/11/03 11:50:12.933 15412 13764 G7   VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Session terminated (RebuildingAutoVoiceCapturerSession #0)
2019/11/03 11:50:12.933 15412 18932 G7   Periods (in ms): Variability (#samples=0): (Undefined)
2019/11/03 11:50:12.933 15412 18488 G7   VoIP: Sender: ****** Audio: Voice capturer state changed to Uninitialized ******
2019/11/03 11:50:12.933 15412 18932 G7   Periods (in ms): Histogram (#samples=0): avg=0.000000, 
2019/11/03 11:50:12.933 15412 18488 G7   VoIP: Sender: ****** Visible sender status changed to VoiceSenderMainStatusUndefined ******
2019/11/03 11:50:12.933 15412 18932 G7   VoIP: Receiver: Audio pipeline: Final-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Variability (#samples=0): (Undefined)
2019/11/03 11:50:12.933 15412 18932 G7   VoIP: Receiver: Audio pipeline: Final-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Histogram (#samples=0): avg=0.000000, 
2019/11/03 11:50:12.934 15412  1248 G7   VoIP: Receiver: ThreadPool: StopThreads
2019/11/03 11:50:12.934 15412 17700 G7!  VoIP: Sender: Audio pipeline: AutoVoiceCapturer data ticking: Periods (in ms): Variability (#samples=0): (Undefined)
2019/11/03 11:50:12.934 15412 17700 G7!  VoIP: Sender: Audio pipeline: AutoVoiceCapturer data ticking: Periods (in ms): Histogram (#samples=0): avg=0.000000, 
2019/11/03 11:50:12.934 15412 12012 G7   Sender ThreadpoolThreadPool: StopThreads
2019/11/03 11:50:12.935 15412 17700 G7   VoIP: DestroyComponents end
2019/11/03 11:50:12.935 15412 11116 G7   VoIP: AudioControl (a ThreadPool): StopThreads
2019/11/03 11:50:12.952 15412  5868 G7!! InterProcessBase::ProcessControlCommand Command 19 not handled
2019/11/03 11:50:12.952 15412 17700 G7   VoIP: Destructor
2019/11/03 11:50:12.952 15412 17700 G7   InterProcessBase::SecureNetworkCallbackHandle destroyed (RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a)
2019/11/03 11:50:12.953 15412  5868 G7   SecureNetworkIPCAdapter::UnregisterSharedBCmdCallback(): RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a
2019/11/03 11:50:12.953 15412 17700 G7   interprocessbase::SecureNetwork destroyed
2019/11/03 11:50:12.953 15412  5868 G7   InterProcessNetwork: Received DisconnectIPC from processID 15412 (ProcessType: 2 in Session 7) with reason 1
2019/11/03 11:50:12.953 15412  5868 G7   InterProcessBase::EventFunctionInternal(): IPC-Connection Closed
2019/11/03 11:50:12.953 15412  1248 G7   InterProcessNetwork::ProcessDisconnected(): ConnectionClosed session=7 ptype=2
2019/11/03 11:50:12.953 15412 11116 G7   NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=0 restart=0
2019/11/03 11:50:12.953 15412 11116 G7   TeamViewer is going offline!
2019/11/03 11:50:12.954 15412 17700 G7!! SpecificThreadCallWin::~SpecificThreadCallWin(): m_PostCallbacks not empty
2019/11/03 11:50:12.954 15412  5968 G7   NetworkControl shutdown started
2019/11/03 11:50:13.043 15412  1248 G7   SecureNetworkConnection::SendCallbackHandler(): [ remoteID: 13 connection: 4079818667 remoteConnection: 0 ], Error: RCommand (Cancel)
2019/11/03 11:50:13.043 15412  1248 G7   SecureNetworkConnection::SendCallbackHandler(): [ remoteID: 13 connection: 4079818667 remoteConnection: 0 ] Resetting connection due to error RCommand (Cancel)
2019/11/03 11:50:13.043 15412  1248 G7   RetryHandle::HandleRetry(): Trying resend to 13 failed with error RCommand:3, not retrying (2 retries would remain) BCmd: CC=19 CT=3
2019/11/03 11:50:13.043 15412  1248 G7!  ConfigurationControllerImpl::HandleProviderUnregistrationResponse(): unregister failed with error RCommand:3
2019/11/03 11:50:13.043 15412  5968 G7!! SecureNetworkHandshake::ReceiveAckCallback: [remote ID: 13, connection ID: 4079818667] errorcode: Cancel(3)
2019/11/03 11:50:13.044 15412  1248 G7   TVRouterClock Schedule next request in 0 seconds
2019/11/03 11:50:13.044 15412  1248 G7!  KeepAliveSessionOutgoing::ConnectEndedHandler(): KeepAliveConnection[1] with router11.teamviewer.com ended
2019/11/03 11:50:13.045 15412 11116 G7   SHMR: Destroying shared memory
2019/11/03 11:50:13.045 15412  5968 G7   CAcceptServer::HandleAccept: socket closed
2019/11/03 11:50:13.045 15412 11116 G7   RemoteSessionManager::ClearAllRemoteSessions(): RemoteSession Count: 0
2019/11/03 11:50:13.045 15412 17700 G7   NetworkControl shutdown done
2019/11/03 11:50:13.012  7016 18492 H64  explorer.exe: DragInterceptor: restored interface (v2)
2019/11/03 11:50:13.012  7016 18492 H64  explorer.exe: dll can unload now
2019/11/03 11:50:13.226 18004  5596 D7   DesktopThread ended
2019/11/03 11:50:13.230 18004  3608 D7   DesktopThread stopped
2019/11/03 11:50:13.231 18004  3608 D7   tvdesktop::InputBlocker::Shutdown(false)
2019/11/03 11:50:13.231 18004  3608 D7   tvdesktop::InputBlocker::EnableInputAsync(true)
2019/11/03 11:50:13.231 18004  3608 D7   tvdesktop::UserInteractionHelper::SendInputChangedCmd : inputDisabled:0; blackScreenEnabled: 0
2019/11/03 11:50:13.231 18004  3608 D7   tvdesktop::BlackScreen::Shutdown(0)
2019/11/03 11:50:13.231 18004  3608 D7   CollectionOrchestrator::~CollectionOrchestrator()
2019/11/03 11:50:13.232 18004  1824 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5
2019/11/03 11:50:13.232 18004 13928 D7   Received Control_TerminateProcess
2019/11/03 11:50:13.232 18004 15196 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5
2019/11/03 11:50:13.233 18004 13928 D7   Received Control_TerminateProcess
2019/11/03 11:50:13.234 18004 13928 D7   Received Control_DisconnectIPC processtype=2
2019/11/03 11:50:13.234 18004 13928 D7   Received Control_DisconnectIPC processtype=2
2019/11/03 11:50:13.264 18004 15736 D7   tvdesktop::InputBlocker::Shutdown(false)
2019/11/03 11:50:13.264 18004 15736 D7   tvdesktop::InputBlocker::EnableInputAsync(true)
2019/11/03 11:50:13.264 18004 15736 D7   tvdesktop::UserInteractionHelper::SendInputChangedCmd : inputDisabled:0; blackScreenEnabled: 0
2019/11/03 11:50:13.264 18004  1824 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5
2019/11/03 11:50:13.264 18004 15196 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5
2019/11/03 11:50:13.264 18004 15736 D7   tvdesktop::BlackScreen::Shutdown(0)
2019/11/03 11:50:13.264 18004 15736 D7!  CDesktop_Win::ShutDown(): Failed to reset the timer resolution.
2019/11/03 11:50:13.265 18004 15736 D7   ~MachineHooks: refcount = 0
2019/11/03 11:50:13.265 18004 15736 D7   MachineHooks: Stopping Loaders!
2019/11/03 11:50:13.265 18004 15736 D7   interprocessbase::SecureNetwork destroyed
2019/11/03 11:50:13.266 15412  1248 G7   InterProcessNetwork: Received DisconnectIPC from processID 18004 (ProcessType: 4 in Session 7) with reason 4
2019/11/03 11:50:13.266 18004 13928 D7   CTcpProcessConnector::HandleRead(): Socket gracefully closed (PID=15412)
2019/11/03 11:50:13.266 15412  1248 G7   DesktopProcessControl::ProcessDisconnected: terminating process pid 18004 in session 7 disconnected
2019/11/03 11:50:13.266 18004 13928 D7   CTcpProcessConnector::CloseConnection(): PID=15412
2019/11/03 11:50:13.266 18004 13928 D7   InterProcessBase::EventFunctionInternal(): IPC-Connection Closed
2019/11/03 11:50:13.266 18004 13928 D7   CTcpProcessConnector::CloseConnection(): PID=15412
2019/11/03 11:50:13.266 15412 11116 G7   CTcpProcessConnector::HandleRead(): Socket gracefully closed (PID=18004)
2019/11/03 11:50:13.266 15412 11116 G7   CTcpProcessConnector::CloseConnection(): PID=18004
2019/11/03 11:50:13.266 15412 11116 G7   InterProcessNetwork::ProcessDisconnected(): ConnectionClosed session=7 ptype=4
2019/11/03 11:50:13.267 10100 20288 L64  Exit
2019/11/03 11:50:13.268 19828 18672 L32  Exit
2019/11/03 11:50:13.321 15412 21932 G7   DesktopProcessControl::OnProcessTerminated: Process 18004 in session 7 has terminated
         
