|
Log-Analyse und Auswertung: Versuchter Teamviewer missbrauch auf meinen PCWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
03.11.2019, 12:47 | #1 |
| Versuchter Teamviewer missbrauch auf meinen PC Guten Tag, nachdem mein Hoster vom Netz genommen wurde, wollte ich etwas neues ausprobieren. Dabei wollte ich die NZB Funktion meines neuen Anbieters testen. Schnell über einen NZB-Indexer eine Datei rausgesucht und angefangen. Die Datei war überraschend klein und als .exe verfügbar, da ich mit NZB noch keine Erfahrung hatte, habe ich blauäugig die Datei angeklickt. Nichts hat sich geöffnet. (Es war eine angebliche Bordlerlands 3 Setup Datei,eine Verlinkung wäre möglich, bin mir aber nicht sicher ob erwünscht) Nun, es ist nichts passiert. Habe die NZB-Sache also liegengelassen und zum altbewährten JDownloader zurückgegangen. Ab hier wird es dann interessant, nachdem ich den PC ca 5 Minuten allein gelassen habe, komme ich also zurück und sehe wie meine Maus selbstständig in Opera auf Amazon spazieren geht. Es wurde sich über Auto-Fill-In-Formular eingeloggt und... ab hier habe ich die Maus übernommen Opera beendet, ein kleines Teamviewer Fenster gesehen, ebenfalls beendet. Ich wollte sofort die Borderlands Setup Datei löschen, dieses hat nicht funktioniert. Es erschien eine Fehlermeldung... Derzeit nicht möglich da geöffnet. Ich habe im Taskmanager nichts gefunden also neugestartet und erneut versucht zu löschen, mit Erfolg. Lasse derzeit Bitdefender Internet Security laufen, bisher keine Funde. Übrigens, ich habe bewusst gar kein Teamviewer installiert, wahrscheinlich eine Portable Version in der angeblichen Borderlands Setup Datei? Jetzt meine Frage, was sollte ich prüfen, wie kann ich mir wieder sicher sein, meinen PC ohne Fremdübernahme allein zu lassen? Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019 durchgeführt von sasch (Administrator) auf DESKTOP-FOHP40Q (03-11-2019 12:43:39) Gestartet von C:\Users\sasch\Desktop Geladene Profile: sasch (Verfügbare Profile: sasch & OVRLibraryService) Platform: Windows 10 Pro Version 1809 17763.805 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Opera Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systèmes SolidWorks Corp.) [Datei ist nicht signiert] C:\SolidWorks_Flexnet_Server\sw_d.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe (Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubMonitor.exe (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectMonitor.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectService.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KStudioHostService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Oculus VR, LLC -> ) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera_crashreporter.exe (Razer USA Ltd. -> ) C:\Windows\System32\RZSurroundHelper.exe (Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe (Trend Micro Inc.) [Datei ist nicht signiert] C:\Users\sasch\Desktop\HijackThis.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019 durchgeführt von sasch (03-11-2019 12:21:56) Gestartet von C:\Users\sasch\Desktop Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled) Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled) golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled) sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe) Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.05 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns) Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender) Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender) Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.2.693 - Bitdefender) Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU) CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair) Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.) Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.) Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark) Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 (HKLM-x32\...\Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0) (Version: - ) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit) Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research) Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation) Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version: - Deep Silver) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - ) MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC) Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla) MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation) NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NZBGet (HKLM-x32\...\NZBGet) (Version: - Andrey Prygunkov) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project) OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS) Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC) Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version: - ) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team) OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - ) OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version: - ) Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.) Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x) Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH) PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder) Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version: - Roblox Corporation) ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation) SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies) SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation) SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2019 SP01 (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.) Superhot Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot Incl. Update 3 MULTi9 1.0) (Version: - ) TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance) Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP) The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com) Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version: - ) TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software) Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - ) Vegas Pro 13.0 (64-bit) (HKLM\...\{1F8D8040-0BC8-11E5-85C5-F04DA23A5C58}) (Version: 13.0.453 - Sony) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.) VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - STMicroelectronics (STTub30) USB (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics) WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) Packages: ========= 3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.) Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat () Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll 2019-08-24 15:39 - 2019-08-24 15:39 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll 2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Public\AppData:CSM [236] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108] AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA [16] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ========== ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-09-29 14:46 - 2019-11-03 12:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\ HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "BdVpnApp" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2" HKLM\...\StartupApproved\Run32: => "Updater" HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKLM\...\StartupApproved\Run32: => "SE61T-UserTools" HKLM\...\StartupApproved\Run32: => "SKILLER SGK4" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "OculusTrayTool" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A68589C6-CE2A-4685-86A3-91A965FECEFA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe Keine Datei FirewallRules: [{287FF9E7-CBBD-4BFB-A533-C085FEE51F43}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe Keine Datei FirewallRules: [{8C32AB04-804F-4544-AB21-AA8961EFC463}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe Keine Datei FirewallRules: [{02928025-9AF7-4E38-A658-B0D13AE92D23}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe Keine Datei FirewallRules: [{14AC329C-96DE-419B-8D2A-D5C5D09C95AD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe Keine Datei FirewallRules: [{132BC8D5-6B34-42BB-9D7E-06809933E2E0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe Keine Datei FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027 FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027 FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027 FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027 FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027 FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027 FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027 FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027 FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027 FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027 FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027 FirewallRules: [{C031F3DC-E105-41C6-A5A1-386FD0919B84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe Keine Datei FirewallRules: [{7037C5AD-4A33-450C-A121-FFA5A5A7FC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe Keine Datei FirewallRules: [{1F92F6EF-DDDD-4903-997B-17C330F3F669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe Keine Datei FirewallRules: [{B92DFD7B-E615-4738-A124-FE077365D115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe Keine Datei FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027 FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027 FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027 FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027 FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027 FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027 FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027 ==================== Wiederherstellungspunkte ========================= 02-11-2019 18:16:04 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509]. Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f Ausnahmecode: 0xc000027b Fehleroffset: 0x0000000000701a52 ID des fehlerhaften Prozesses: 0x168c Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/02/2019 11:02:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000021399fb7300 ID des fehlerhaften Prozesses: 0xdc0 Startzeit der fehlerhaften Anwendung: 0x01d591c45509e62d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 00a7de21-caec-4766-834e-df68a6cf9605 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/02/2019 10:25:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000002eb47bc77d0 ID des fehlerhaften Prozesses: 0x4af4 Startzeit der fehlerhaften Anwendung: 0x01d591bf02640381 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 0890802c-f189-4781-8a7f-3abc7e1c952e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/02/2019 09:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm Steam.exe Version 5.45.49.1 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2638 