DarkComet RAT Remover hat nichts gefunden
__________________


Alt 03.11.2019, 13:15   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Microsoft Office Professional Plus 2016
Microsoft Project Professional 2016
Microsoft Visio Professional 2016
Microsoft SQL Server 2014 (64-bit)
SOLIDWORKS 2019 SP01
Vegas Pro 13.0 (64-bit)
Erklärung für diese sündhaft teuren Programme? Das ist doch nicht nur zum reinen Privatvergnügen.
__________________
__________________

Alt 03.11.2019, 13:22   #4
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Erklärung für diese sündhaft teuren Programme? Das ist doch nicht nur zum reinen Privatvergnügen.
Die Office Reihen kosten über Keyseller gerne weniger, Solidworks nutze ich derzeit noch gratis als angehender Techniker. Vegas kommt aus dem Netz, stellt das ein Problem für Sie da?

Grüße

Alt 03.11.2019, 13:23   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von TrainandGame Beitrag anzeigen
Vegas kommt aus dem Netz, stellt das ein Problem für Sie da?
Du crackst also gerne Programme, Borderlands 3 wolltest du ja auch über JDownloader runterladen.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.11.2019, 13:25   #6
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Gerne entferne ich Vegas, wie kann ich Ihnen eine Deinstallation beweisen ?
Grüße

Alt 03.11.2019, 13:29   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Da muss noch mehr an unnötigem oder altem Krempel runter, das u.g. auch deinstallieren und dann neue Logs mit FRST.

Adobe Flash Player 32 PPAPI
Ashampoo WinOptimizer 14
Ashampoo WinOptimizer 16
Bitdefender Agent
Bitdefender Internet Security
Bitdefender VPN
IObit Uninstaller 9
Java 8 Update 211 (64-bit)
PDFCreator
Updater
WinRAR 5.50 (64-Bit)
Vegas Pro 13.0 (64-bit)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.11.2019, 13:34   #8
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Da muss noch mehr an unnötigem oder altem Krempel runter, das u.g. auch deinstallieren und dann neue Logs mit FRST.

Adobe Flash Player 32 PPAPI
Ashampoo WinOptimizer 14
Ashampoo WinOptimizer 16
Bitdefender Agent
Bitdefender Internet Security
Bitdefender VPN
IObit Uninstaller 9
Java 8 Update 211 (64-bit)
PDFCreator
Updater
WinRAR 5.50 (64-Bit)
Vegas Pro 13.0 (64-bit)
Einen Moment bitte :-)
Folgende Anwendungen wurden rechtmäßig erworben:

Ashampoo WinOptimizer 14
Ashampoo WinOptimizer 16
Bitdefender Agent
Bitdefender Internet Security
Bitdefender VPN

Folgende Anwendungen bieten eine konstenlose Testversion an, bzw sind konstenlos:
Flashplayer !?!?
WinRAR 5.50 (64-Bit)
IObit Uninstaller 9
PDFCreator
Java


Damit verbleibt mir nur Vegas zu entfernen.

Bitte erläutern Sie mir wieso ich Gratis-Tools sowie gekaufte Lizenzen entfernen soll?

Grüße
(Vegas bereits entfernt, logs kommen sobald wir das obige Problem erläutert haben)

Geändert von TrainandGame (03.11.2019 um 13:52 Uhr)

Alt 03.11.2019, 13:51   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Bitte richtig lesen. Da steht nirgends, dass das runter muss weil illegal.

So ein Schrott wie WinOptimizer oder auch TuneUp machen Windows kaputt.
Und Security Suites waren schon immer kontraproduktiver Müll, wenn nahm man früher einen reinen Virenscanner - heute ist nicht mehr nötig, da Windows 10 den Windows Defender hat.
__________________
Logfiles bitte immer in CODE-Tags posten

Geändert von cosinus (03.11.2019 um 14:19 Uhr) Grund: typo

Alt 03.11.2019, 13:57   #10
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Bitte richtig lesen. Da steht nirgends, dass das runter muss weil illegal.

So ein Schrott wie WinOptimizer oder auch TuneUp machen Windows kaputt.
Und Security Suites sind waren schon immer kontraproduktiver Müll, wenn nahm man früher einen reinen Virenscanner - heute ist nicht mehr nötig, da Windows 10 den Windows Defender hat.
Diverse Sachen aus der Liste habe ich nun entfernt, was illegal ist sowieso.
Aber eben nicht alles, wieso ich WinRaR z.B entfernen sollte erschließt sich mir nicht als Windows Nutzer.
Bei der Wahl meines Antivir bitte ich ebenfalls meine Entscheidung dahingehend zu respektieren und persönliche Empfehlungen hier zurückzuhalten.
Gerne entferne ich alles, was einen Regelverstoß ergibt, jedoch nicht was aus persönlichen Meinungen entsteht und nicht in Konflikt mit den Boardregeln steht oder nicht Teil meines Problems ist

Trotzdem danke ich Ihnen für Ihre Hilfe, diverse Programme habe ich entfernt.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
durchgeführt von sasch (Administrator) auf DESKTOP-FOHP40Q (03-11-2019 13:54:44)
Gestartet von C:\Users\sasch\Desktop
Geladene Profile: sasch (Verfügbare Profile: sasch & OVRLibraryService)
Platform: Windows 10 Pro Version 1809 17763.805 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\WO16.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Dassault Systèmes SolidWorks Corp.) [Datei ist nicht signiert] C:\SolidWorks_Flexnet_Server\sw_d.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe
(Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectMonitor.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectService.exe
(Microsoft Corporation -> ) C:\Windows\System32\Kinect\KStudioHostService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oculus VR, LLC -> ) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera_crashreporter.exe
(Razer USA Ltd. -> ) C:\Windows\System32\RZSurroundHelper.exe
(Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-04-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\Syswow64\cm108.dll [13463552 2014-03-11] (C-Media Corporation) [Datei ist nicht signiert]
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner2.exe [4507552 2019-02-18] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [RZSurroundHelper] => C:\WINDOWS\system32\RZSurroundHelper.exe [382704 2019-06-07] (Razer USA Ltd. -> )
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [456088 2019-10-13] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SE61T-UserTools] => C:\Program Files (x86)\uRage Reaper nxt\uRage Reaper nxt..exe [1976832 2015-05-22] (TODO: <公司名>) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SKILLER SGK4] => C:\Program Files (x86)\SKILLER SGK4\Monitor.exe [503808 2018-06-23] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [OculusTrayTool] => C:\Program Files (x86)\Oculus Tray Tool\OculusTrayTool.exe [1404928 2019-07-04] (ApollyonVR) [Datei ist nicht signiert]
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1788400 2018-09-28] (LG Electronics Inc. -> TODO: <Company name>)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3278288 2019-10-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [Discord] => C:\Users\sasch\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27146448 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7611464 2019-09-15] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\MountPoints2: {4725549b-7809-11e9-a081-3497f6383a15} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\MountPoints2: {95a01ebb-b136-11e9-a093-3497f6383a15} - "E:\HiSuiteDownLoader.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Fast Start.lnk [2019-08-24]
ShortcutTarget: SOLIDWORKS 2019 Fast Start.lnk -> C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Hintergrund-Downloader.lnk [2019-08-24]
ShortcutTarget: SOLIDWORKS Hintergrund-Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
InternetURL: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FileHoster.url -> URL: file:///C:/Users/sasch/AppData/Roaming/FileHoster.exe
Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-05-31]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Open Source Developer, Thomas Markham -> Rainmeter)
Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-05-31]
ShortcutTarget: Twitch.lnk -> C:\Users\sasch\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1672496E-8949-4FE5-AD2B-20D44B677148} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F8F6DDB-823D-43C7-8B33-AD0C996414C2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {214B26C2-8FF0-4865-9FBE-4CBD4D1651F4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {30E93B17-5356-439F-ABDF-594D13945A19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {50BC001F-2F25-4FDC-82FF-05812E1F6D0F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {59CB7FB3-FF1E-46E8-B7FE-776D2198F5B3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7AB61240-F9FB-4CB4-A4B4-D36962A48325} - System32\Tasks\Opera scheduled Autoupdate 1522585103 => C:\Program Files\Opera\launcher.exe [1520152 2019-10-04] (Opera Software AS -> Opera Software)
Task: {8433E01D-46B8-4A8F-A0D6-5597F7850AFC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9078D9A6-0D40-4062-AE42-FB79F5D0C38A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {B6CAB73E-BF80-4907-84EB-A2D40E0E2A1E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC008A8A-1A87-4522-A837-597E2A16E955} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0FDB901-7672-42FD-A94F-2A85CA6F7504} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4463936 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4F37BBB-1665-4CF6-8233-CF5BE0E0F003} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEE255EC-1CA1-47F2-B494-42E572822A9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4463936 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0E96138-7828-4507-8E78-9803A42226A0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3D89EF0-AB17-4324-998D-31FAF755B151} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED0ADD49-A216-4EA5-8C1D-173B1B74E274} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFDD1EF4-191B-4276-8D07-F3EB13F06472} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {F0C88797-E65D-4476-B6A1-2B593B971756} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7CD9F9F-2AEC-4F6E-9C9E-B025542051DE} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [522504 2019-10-16] (Bitdefender SRL -> Bitdefender)
Task: {F8D4F491-9E9D-4D6A-88BA-9B9F145D5E6C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC694FF9-3A60-435F-A2C7-13DCC7691437} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{79082cd2-0b75-4890-b797-d9a2c11443f7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKU\S-1-5-21-1368799669-3117233153-4274516567-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1368799669-3117233153-4274516567-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 75ixojxb.default
FF DefaultProfile: d8v3etzk.default
FF ProfilePath: C:\Users\sasch\AppData\Roaming\Supermedium\Profiles\75ixojxb.default [2019-07-13]
FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\d8v3etzk.default [2019-08-17]
FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\b0vvmwdj.default-release [2019-10-13]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-09-22]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-10-16]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-03-06] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\NPCOMP~1.DLL [2018-12-26] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\x86\NPCOMP~1.DLL [2018-12-26] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-10-04] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-10-04] <==== ACHTUNG