Startzeit: 01d591bd8bf6485d Beendigungszeit: 19 Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe Bericht-ID: 443ada50-9f13-411a-98d5-35f535ff30b8 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Cross-process Systemfehler: ============= Error: (11/03/2019 12:17:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 12:16:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 12:16:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:16:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:14:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Der Dienst "SOLIDWORKS Electrical Collaborative Server" hat einen ungültigen aktuellen Status gemeldet: 0 Error: (11/03/2019 12:12:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:11:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:11:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =================================== Date: 2019-11-03 12:14:50.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 12:11:25.049 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 11:54:42.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 19:38:13.968 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:15:01.526 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:50.034 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:29.410 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 18:49:31.791 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2003 09/19/2016 Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2 Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 16324.48 MB Verfügbarer physikalischer RAM: 9725.93 MB Summe virtueller Speicher: 20676.48 MB Verfügbarer virtueller Speicher: 12343.22 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:475.64 GB) (Free:36.54 GB) NTFS Drive d: () (Fixed) (Total:920.1 GB) (Free:187.49 GB) NTFS \\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS \\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS \\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS \\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 12:36:40, on 03.11.2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0771) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Steam\Steam.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe C:\Users\sasch\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SE61T-UserTools] C:\Program Files (x86)\uRage Reaper nxt\uRage Reaper nxt..exe /s O4 - HKLM\..\Run: [SKILLER SGK4] C:\Program Files (x86)\SKILLER SGK4\Monitor.exe O4 - HKLM\..\Run: [CORSAIR iCUE Software] "C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [OculusTrayTool] C:\Program Files (x86)\Oculus Tray Tool\OculusTrayTool.exe O4 - HKLM\..\Run: [OnScreen Control] C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\sasch\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [Discord] C:\Users\sasch\AppData\Local\Discord\app-0.0.305\Discord.exe O4 - HKCU\..\Run: [CorsairLink4] C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe -startup O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart O4 - Startup: FileHoster.url O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Startup: Twitch.lnk = sasch\AppData\Roaming\Twitch\Bin\Twitch.exe O4 - Global Startup: SOLIDWORKS 2019 Fast Start.lnk = ? O4 - Global Startup: SOLIDWORKS Hintergrund-Downloader.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Bitdefender Anti-tracker - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AfVpnService - AnchorFree Inc. - C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe O23 - Service: Bitdefender Vpn Service (BdVpnService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Corsair LINK 4 (CLink4Service) - Corsair Components, Inc. - C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe O23 - Service: Corsair Service (CorsairService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: SOLIDWORKS Electrical Collaborative Server (ewserver) - Unknown owner - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Kinect Monitor (KinectMonitor) - Unknown owner - C:\WINDOWS\system32\Kinect\KinectMonitor.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: Oculus VR Library Service (OVRLibraryService) - Facebook Technologies, LLC - C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe O23 - Service: Oculus VR Runtime Service (OVRService) - Facebook Technologies, LLC - C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: Remote Solver for Flow Simulation 2018 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Flexnet Server - Flexera Software LLC - C:\SolidWorks_Flexnet_Server\lmgrd.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SWVisualize2019.BoostService - Dassault Systèmes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe O23 - Service: SWVisualize2019.Queue.Server - Dassault Systèmes - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Ashampoo LiveTuner 2 Service (WO_LiveService2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe -- End of file - 15782 bytes |
03.11.2019, 13:13 | #2 |
| Versuchter Teamviewer missbrauch auf meinen PCCode:
ATTFilter 2019/11/03 11:49:21.424 15412 17700 G7 IsWindowsServerVerifyOnce(): Is a windows server 0 2019/11/03 11:49:21.424 15412 17700 G7 Logger started. 2019/11/03 11:49:21.814 15412 17700 G7 Monitors: Generic PnP Monitor, \\.\DISPLAY1, 2560x1080 (0,0), flags=3, dpi=96 2019/11/03 11:49:21.814 15412 17700 G7 Monitors: Generic PnP Monitor, \\.\DISPLAY2, 1920x1080 (2560,0), flags=3, dpi=96 2019/11/03 11:49:21.904 15412 17700 G7 CMain::LoadResourceDLLs(): No custom resource dll found 2019/11/03 11:49:21.904 15412 17700 G7 InterProcessBase::SecureNetwork created 2019/11/03 11:49:21.908 15412 17700 G7 VoIP: Constructor 2019/11/03 11:49:21.908 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183 2019/11/03 11:49:21.908 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183 2019/11/03 11:49:21.918 15412 17700 G7 TAF::Handler::ctor: TAF initialized. MM=40 2019/11/03 11:49:21.922 15412 17700 G7!! ApplicationLookOfflineState::ApplicationAppearanceOfflineState: state not loaded, Errorcode=183 2019/11/03 11:49:21.941 15412 17700 G7 MsHtmlVersionInfo: 11.0.17763.802 2019/11/03 11:49:21.948 15412 17700 G7! AsioSettings::FindExternalIP: found 0 external IPs instead of 1! 2019/11/03 11:49:21.949 15412 17700 G7! AsioSettings::FindExternalIP: found 0 external IPs instead of 1! 2019/11/03 11:49:21.953 15412 17700 G7 Generating new RSA private/public key pair 2019/11/03 11:49:21.982 15412 17700 G7 QueryVPNRegKey: Subkey 'SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Configuration' (13) has no 'MatchingDeviceID' entry. Continuing... 2019/11/03 11:49:21.983 15412 17700 G7!! QueryVPNRegKey: RegOpenKeyEx: SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties Start: 2019/11/03 11:49:22.126 (UTC+1:00) Version: 14.7.1965 QS ID: 0 Loglevel: Info (100) License: 0 Server: master9.teamviewer.com IC: 1794020801 CPU: Intel64 Family 6 Model 94 Stepping 3, GenuineIntel CPU extensions: h9 OS: Win_10.0.17763_W (64-bit) IP: 192.168.178.36 MID: 0x00ff83c63e92_1d44cc67230d0d5_2048382725 MIDv: 0 Proxy-Settings: Type=1 IP= User= IE: 11.805.17763.0 AppPath: C:\Users\sasch\AppData\Local\Temp\TeamViewer\TeamViewer.exe UserAccount: sasch 2019/11/03 11:49:22.131 15412 17700 G7 Resource-Language: de 2019/11/03 11:49:22.142 15412 17756 G7 NetWatchdog: Internet is now connected 2019/11/03 11:49:22.142 15412 16960 G7 CKeepAliveClientClient::HandleStartKeepAlive: going online not wanted! 2019/11/03 11:49:22.142 15412 17700 G7 Using IPC-Port 6039 2019/11/03 11:49:22.143 15412 17700 G7 SHMR: Initializing shared memory. 2019/11/03 11:49:22.147 15412 17700 G7 Starting intra process connection 2019/11/03 11:49:22.147 15412 1248 G7 NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=0 restart=0 2019/11/03 11:49:22.153 15412 5968 G7 Received Control_InitIPC_Response processtype=1 2019/11/03 11:49:22.153 15412 5968 G7 Received Control_InitIPC_Response runningProcesses=3 2019/11/03 11:49:22.153 15412 5968 G7 Control_InitIPC_Response: all processes 3 completely initialized 2019/11/03 11:49:22.154 15412 5968 G7 NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=1 restart=0 2019/11/03 11:49:22.154 15412 5968 G7 TeamViewer is going online! 2019/11/03 11:49:22.154 15412 5968 G7 CKeepAliveClientClient::DoReconnectInternal: doing nothing, state = 0 2019/11/03 11:49:22.154 15412 5868 G7 CKeepAliveClientClient::StartConnect(): Protocol 8 proxy -- IP 2019/11/03 11:49:22.154 15412 5868 G7 Activating Router carrier 2019/11/03 11:49:22.171 15412 17700 G7 DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0 2019/11/03 11:49:22.171 15412 17700 G7 DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0 2019/11/03 11:49:22.180 15412 13276 G7!! ProxySearch.GetProxiesFromPAC: WinHttpGetProxyForUrl(WPAD) failed for URL 'hxxp://www.teamviewer.com/' with error 12167, Errorcode=12167 2019/11/03 11:49:22.180 15412 13276 G7!! ProxySearch.GetProxiesFromPAC: WinHttpGetProxyForUrl(WPAD) failed for URL 'https://www.teamviewer.com:443/' with error 12167, Errorcode=12167 2019/11/03 11:49:22.193 15412 17700 G7 MachineHooks: Initialized Shm 2019/11/03 11:49:22.193 15412 17700 G7 MachineHooks: refcount = 1 2019/11/03 11:49:22.193 15412 17700 G7 MachineHooks: x64 Machine detected 2019/11/03 11:49:22.193 15412 17700 G7 MachineHooks: w32 Loader is starting 2019/11/03 11:49:22.193 15412 17700 G7 MachineHooks: x64 Loader is starting 2019/11/03 11:49:22.297 15412 17700 G7 CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=0 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0 2019/11/03 11:49:22.314 15412 5968 G7 IpcLoaderProcessHandlerWin: Loader process started, pid = 19828 2019/11/03 11:49:22.327 19828 18672 L32 Loader started with: "C:\Users\sasch\AppData\Local\Temp\TeamViewer\tv_w32.exe" --action hooks --log C:\Users\sasch\AppData\Roaming\TeamViewer\TeamViewer14_Logfile.log 2019/11/03 11:49:22.367 15412 5968 G7 IpcLoaderProcessHandlerWin: Loader process started, pid = 10100 2019/11/03 11:49:22.377 10100 20288 L64 Loader started with: "C:\Users\sasch\AppData\Local\Temp\TeamViewer\tv_x64.exe" --action hooks --log C:\Users\sasch\AppData\Roaming\TeamViewer\TeamViewer14_Logfile.log 2019/11/03 11:49:22.388 19828 18672 L32 Starting Loader 2019/11/03 11:49:22.192 15412 17700 H32 Loader: SharedMem Connected (seg = 0x8cf0000, refcnt = 1) 2019/11/03 11:49:22.192 15412 17700 H32 teamviewer.exe: SharedMem Connected (seg = 0x8cf0000, refcnt = 2) 2019/11/03 11:49:22.294 15412 17700 H32 teamviewer.exe: SharedMem_SetLogLevel: 0 -> 200 2019/11/03 11:49:22.397 15412 17700 G7 MainBaseWin::ExecuteMain: MainThread-Id = 17700 2019/11/03 11:49:22.411 10100 20288 L64 Starting Loader 2019/11/03 11:49:22.627 15412 16960 G7 KeepAliveSessionOutgoing::ConnectSuccessHandler(): KeepAliveConnect to router11.teamviewer.com successful 2019/11/03 11:49:22.627 15412 16960 G7 KeepAliveSessionOutgoing::KeepAliveChannelInitialized(): KeepAliveConnection to router11.teamviewer.com initialized 2019/11/03 