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Notifications: hxxps://coin-update.de; hxxps://coincierge.de; hxxps://de.cointelegraph.com; hxxps://ethereumworldnews.com; hxxps://web.whatsapp.com; hxxps://www.desktophut.com; hxxps://www.instagram.com; hxxps://www.pcwelt.de; hxxps://www.reddit.com; hxxps://www.tradingview.com
OPR StartupUrls: 
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-06-07]
OPR Extension: (WhatsApp Launcher) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\hagnfpbbhgmdlpfclekicpodfeoakino [2019-07-30]
OPR Extension: (Whatsapp™ For PC) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\jjimieccdnabogjoebnblfaahgipddcm [2018-11-21]
OPR Extension: (uBlock Origin) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-10-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [322432 2019-06-04] (AnchorFree Inc -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-23] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [471120 2019-10-13] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-05-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11636808 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [49704 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe [406016 2019-02-18] (mst software GmbH, Germany) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-07-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-12-26] (Trace Software International -> )
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-03-01] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791624 2019-09-15] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7170632 2019-06-12] (GOG Sp. z o.o. -> GOG.com)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [924472 2018-12-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 KinectMonitor; C:\WINDOWS\system32\Kinect\KinectMonitor.exe [29568 2018-11-11] (Microsoft Corporation -> )
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2403120 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3282736 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [145336 2019-10-28] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [917432 2019-10-28] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2019-09-08] (Even Balance, Inc. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [263168 2018-12-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SolidWorks Flexnet Server; C:\SolidWorks_Flexnet_Server\lmgrd.exe [1393128 2018-09-21] (Flexera Software LLC -> Flexera Software LLC)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-08-24] (SolidWorks) [Datei ist nicht signiert]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2019.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [61328 2018-12-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 SWVisualize2019.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [27024 2018-12-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [146472 2019-10-16] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe [308128 2019-02-18] (Ashampoo GmbH & Co. KG -> )
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1586784 2019-09-22] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [399824 2019-09-22] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2019-09-22] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-16] (Bitdefender SRL -> BitDefender)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46944 2019-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [23392 2019-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-11-03] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [596632 2019-10-16] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2019-05-31] (Bitdefender SRL -> BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-01] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-05-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [196392 2019-09-22] (Bitdefender SRL -> Bitdefender)
S3 KinectSensor; C:\WINDOWS\system32\DRIVERS\KinectSensor.sys [95920 2014-10-19] (Microsoft Corporation -> )
R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys [14320 2019-02-18] (Ashampoo GmbH & Co. KG -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 OCULUSUDSVR; C:\WINDOWS\system32\DRIVERS\OCULUSUD.sys [3867552 2019-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2019-10-06] (Oculus VR, LLC -> Facebook Inc.)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-03-04] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R3 VUSB3HUB; C:\WINDOWS\System32\drivers\ViaHub3.sys [227840 2013-12-11] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [47616 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 xhcdrv; C:\WINDOWS\System32\drivers\xhcdrv.sys [297984 2013-12-11] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\sasch\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
U4 npcap_wifi; kein ImagePath
S3 OCULUSVRHEADSET; \SystemRoot\system32\DRIVERS\OCULUS119B.sys [X]
S3 OCUSBVID; \SystemRoot\System32\drivers\ocusbvid111.sys [X]
S3 sRZVAD; \SystemRoot\system32\DRIVERS\RZSurround.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-03 13:10 - 2019-11-03 13:10 - 001767759 _____ C:\Users\sasch\Downloads\DarkCometRemover2.zip
2019-11-03 13:10 - 2013-04-08 20:31 - 001702400 _____ (PhrozenSoft) C:\Users\sasch\Desktop\DarkComet Remover 2 Portable.exe
2019-11-03 12:20 - 2019-11-03 13:55 - 000040442 _____ C:\Users\sasch\Desktop\FRST.txt
2019-11-03 12:09 - 2019-11-03 12:09 - 007622344 _____ (Malwarebytes) C:\Users\sasch\Desktop\AdwCleaner.exe
2019-11-03 12:08 - 2019-11-03 13:55 - 000000000 ____D C:\FRST
2019-11-03 12:08 - 2019-11-03 12:08 - 001619456 _____ (Farbar) C:\Users\sasch\Desktop\FRST64.exe
2019-11-03 12:03 - 2019-11-03 12:03 - 000388608 _____ (Trend Micro Inc.) C:\Users\sasch\Desktop\HijackThis.exe
2019-11-03 11:49 - 2019-11-03 11:49 - 000000000 ____D C:\Users\sasch\AppData\Roaming\TeamViewer
2019-11-03 11:48 - 2019-11-03 11:48 - 000000000 ____D C:\Users\sasch\AppData\Roaming\AnyDesk
2019-11-03 11:10 - 2019-11-03 11:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\alocal
2019-11-03 11:10 - 2019-11-02 13:54 - 016726016 _____ C:\Users\sasch\AppData\Roaming\FileHoster.exe
2019-11-03 11:06 - 2019-11-03 11:06 - 000004009 _____ C:\Users\sasch\Downloads\Borderlands 3 (3).nzb
2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3.nzb
2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3 (2).nzb
2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3 (1).nzb