11:49:22.627 15412 16960 G7!! KeepAliveSession::KeepAliveChannelInitialized(): KeepAlive-Connection initialized with ID 0 (IP: 2a03:8180:1501:88::9), SendQueue 0 (0 Bytes), SendIndex 0, AckIndex 0, RemoteSessionID 1 2019/11/03 11:49:22.627 15412 16960 G7! KeepAliveSession::SendCompleteQueue(): SendQueue: 0 (0 Bytes), RemoteSession 1 (ClientID 0), Time: 0 ms 2019/11/03 11:49:22.628 15412 16960 G7 IdentifyRequest: ID = 0, IC = 1794020801, IsTemporaryID = 0, InitiativeGUID = 2abb09fd-1b92-4b82-a028-da8af59494fb, CanStoreGUID = 0, MIDHistory = {0x00ff83c63e92_1d44cc67230d0d5_2048382725|ua3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede|va3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~0dd0c5b4e712d7cef7750d93b4e6b006|windows03a3c4512072ba11e3954e3497f6383a153497f6383a1571edb48a4f6126e19b9f8d422235aede<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~0dd0c5b4e712d7cef7750d93b4e6b006}, MIDv = 0, MaxSupportedMIDv = 3, RebootHash = {c4794370-5344-b2c5-d96f-8b2853b076ad}, MIDFlags = 1, MIDForceUpdateFlags = 0, AttractionGUID = 00000000-0000-0000-0000-000000000000, TerminalServerIDsInToken = 0 2019/11/03 11:49:22.677 15412 5968 G7 TVRouterClock: received router time: 20191103T104924.615133 2019/11/03 11:49:22.677 15412 5968 G7 TVRouterClock Schedule next request in 43200 seconds 2019/11/03 11:49:22.971 15412 5868 G7 Login::Identify::ManageLogin(): ID: 1663350025 IC 1794020801 MIDv2 2019/11/03 11:49:22.974 15412 5868 G7 CKeepAliveClientClient::OnKeepAliveSucceeded(): Protocol 8 proxy -- 2019/11/03 11:49:22.974 15412 5868 G7 TeamViewerIDTracker::UpdateMachineID: New machineID = 1663350025 2019/11/03 11:49:22.974 15412 16960 G7 IDLabelContent::UpdateImpl() IDs changed: SessionID "1663350025", TSUserID "0", ServerID "0" 2019/11/03 11:49:22.975 15412 17700 G7 CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0 2019/11/03 11:49:22.976 15412 5968 G7 DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=0 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=0 2019/11/03 11:49:23.684 15412 5868 G7 LicenseTracker::UpdateMachineLicense() local license differs from master license 2019/11/03 11:49:23.684 15412 5868 G7 Non-Commercial use 2019/11/03 11:49:23.826 15412 11116 G7 Client logged in and online 2019/11/03 11:49:23.826 15412 17700 G7 CMainWindow::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=1 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=1 2019/11/03 11:49:23.827 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.827 15412 15044 G7 InterProcessBase::SecureNetworkCallbackHandle created (RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a) 2019/11/03 11:49:23.827 15412 15044 G7 TAF::Handler::RequestServerURL: Request new server URL from master. 2019/11/03 11:49:23.827 15412 15044 G7 KeepAliveStateListener::OnOnline: going online 2019/11/03 11:49:23.827 15412 15044 G7 ManagerHolderStateMachine: Switching from None to ReadyForLogin 2019/11/03 11:49:23.827 15412 5968 G7 SecureNetworkIPCAdapter::RegisterSharedBCmdCallback(): CC: 30, RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a, DyngateID: 1663350025, ProcessType: 2, SessionID: 7 2019/11/03 11:49:23.828 15412 5868 G7 ChatManager::ChatManager: created 2019/11/03 11:49:23.828 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.828 15412 5868 G7 ChatManager::Factory: ChatManager created 2019/11/03 11:49:23.828 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.828 15412 5868 G7 IncomingBetterChatCommandHandler::IncomingBetterChatCommandHandler: created 2019/11/03 11:49:23.828 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.828 15412 5868 G7 IncomingCommandRegistration::Start: registering for ready state properties 2019/11/03 11:49:23.828 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.828 15412 15044 G7 DynamicPasswordUIModel::ShouldShowDynamicPassword(): dynPw=1 allowIncoming=1 id=1663350025 ka=1 lanAllowed=0 lanOnly=0 networkState=1 showDynPwd=1 2019/11/03 11:49:23.828 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.828 15412 5868 G7 InterProcessBase::SecureNetworkCallbackHandle created (RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb) 2019/11/03 11:49:23.828 15412 5868 G7 IncomingCommandRegistration::Register: Registered successfully for incoming commands (after 0 retries) 2019/11/03 11:49:23.829 15412 5968 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:23.829 15412 5968 G7 SecureNetworkIPCAdapter::RegisterSharedBCmdCallback(): CC: 25, RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb, DyngateID: 1663350025, ProcessType: 2, SessionID: 7 2019/11/03 11:49:23.855 15412 1248 G7 TAF::Handler::ServerUrlUpdate: Received new server URL: https://client.teamviewer.com/taf/index.aspx 2019/11/03 11:49:23.857 15412 19716 G7 TAF::Hander::RequestListInternal: Request new list for license type=10000 2019/11/03 11:49:23.943 15412 16960 G7 RequestIPAddress::RequestResult: Client country code: DE 2019/11/03 11:49:23.986 15412 5968 G7!! TAF::Handler::ParseJson: Received answer is empty. 2019/11/03 11:49:38.646 15412 12012 G7 Activating Router carrier 2019/11/03 11:49:38.646 15412 12012 G7 CommandHandlerRouting[2]::CreatePassiveSession(): incoming session via NL-AMS-ANX-R002.teamviewer.com, protocol Tcp 2019/11/03 11:49:38.937 15412 16960 G7 Negotiating session encryption: client hello received from 1225706102, RSA key length = 2048 2019/11/03 11:49:38.937 15412 16960 G7 Negotiating session encryption: client hello received from 1225706102, RSA key length = 2048 2019/11/03 11:49:38.944 15412 16960 G7 Negotiating session encryption: server hello sent 2019/11/03 11:49:39.091 15412 16960 G7 Negotiating session encryption: client handshake received 2019/11/03 11:49:39.091 15412 16960 G7 Negotiating session encryption: client handshake received 2019/11/03 11:49:39.095 15412 12012 G7 ProcessControlBase[4]: Start Desktop process in session 7, pid 18004 2019/11/03 11:49:39.095 15412 12012 G7 ConnectionGuard: incoming remote control in sessions: 7(1) 2019/11/03 11:49:39.095 15412 5868 G7 Connection incoming, sessionID = -671648659 2019/11/03 11:49:39.099 15412 16960 G7 Negotiating session encryption: server handshake sent, encryption established with AES key length 256 2019/11/03 11:49:39.356 15412 16960 G7 CAcceptServer::HandleAccept: new connection from 127.0.0.1:52271 2019/11/03 11:49:39.360 15412 1248 G7 Received Control_InitIPC processtype=4 2019/11/03 11:49:39.392 15412 1248 G7 ProcessControlBase[4]::ProcessConnected: Process pid 18004 in session 7 connected 2019/11/03 11:49:39.115 18004 15736 D7 IsWindowsServerVerifyOnce(): Is a windows server 0 2019/11/03 11:49:39.116 18004 15736 D7 Logger started. 2019/11/03 11:49:39.310 18004 15736 D7 TeamViewerDesktop started, PID=18004 2019/11/03 11:49:39.319 18004 15736 D7 Monitors: Generic PnP Monitor, \\.\DISPLAY1, 2560x1080 (0,0), flags=3, dpi=96 2019/11/03 11:49:39.319 18004 15736 D7 Monitors: Generic PnP Monitor, \\.\DISPLAY2, 1920x1080 (2560,0), flags=3, dpi=96 2019/11/03 11:49:39.322 18004 15196 D7 WindowsDesktopSpecificThread::Init(default): ChangeThreadDesktop(): SetThreadDesktop to default successful 2019/11/03 11:49:39.322 18004 1824 D7 WindowsDesktopSpecificThread::Init(winlogon): ChangeThreadDesktop(): SetThreadDesktop to winlogon successful 2019/11/03 11:49:39.323 18004 15736 D7 Changing keyboard layout to: 04070407 2019/11/03 11:49:39.332 18004 15736 D7 MachineHooks: Initialized Shm 2019/11/03 11:49:39.332 18004 15736 D7 MachineHooks: refcount = 2 2019/11/03 11:49:39.332 18004 15736 D7 MachineHooks: x64 Machine detected 2019/11/03 11:49:39.332 18004 15736 D7 RemoveLoginScreenWallpaper: inputDesktopName=Default 2019/11/03 11:49:39.352 18004 15736 D7 tvdesktop::BlackScreen::BlackScreen - state BSCR_OFF; m_showInstallMonitorDialog 0 2019/11/03 11:49:39.352 18004 15736 D7 tvdesktop::BlackScreen::BlackScrState - moving from BSCR_OFF ---> BSCR_OFF 2019/11/03 11:49:39.352 18004 15736 D7 tvdesktop::BlackScreen::RegisterChangeEvent 2019/11/03 11:49:39.353 18004 15736 D7 InterProcessBase::StartTcpCommunicationInternal(): setting m_NetworkConnector to new TCP connector 2019/11/03 11:49:39.355 18004 15736 D7 Opening local TCP connection to 127.0.0.1:6039 2019/11/03 11:49:39.356 18004 896 D7 Local TCP connection established 2019/11/03 11:49:39.369 18004 13928 D7 Received Control_InitIPC_Response processtype=1 2019/11/03 11:49:39.369 18004 13928 D7 Received Control_InitIPC_Response runningProcesses=7 2019/11/03 11:49:39.385 18004 7716 D7 Received Control_InitIPC_Response processtype=2 2019/11/03 11:49:39.385 18004 7716 D7 Control_InitIPC_Response: all processes 7 completely initialized 2019/11/03 11:49:39.449 18004 15736 D7 InterProcessBase::SecureNetwork created 2019/11/03 11:49:39.454 18004 15460 D7 LoginDesktopWindowImpl::GuiThreadFunction(): ChangeThreadDesktop(): SetThreadDesktop to winlogon successful 2019/11/03 11:49:39.454 18004 7716 D7 Connection incoming, sessionID = -671648659 2019/11/03 11:49:39.454 18004 3608 D7!! InterProcessBase::ProcessControlCommand Command 39 not handled 2019/11/03 11:49:39.455 18004 19808 D7 CLogin::run() 2019/11/03 11:49:39.455 18004 3608 D7 IpcRouterClock: received router time: 20191103T104941.380133 2019/11/03 11:49:39.455 18004 19808 D7 CLogin::NegotiateVersionServer() 2019/11/03 11:49:39.564 18004 19808 D7 CLoginServer::CheckIfConnectionIsAllowed() 2019/11/03 11:49:39.565 18004 19808 D7 LoginServer::runServer: using condition set: {} 2019/11/03 11:49:39.565 18004 19808 D7 CLoginServer::AuthenticateServer() 2019/11/03 11:49:39.567 15412 5968 G7 AuthenticationBlocker::Allocate: allocate ok for DyngateID 1225706102, attempt number 1 2019/11/03 11:49:41.716 18004 19808 D7!! CAuthenticationSRP_Passive, Step_Receive_VerifyClientSecret: clientSecret!=serverSecret 2019/11/03 11:49:41.716 18004 19808 D7 AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using dynamic password was denied 2019/11/03 11:49:41.716 18004 19808 D7 AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using fixed password was denied 2019/11/03 11:49:41.717 15412 12012 G7 AuthenticationBlocker::Allocate: allocate ok for DyngateID 1225706102, attempt number 2 2019/11/03 11:49:46.838 18004 19808 D7 AuthenticationPasswordLogin_Passive::RunAuthenticationMethod: authentication using dynamic password was successful 2019/11/03 11:49:46.838 15412 5968 G7 AuthenticationBlocker::Reset: attempts reset for DyngateID 1225706102 2019/11/03 11:49:46.969 15412 1248 G7 UDPv6: ProcessHandshake: (*) 2019/11/03 11:49:46.969 15412 1248 G7 Initializing transmission control v2 2019/11/03 11:49:46.983 15412 1248 G7 UDPv4: ProcessHandshake: (*) 2019/11/03 11:49:46.983 15412 1248 G7 Initializing transmission control v2 2019/11/03 11:49:46.988 18004 19808 D7 CLoginServer::runServer: ConnectionMode == 1 2019/11/03 11:49:46.988 18004 19808 D7 SessionManagerDesktop::ChangeToServermode: creating session with TVSessionID = -671648659 2019/11/03 11:49:46.989 15412 11116 G7 PseudoRoutableCmdHandler[2]::StartPseudoRouter(): PseudoRouter has been