2019-11-03 10:56 - 2019-11-03 10:56 - 000000000 ____D C:\Users\sasch\Downloads\incomplete
2019-11-03 10:56 - 2019-11-03 10:56 - 000000000 ____D C:\Users\sasch\AppData\Local\sabnzbd
2019-11-03 10:52 - 2019-11-03 10:54 - 012139609 _____ C:\Users\sasch\Downloads\SABnzbd-2.3.9-win64-bin.zip
2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NZBGet
2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\ProgramData\NZBGet
2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\Program Files\NZBGet
2019-11-03 10:46 - 2019-11-03 10:46 - 005683947 _____ C:\Users\sasch\Desktop\nzbget-21.0-bin-windows-setup.exe
2019-11-02 21:49 - 2019-11-02 21:49 - 000000000 ____D C:\Users\sasch\AppData\Roaming\YURinc
2019-11-01 19:50 - 2019-11-01 19:50 - 000036987 _____ C:\Users\sasch\Downloads\Lockpick Pro v3-1989-3.zip
2019-11-01 17:59 - 2019-11-01 17:59 - 002534378 _____ C:\Users\sasch\Downloads\enbseries_skyrimvr_v0391.zip
2019-11-01 17:56 - 2019-11-01 17:56 - 000341096 _____ C:\Users\sasch\Downloads\Sin Xtreme Realism Enb V372d-831-V-372d-1551307734.rar
2019-11-01 17:56 - 2019-02-22 23:47 - 000000000 ____D C:\Users\sasch\Desktop\SinXRv372d
2019-11-01 16:40 - 2019-11-01 16:40 - 000001863 _____ C:\Users\sasch\Desktop\sksevr_loader.exe - Verknüpfung.lnk
2019-11-01 12:38 - 2019-11-01 12:38 - 000751557 _____ C:\Users\sasch\Downloads\sksevr_2_00_10.7z
2019-11-01 12:38 - 2018-05-27 05:33 - 000000000 ____D C:\Users\sasch\Desktop\sksevr_2_00_10
2019-11-01 11:42 - 2019-11-01 11:45 - 005192280 _____ (Husdawg, LLC) C:\Users\sasch\Desktop\Detection.exe
2019-10-31 18:39 - 2019-10-31 18:39 - 000010923 _____ C:\Users\sasch\Desktop\doc.pdf
2019-10-29 18:27 - 2019-10-29 18:27 - 047453544 _____ C:\Users\sasch\Downloads\MSIAfterburnerSetup.zip
2019-10-26 19:39 - 2019-10-26 19:42 - 049339793 _____ C:\Users\sasch\Downloads\ModernArch-256x.mcpack
2019-10-26 19:39 - 2019-10-26 19:40 - 012746891 _____ C:\Users\sasch\Downloads\ModernArch-128x.mcpack
2019-10-18 20:58 - 2019-10-18 20:58 - 000153159 _____ C:\Users\sasch\Downloads\BlueOcean PE .mcpack
2019-10-18 20:52 - 2019-10-18 20:52 - 011333633 _____ C:\Users\sasch\Downloads\Feluxis RealistPack v9.0 b1.zip
2019-10-18 20:52 - 2019-10-18 20:52 - 000000000 ____D C:\Users\sasch\Desktop\Feluxis RealistPack v9.0 b1
2019-10-17 12:57 - 2019-10-17 12:57 - 000045936 _____ C:\ProgramData\vpn.1571313448.15504.bin
2019-10-17 12:57 - 2019-10-17 12:57 - 000038300 _____ C:\ProgramData\vpn.uninstall.1571313452.bdinstall.bin
2019-10-17 12:57 - 2019-10-17 12:57 - 000034289 _____ C:\ProgramData\vpn.1571313448.18104.bin
2019-10-17 12:57 - 2019-10-17 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2019-10-14 18:30 - 2019-10-14 18:30 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-14 18:30 - 2019-10-14 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-08 19:24 - 2019-10-08 19:24 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 023455744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 012960768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 009680400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 008903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 004873728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002429768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-08 19:24 - 2019-10-08 19:24 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-08 19:24 - 2019-10-08 19:24 - 002110472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 002015400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-08 19:24 - 2019-10-08 19:24 - 001677816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001666232 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-08 19:24 - 2019-10-08 19:24 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001056056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000895560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-08 19:24 - 2019-10-08 19:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-08 19:24 - 2019-10-08 19:24 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000805296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000681720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000508728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000385336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-08 19:24 - 2019-10-08 19:24 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000201736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-08 19:24 - 2019-10-08 19:24 - 000163232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000104464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-08 19:24 - 2019-10-08 19:24 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-08 19:24 - 2019-10-08 19:24 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2019-10-08 19:24 - 2019-10-08 19:24 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-06 15:32 - 2019-10-06 15:32 - 000032856 _____ (Facebook Inc.) C:\WINDOWS\system32\Drivers\Oculus_ViGEmBus.sys
2019-10-06 15:32 - 2019-10-06 15:32 - 000002011 _____ C:\Users\Public\Desktop\Oculus.lnk
2019-10-06 15:32 - 2019-10-06 15:32 - 000002011 _____ C:\ProgramData\Desktop\Oculus.lnk
2019-10-06 15:32 - 2019-10-06 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Oculus
2019-10-06 15:23 - 2019-11-01 12:03 - 000000000 ____D C:\Program Files\Oculus
2019-10-06 15:10 - 2019-10-06 15:10 - 004957624 _____ (Facebook Technologies, LLC) C:\Users\sasch\Desktop\OculusSetup.exe
2019-10-06 14:50 - 2019-10-06 14:50 - 020473160 _____ (IObit ) C:\Users\sasch\Downloads\iobituninstaller.exe
2019-10-06 14:49 - 2019-10-06 14:49 - 001396200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-06 14:19 - 2019-10-06 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-10-06 14:19 - 2019-10-06 14:19 - 000000000 ____D C:\Program Files\VS Revo Group
2019-10-06 14:11 - 2019-03-28 10:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-10-06 14:11 - 2019-03-28 10:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-10-06 14:11 - 2019-03-28 10:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-10-06 14:11 - 2019-03-28 10:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-10-06 14:11 - 2019-03-28 07:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-03 13:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-11-03 13:53 - 2018-04-01 13:20 - 000000000 ____D C:\Users\sasch\AppData\Roaming\IObit
2019-11-03 13:53 - 2018-04-01 13:20 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-03 13:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-11-03 13:44 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:58 - 2019-02-08 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-03 12:56 - 2019-06-24 19:46 - 000000000 ____D C:\Users\sasch\AppData\Local\Oculus
2019-11-03 12:56 - 2018-04-01 13:36 - 000000000 ____D C:\ProgramData\Origin
2019-11-03 12:50 - 2019-02-08 20:48 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-11-03 12:19 - 2019-07-14 15:34 - 000859944 _____ C:\WINDOWS\system32\perfh019.dat
2019-11-03 12:19 - 2019-07-14 15:34 - 000191842 _____ C:\WINDOWS\system32\perfc019.dat
2019-11-03 12:19 - 2019-02-08 20:50 - 003062622 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:19 - 2018-09-15 18:37 - 000842986 _____ C:\WINDOWS\system32\perfh007.dat
2019-11-03 12:19 - 2018-09-15 18:37 - 000190598 _____ C:\WINDOWS\system32\perfc007.dat
2019-11-03 12:19 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 12:16 - 2018-04-01 13:35 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-03 12:14 - 2019-08-24 15:23 - 000000000 ____D C:\SolidWorks_Flexnet_Server
2019-11-03 12:14 - 2019-02-08 20:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 12:14 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 12:13 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-03 12:11 - 2018-09-15 07:09 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-11-03 12:10 - 2018-04-01 13:20 - 000000000 ____D C:\ProgramData\IObit
2019-11-03 12:06 - 2018-04-15 13:12 - 000000000 ____D C:\Users\sasch\AppData\Local\CrashDumps
2019-11-03 11:17 - 2018-04-15 17:06 - 000000000 ____D C:\Users\sasch\AppData\Local\JDownloader 2.0
2019-11-03 10:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 10:36 - 2018-08-07 11:44 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-11-03 00:12 - 2019-06-28 19:20 - 000000000 ____D C:\Program Files (x86)\Oculus Tray Tool
2019-11-03 00:12 - 2019-02-08 20:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-02 20:05 - 2019-02-08 20:48 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1368799669-3117233153-4274516567-1001
2019-11-02 20:05 - 2019-02-08 20:43 - 000002428 _____ C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-02 20:05 - 2018-04-01 13:17 - 000000000 ___RD C:\Users\sasch\OneDrive
2019-11-01 21:17 - 2019-09-18 18:37 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Vortex
2019-11-01 19:50 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-01 14:53 - 2019-06-24 20:08 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Oculus
2019-11-01 11:49 - 2018-04-01 14:34 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-10-31 20:29 - 2019-06-27 19:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\beatdrop
2019-10-31 18:47 - 2019-03-22 17:58 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-10-31 18:16 - 2019-02-08 21:09 - 001065984 _____ C:\Users\sasch\AppData\Local\file__0.localstorage
2019-10-30 17:02 - 2018-04-01 13:53 - 000000000 ____D C:\Program Files (x86)\Origin
2019-10-28 19:13 - 2018-04-01 13:21 - 000000000 ____D C:\ProgramData\ProductData
2019-10-27 18:05 - 2018-04-01 13:33 - 000000000 ____D C:\Users\sasch\AppData\Local\PlaceholderTileLogoFolder
2019-10-27 13:49 - 2018-10-27 17:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-18 20:53 - 2019-08-16 18:34 - 000000000 ____D C:\Users\sasch\AppData\Roaming\.minecraft
2019-10-18 19:10 - 2018-04-01 13:18 - 000000000 ____D C:\Program Files\Opera
2019-10-17 12:57 - 2018-04-01 14:32 - 000000000 ____D C:\Program Files\Bitdefender
2019-10-16 19:49 - 2018-05-10 11:13 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Twitch
2019-10-16 18:34 - 2018-12-12 16:29 - 000596632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-10-15 11:26 - 2018-04-01 14:39 - 000000000 ____D C:\Users\sasch\AppData\Local\UnrealEngine
2019-10-13 17:50 - 2018-04-01 13:53 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Origin
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-08 20:56 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-08 19:28 - 2018-04-01 20:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-08 19:25 - 2018-04-01 20:34 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-08 19:10 - 2019-02-08 20:48 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522585103
2019-10-08 19:10 - 2018-04-01 13:18 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-10-06 15:53 - 2018-05-27 18:22 - 000000000 ____D C:\Users\sasch\Documents\Soundaufnahmen
2019-10-06 14:51 - 2018-04-01 13:20 - 000000000 ____D C:\Users\sasch\AppData\LocalLow\IObit
2019-10-06 14:49 - 2019-02-08 20:43 - 000000000 ____D C:\Users\sasch
2019-10-06 14:47 - 2018-04-01 22:41 - 000000000 ____D C:\Users\sasch\Desktop\Spiele
2019-10-06 14:46 - 2019-07-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oculus Tray Tool
2019-10-06 14:46 - 2019-06-20 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
2019-10-06 14:46 - 2019-06-10 15:13 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witcher 3 HD Reworked Project 5.1
2019-10-06 14:46 - 2019-05-31 17:57 - 000000000 ____D C:\Users\sasch\Desktop\@
2019-10-06 14:46 - 2019-04-20 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice
2019-10-06 14:46 - 2019-04-11 21:55 - 000000000 ____D C:\Users\sasch\Desktop\PC
2019-10-06 14:46 - 2019-04-11 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light Redux
2019-10-06 14:46 - 2019-04-11 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo
2019-10-06 14:45 - 2019-09-17 09:52 - 000000000 ____D C:\Program Files\Npcap
2019-10-06 14:44 - 2018-04-01 13:16 - 000000000 ____D C:\Users\sasch\AppData\Local\Packages
2019-10-06 14:43 - 2018-06-24 15:14 - 000000000 ____D C:\Users\sasch\AppData\Roaming\E-Ciga
2019-10-06 14:39 - 2018-10-13 14:26 - 000000000 ____D C:\ProgramData\Apple
2019-10-06 13:49 - 2019-06-24 20:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\OculusClient
2019-10-04 21:26 - 2018-05-30 08:31 - 000000000 ____D C:\Users\sasch\AppData\LocalLow\Mozilla
2019-10-04 21:14 - 2019-08-17 16:07 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-07-24 18:53 - 2019-07-24 18:53 - 000367104 _____ () C:\Users\sasch\ModAssistant.exe
2019-06-25 19:44 - 2019-06-27 18:06 - 000000000 _____ () C:\Users\sasch\AppData\Roaming\.OculusDebugToolGUI
2019-11-03 11:10 - 2019-11-02 13:54 - 016726016 _____ () C:\Users\sasch\AppData\Roaming\FileHoster.exe
2019-02-08 21:09 - 2019-10-31 18:16 - 001065984 _____ () C:\Users\sasch\AppData\Local\file__0.localstorage