started 2019/11/03 11:49:46.989 15412 11116 G7 CPersistentParticipantManager::AddParticipant: [1663350025,-671648659] type=3 name=DESKTOP-FOHP40Q 2019/11/03 11:49:46.989 15412 1248 G7 CPersistentParticipantManager::AddParticipant: [1663350025,-671648659] type=3 name=DESKTOP-FOHP40Q 2019/11/03 11:49:46.990 15412 5868 G7 ReadStreamParameters(): streamID=1 type=5 (StreamType_Chat), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:46.990 15412 5868 G7 ReadStreamParameters(): streamID=2 type=7 (StreamType_VPN), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:46.990 18004 19808 D7 WorkstationLockerWin::ShouldAutoLockWorkstation: Autolock: no, Local user logged-in: 1, window session locked: 0, secure screen saver running: no disabled by policy: 0 2019/11/03 11:49:46.990 18004 19808 D7 WorkstationLocker::SetInitialSessionLockState() TVSessionID: -671648659 auto lock: 0 2019/11/03 11:49:46.991 18004 19808 D7 WindowObserver::SessionStart: -1; type: 1 2019/11/03 11:49:46.992 18004 5596 D7 DesktopThread started, number of Cores: 8 2019/11/03 11:49:46.992 18004 19808 D7 SessionManagerDesktop::ReportSession(): report incoming session -> isManagedDevice: 0; reportIncomingSession setting: 0 2019/11/03 11:49:46.992 18004 19808 D7 CLogin::run() leave 2019/11/03 11:49:46.992 18004 19808 D7 tvhelper::CThread::weakJoin - thread {Not-any-thread} has succesfully detached itself 2019/11/03 11:49:46.994 15412 12012 G7 CPersistentParticipantManager::AddParticipant: [1225706102,-1115162109] type=6 name=WIN-8VLDG9NG6KU 2019/11/03 11:49:46.997 15412 5968 G7 VoIP: Meeting session created: MeetingID = m00-000-000, ParticipantID = [1663350025,-671648659], MeetingGUID = 2019/11/03 11:49:46.998 15412 5968 G7 CacheManager::SetCleanupLimit: 26214400 2019/11/03 11:49:47.011 15412 5968 G7 VoIP: using pipeline factory async = 1 2019/11/03 11:49:47.011 15412 5968 G7 VoIP: CreateComponentsAndStartThreads start 2019/11/03 11:49:47.011 15412 5968 G7 VoIP: using pipeline factory async = 1 2019/11/03 11:49:47.014 15412 5968 G7 VoIP: Receiver: Audio pipeline: Building pipeline finished 2019/11/03 11:49:47.014 15412 5968 G7 VoIP: Receiver: Audio pipeline: VoiceReceiverAudioPipeline RegisterPlaybackDataObserver 2019/11/03 11:49:47.015 15412 5968 G7 VoIP: using pipeline factory async = 1 2019/11/03 11:49:47.016 15412 13764 G7 VoiceSenderAudioPipeline: Building pipeline started 2019/11/03 11:49:47.016 15412 5968 G7 VoIP: CreateComponentsAndStartThreads end 2019/11/03 11:49:47.016 15412 20856 G7 VoIP: Receiver: Audio pipeline: StartTicking called 2019/11/03 11:49:47.016 15412 20856 G7 VoIP: Receiver: ****** Playback status changed to VoiceReceiverPlaybackUnavailable ****** 2019/11/03 11:49:47.016 15412 18488 G7 RebuildingAutoVoiceCapturerWorkingClass: Data streaming activity changed to 0 2019/11/03 11:49:47.016 15412 18488 G7 VoiceSenderAudioPipeline: RebuildingAutoVoiceCapturer: Tick streaming activity changed to 0 2019/11/03 11:49:47.017 15412 13764 G7 VoiceSenderAudioPipeline: Building pipeline finished 2019/11/03 11:49:47.018 15412 13764 G7 CAudCodecSpeex:: fpp is 4 2019/11/03 11:49:47.019 15412 5968 G7 RA: Creating audio server 2019/11/03 11:49:47.019 15412 13764 G7 VoIP: Sender: Initialized 2019/11/03 11:49:47.019 15412 18488 G7 VoIP: Sender: Audio pipeline: StartTicking called 2019/11/03 11:49:47.019 15412 5968 G7 RA: quality suggestion by capacity measurement: (350) 2019/11/03 11:49:47.019 15412 5968 G7 RA: Audio quality set to 120000 2019/11/03 11:49:47.020 15412 7584 G7 VoIP: Receiver: Added session -671648659. Meeting id is -. Our participant id is "1 663 350 025" [1663350025,-671648659]. 2019/11/03 11:49:47.079 15412 5968 G7 UDPv6: sending pings...: (*) 2019/11/03 11:49:47.119 15412 5968 G7 UDPv6: UHP.PING response received: (*) 2019/11/03 11:49:47.123 15412 5968 G7 UDPv6: UHP.PING response received: (*) 2019/11/03 11:49:47.129 15412 5968 G7 UDPv6: UHP.PING response received: (*) 2019/11/03 11:49:47.129 15412 5968 G7 UDPv6: punching: (*) 2019/11/03 11:49:47.129 15412 5968 G7 UDPv6: PingOK.PunchInit: (*) 2019/11/03 11:49:47.135 15412 17700 G7 BaseSessionEndpoint::StartProcessingCommands Start processing commands for session -671648659 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: Available Capturing endpoints: "Soundkarte - Mikrofon (Realtek High Definition Audio)", "Rift S - Kopfhörermikrofon", "Standard Aufnahmegerät", "Standardkommunikationsgerät", 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: Endpoint: "Mikrofon" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21BE1-F70F-11D0-B917-00A0C9223196}, echocat=1 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: Endpoint: "Kopfhörermikrofon" "Rift S" (USB\VID_2833&PID_0051&MI_04), cat={DFF21BE3-F70F-11D0-B917-00A0C9223196}, echocat=2 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.150 15412 2020 G7 VoIP: AudioControl: No VoIPRadioAudioControl installed! 