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

Geändert von TrainandGame (03.11.2019 um 14:04 Uhr)

Alt 03.11.2019, 14:01   #11
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019
durchgeführt von sasch (03-11-2019 13:56:03)
Gestartet von C:\Users\sasch\Desktop
Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled)
Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled)
golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled)
sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch
WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.05 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns)
Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.2.693 - Bitdefender)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark)
Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation)
Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NZBGet (HKLM-x32\...\NZBGet) (Version:  - Andrey Prygunkov)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team)
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version:  - )
OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version:  - )
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.)
Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x)
Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version:  - Roblox Corporation)
ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies)
SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden
SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation)
SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2019 SP01  (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Superhot  Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot  Incl. Update 3 MULTi9 1.0) (Version:  - )
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version:  - )
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG
uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.)
VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - STMicroelectronics (STTub30) USB  (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat ()
Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libEGL.DLL
2018-04-01 13:53 - 2019-10-30 17:02 - 003090944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll
2019-08-24 15:39 - 2019-08-24 15:39 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000002560 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icudt58.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001252864 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icuuc58.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000030208 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000032768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qico.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000256512 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000026112 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000305152 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000025600 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000709120 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000207360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000310272 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 003513344 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Qml.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 003390976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Quick.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000068096 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000045568 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000116224 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 054071296 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000211456 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108]
AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA​ [16]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ==========

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2019-11-03 13:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run32: => "Updater"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "SE61T-UserTools"
HKLM\...\StartupApproved\Run32: => "SKILLER SGK4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "OculusTrayTool"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027
FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027
FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027
FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027
FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027
FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027
FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027
FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027
FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027
FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027
FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027
FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027
FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027
FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027
FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027
FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027
FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027
FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027

==================== Wiederherstellungspunkte =========================

02-11-2019 18:16:04 Geplanter Prüfpunkt
03-11-2019 13:27:34 Removed Vegas Pro 13.0 (64-bit)
03-11-2019 13:54:05 Removed Java 8 Update 211 (64-bit)

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/03/2019 12:53:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 15816. Meldungs-ID: [0x2509].

Error: (11/03/2019 12:51:28 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509].

Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000701a52
ID des fehlerhaften Prozesses: 0x168c
Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts

Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/02/2019 11:02:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000021399fb7300
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d591c45509e62d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 00a7de21-caec-4766-834e-df68a6cf9605
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (11/03/2019 01:53:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 12:57:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:56:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 12:56:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:39:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:24:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/03/2019 12:17:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 12:16:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================

Date: 2019-11-03 12:14:50.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 12:11:25.049
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 11:54:42.573
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 19:38:13.968
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:15:01.526
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:50.034
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:29.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 18:49:31.791
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 2003 09/19/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16324.48 MB
Verfügbarer physikalischer RAM: 9382.9 MB
Summe virtueller Speicher: 20676.48 MB
Verfügbarer virtueller Speicher: 11590.81 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:475.64 GB) (Free:36.44 GB) NTFS
Drive d: () (Fixed) (Total:920.1 GB) (Free:251.07 GB) NTFS

\\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS
\\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS
\\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 03.11.2019, 14:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von TrainandGame Beitrag anzeigen
Aber eben nicht alles, wieso ich WinRaR z.B entfernen sollte erschließt sich mir nicht als Windows Nutzer.
Was bitte begreifst du an "unnötigem oder altem Krempel" denn nicht?

Deine WinRAR-Version ist alt und muss runter.


Zitat:
Zitat von TrainandGame Beitrag anzeigen
Bei der Wahl meines Antivir bitte ich ebenfalls meine Entscheidung dahingehend zu respektieren und persönliche Empfehlungen hier zurückzuhalten.
Und ich bereinige keine Systeme mit störrischen Virenscannern mehr, dafür hast du sicher auch Verständnis. Dein Bitdefender wird sicher all deine Probleme lösen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.11.2019, 14:08   #13
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Was bitte begreifst du an "unnötigem oder altem Krempel" denn nicht?

Deine WinRAR-Version ist alt und muss runter.




Und ich bereinige keine Systeme mit störrischen Virenscannern mehr, dafür hast du sicher auch Verständnis. Dein Bitdefender wird sicher all deine Probleme lösen.
Nun, ich würde schon davon ausgehen, dass Sie sich nicht mit dem Team hinter Bitdefener messen können. Allerdings kenne ich Sie auch nicht. Eventuell sind Sie ein Gott am PC und wiegen die Kompetenz dieses Konzerns mehrfach auf, dennoch würde ich weitere Vorschläge abwarten. Nachdem ich Probleme habe, halte ich es nicht für Klug als aller erstes mein Antivir zu entfernen.

Alt 03.11.2019, 14:19   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Versuchter Teamviewer missbrauch auf meinen PC - Icon32

Versuchter Teamviewer missbrauch auf meinen PC



Zitat:
Nachdem ich Probleme habe, halte ich es nicht für Klug als aller erstes mein Antivir zu entfernen.
Sie haben schon wieder nicht richtig gelesen, ich wiederhole mich:

"Und Security Suites waren schon immer kontraproduktiver Müll, wenn nahm man früher einen reinen Virenscanner - heute ist nicht mehr nötig, da Windows 10 den Windows Defender hat."

Ansonsten erklären Sie mir mal, warum ich mich mit dem Team von Bitdefender messen lassen muss, wo Sie doch den Windows Defender von Microsoft nutzen sollen. Wir sind das TB und nicht Microsoft.

Das Winoptimizer Geraffel haben Sie auch nicht deinstalliert. Wenn Sie hier Hilfe wollen aber keine Anweisungen umsetzen und alles in Frage stellen müssen, wird das Thema beendet und in die Tonne verfrachtet. Und ich dabei hab hier schon ein Auge zugedrückt, nachdem Sie offen den Einsatz von illegalen Cracks zugegeben haben; mein Kollege M-K-D-B ist in der Hinsicht deutlich strenger!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.11.2019, 14:24   #15
TrainandGame
 
Versuchter Teamviewer missbrauch auf meinen PC - Standard

Versuchter Teamviewer missbrauch auf meinen PC



Nun gut, nachdem ich mir Artikel durchgelesen habe über den Defender, dass dieser mittlerweile eine gute Arbeit macht, würde ich Ihren Weg versuchen wollen.

Ich folge nun Ihren Anweisungen und hänge gleich die Logs an.

Grüße

Defender zieht erstmal Updates. Hier die Logs

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019
durchgeführt von sasch (03-11-2019 14:30:33)
Gestartet von C:\Users\sasch\Desktop
Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled)
Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled)
golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled)
sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch
WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns)
Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance)
Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU)
CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark)
Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation)
Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden
Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NZBGet (HKLM-x32\...\NZBGet) (Version:  - Andrey Prygunkov)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team)
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version:  - )
OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version:  - )
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.)
Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x)
Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - )
PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version:  - Roblox Corporation)
ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies)
SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden
SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation)
SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2019 SP01  (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Superhot  Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot  Incl. Update 3 MULTi9 1.0) (Version:  - )
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version:  - )
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.)
VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - STMicroelectronics (STTub30) USB  (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics)
Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat ()
Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libEGL.DLL
2018-04-01 13:53 - 2019-10-30 17:02 - 003090944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll
2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000002560 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icudt58.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001252864 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icuuc58.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000030208 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000032768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qico.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000256512 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000026112 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000305152 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000025600 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000709120 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000207360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000310272 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 003513344 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Qml.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 003390976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Quick.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000068096 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000045568 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000116224 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 054071296 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000211456 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108]
AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA​ [16]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ==========

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2019-11-03 14:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run32: => "Updater"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "SE61T-UserTools"
HKLM\...\StartupApproved\Run32: => "SKILLER SGK4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "OculusTrayTool"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4"
HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert]
FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53
FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )
FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert]
FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert]
FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert]
FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert]
FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.)
FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027
FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027
FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027
FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027
FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027
FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027
FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027
FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027
FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027
FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert]
FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027
FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027
FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027
FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> )
FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027
FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027
FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027
FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert]
FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer)
FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027
FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027
FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027
FirewallRules: [{486AC4A1-2565-4E4C-ACBF-F5ADCAB3254F}] => (Allow) LPort=8027

==================== Wiederherstellungspunkte =========================

02-11-2019 18:16:04 Geplanter Prüfpunkt
03-11-2019 13:27:34 Removed Vegas Pro 13.0 (64-bit)
03-11-2019 13:54:05 Removed Java 8 Update 211 (64-bit)

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/03/2019 02:24:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WO14.exe, Version: 14.0.0.0, Zeitstempel: 0x58529fe9
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17763.802, Zeitstempel: 0x936e7d37
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00121932
ID des fehlerhaften Prozesses: 0x195c
Startzeit der fehlerhaften Anwendung: 0x01d5924a08eb9a7e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\WO14.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bc0fb12a-ea02-469f-a54c-db05908abae2
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/03/2019 12:53:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 15816. Meldungs-ID: [0x2509].

Error: (11/03/2019 12:51:28 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509].

Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000701a52
ID des fehlerhaften Prozesses: 0x168c
Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts

Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscBrokerManager
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.SecurityAppBroker
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscBrokerManager
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.SecurityAppBroker
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscBrokerManager
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.SecurityAppBroker
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:28:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 und der APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/03/2019 02:28:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q)
Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
===================================
Date: 2019-11-03 14:30:35.873
Description: 
Fehler von Windows Defender Antivirus beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden. 
Signaturversion: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0

CodeIntegrity:
===================================

Date: 2019-11-03 12:14:50.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 12:11:25.049
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-03 11:54:42.573
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 19:38:13.968
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:15:01.526
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:50.034
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-10-28 19:08:29.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-28 18:49:31.791
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 2003 09/19/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16324.48 MB
Verfügbarer physikalischer RAM: 11308.61 MB
Summe virtueller Speicher: 20676.48 MB
Verfügbarer virtueller Speicher: 13279.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:475.64 GB) (Free:38.08 GB) NTFS
Drive d: () (Fixed) (Total:920.1 GB) (Free:251.07 GB) NTFS

\\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS
\\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS
\\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Geändert von TrainandGame (03.11.2019 um 14:32 Uhr)

Antwort

Themen zu Versuchter Teamviewer missbrauch auf meinen PC
amazon, beendet, bewusst, bitdefender, datei, defender, ebenfalls, erneut, fenster, frage, guten, installiert, internet, kleines, löschen, maus, neuen, neues, nichts, node.js, opera, prüfen, schnell, security, setup, taskmanager, teamviewer, version, windowsapps



Ähnliche Themen: Versuchter Teamviewer missbrauch auf meinen PC


  1. Spam missbrauch
    Überwachung, Datenschutz und Spam - 11.04.2017 (2)
  2. Angeblich versuchter Hackerangriff auf Bundestag und Parteien
    Nachrichten - 20.09.2016 (0)
  3. TR/ATRAPS.Gen2 Teamviewer hilfe
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (7)
  4. Missbrauch E-mail-Adressen
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (5)
  5. Missbrauch von meinem AOL-EMail-Account
    Log-Analyse und Auswertung - 21.01.2013 (10)
  6. 3 Virenprogramme auf PC Suche TeamViewer Hilfe
    Plagegeister aller Art und deren Bekämpfung - 15.12.2012 (19)
  7. Infektion via Teamviewer möglich?
    Diskussionsforum - 26.11.2012 (4)
  8. Dringendes Sicherheitsupdate für TeamViewer
    Nachrichten - 20.07.2012 (0)
  9. Wie sicher ist Teamviewer?
    Diskussionsforum - 28.01.2012 (15)
  10. hacked by im internetexplorer trotz versuchter behebung?
    Plagegeister aller Art und deren Bekämpfung - 06.07.2011 (1)
  11. Mail Acc wegen Missbrauch gesperrt
    Log-Analyse und Auswertung - 14.01.2011 (4)
  12. e-mail missbrauch durch trojaner?
    Log-Analyse und Auswertung - 04.10.2010 (9)
  13. nach versuchter Neuinstallation= Softwarefehler
    Alles rund um Windows - 26.09.2008 (4)
  14. Shockwave missbrauch - wie bereinigen ???
    Plagegeister aller Art und deren Bekämpfung - 30.06.2008 (4)
  15. Versuchter Internet-Access vom Windows-Explorer
    Plagegeister aller Art und deren Bekämpfung - 22.10.2003 (12)

Zum Thema Versuchter Teamviewer missbrauch auf meinen PC - Guten Tag, nachdem mein Hoster vom Netz genommen wurde, wollte ich etwas neues ausprobieren. Dabei wollte ich die NZB Funktion meines neuen Anbieters testen. Schnell über einen NZB-Indexer eine Datei - Versuchter Teamviewer missbrauch auf meinen PC...
Archiv
Du betrachtest: Versuchter Teamviewer missbrauch auf meinen PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.