2019/11/03 11:49:47.152 15412 5968 G7 UDPv6: UHP.PING response received: (*) 2019/11/03 11:49:47.185 15412 5968 G7 CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3 2019/11/03 11:49:47.204 15412 5968 G7 CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0] 2019/11/03 11:49:47.204 15412 5968 G7 CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Available Rendering endpoints: "NVIDIA High Definition Audio - LG ULTRAWIDE", "Soundkarte - Lautsprecher (Realtek High Definition Audio)", "NVIDIA High Definition Audio - SMBX2231", "Soundkarte - Realtek Digital Output (Realtek High Definition Audio)", "Rift S - Kopfhörer (#2)", "Standard Wiedergabegerät", "Standardkommunikationsgerät", 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Endpoint: "LG ULTRAWIDE" "NVIDIA High Definition Audio" (HDAUDIO\FUNC_01&VEN_10DE&DEV_0083&SUBSYS_10DE1B81&REV_1001), cat=, echocat=0 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Endpoint: "Lautsprecher" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21CE1-F70F-11D0-B917-00A0C9223196}, echocat=1 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Endpoint: "SMBX2231" "NVIDIA High Definition Audio" (HDAUDIO\FUNC_01&VEN_10DE&DEV_0083&SUBSYS_10DE1B81&REV_1001), cat=, echocat=0 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Endpoint: "Realtek Digital Output" "Realtek High Definition Audio" (HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_104386C7&REV_1003), cat={DFF21FE5-F70F-11D0-B917-00A0C9223196}, echocat=0 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Endpoint: "Kopfhörer" "2- Rift S" (USB\VID_2833&PID_0051&MI_02), cat={DFF21CE2-F70F-11D0-B917-00A0C9223196}, echocat=2 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.207 15412 2020 G7 VoIP: AudioControl: No VoIPRadioAudioControl installed! 2019/11/03 11:49:47.208 15412 2020 G7 VoIP: AudioControl: LoadEndpointPairSettingsFromStorage 2019/11/03 11:49:47.208 15412 2020 G7 VoIP: AudioControl: Request capturing endpoint: "UndefinedEndpoint" 2019/11/03 11:49:47.208 15412 2020 G7 VoIP: AudioControl: Request rendering endpoint: "UndefinedEndpoint" 2019/11/03 11:49:47.208 15412 2020 G7 VoIP: AudioControl: Fallback-mode = 1 2019/11/03 11:49:47.212 15412 12012 G7 CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3 2019/11/03 11:49:47.212 15412 12012 G7 New Participant added in CParticipantManager DESKTOP-FOHP40Q ([1663350025,-671648659]) 2019/11/03 11:49:47.212 18004 7716 D7 CParticipantManagerBase participant DESKTOP-FOHP40Q (ID [1663350025,-671648659]) was added with the role 3 2019/11/03 11:49:47.213 18004 7716 D7 New Participant added in CParticipantManager DESKTOP-FOHP40Q ([1663350025,-671648659]) 2019/11/03 11:49:47.213 18004 3608 D7 CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6 2019/11/03 11:49:47.213 18004 3608 D7 New Participant added in CParticipantManager WIN-8VLDG9NG6KU ([1225706102,-1115162109]) 2019/11/03 11:49:47.214 15412 2020 G7 VoIP: AudioControl: New used capturing endpoint: "Standardkommunikationsgerät" 2019/11/03 11:49:47.214 15412 12012 G7 SessionFeatureVoip::HandleEvent: AllowedToSpeak's new state = 0 2019/11/03 11:49:47.214 15412 2020 G7 VoIP: AudioControl: Previous capturing endpoint: "UndefinedEndpoint" 2019/11/03 11:49:47.214 15412 12012 G7 SessionStateVoip::SetMicrophoneState: Mic's new state = Off / old state = Disabled 2019/11/03 11:49:47.214 15412 2020 G7 VoIP: AudioControl: Previous capturing endpoint volumes: Histogram (#samples=0): 2019/11/03 11:49:47.214 15412 5868 G7 CParticipantManagerBase participant WIN-8VLDG9NG6KU (ID [1225706102,-1115162109]) was added with the role 6 2019/11/03 11:49:47.214 15412 5868 G7 New Participant added in CParticipantManager WIN-8VLDG9NG6KU ([1225706102,-1115162109]) 2019/11/03 11:49:47.215 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Created for session -671648659 2019/11/03 11:49:47.215 15412 7584 G7 VoIP: Receiver: Session -671648659: Channel created for participant [1225706102,-1115162109] called "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] 2019/11/03 11:49:47.216 15412 12012 G7 SessionFeatureVoip::HandleEvent: AllowedToSpeak's new state = 1 2019/11/03 11:49:47.222 15412 5968 G7 CPersistentParticipantManager::SendPMSynchronizationComplete 07FDF028 2019/11/03 11:49:47.222 15412 12012 G7 CParticipantManager::SynchronizationComplete: session=-671648659, this=07F4FD18 2019/11/03 11:49:47.223 15412 12012 G7 StringCompare locale: 2019/11/03 11:49:47.223 15412 5868 G7 ReadStreamParameters(): streamID=3 type=5 (StreamType_Chat), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.224 15412 5868 G7 ReadStreamParameters(): streamID=4 type=7 (StreamType_VPN), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.224 15412 5868 G7 CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=4 type=7 required=1 supported=1 2019/11/03 11:49:47.225 15412 12012 G7 PrintingDatabaseNotificationHandler::Init: successfully created event Global\tvprint_ab33b492d370482abd6608d6921e348a 2019/11/03 11:49:47.226 15412 13764 G7 VoIP: Sender: Added session -671648659. Meeting id is WIN-8VLDG9NG6KU (1 225 706 102). Our participant id is "DESKTOP-FOHP40Q (1 663 350 025)" [1663350025,-671648659]. 2019/11/03 11:49:47.226 15412 1248 G7 CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=3 type=5 required=1 supported=1 2019/11/03 11:49:47.227 15412 13764 G7 VoIP: Sender: Session -671648659: VoIP streams: Participant added: "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] 2019/11/03 11:49:47.227 15412 5868 G7 ReadStreamParameters(): streamID=5 type=26 (StreamType_VoIP_Data), source=[1663350025,-671648659], features=1, compression=1 2019/11/03 11:49:47.227 15412 13764 G7 VoIP: Sender: Session -671648659 initialized. 2019/11/03 11:49:47.227 15412 5868 G7 VoIP: Sender: Session -671648659: VoIP streams: We registered VoIPV3 data stream 5 2019/11/03 11:49:47.227 15412 16960 G7 ReadStreamParameters(): streamID=6 type=25 (StreamType_VoIP_Control), source=[1663350025,-671648659], features=1, compression=1 2019/11/03 11:49:47.227 15412 1248 G7 VoIP: Sender: Session -671648659: VoIP streams: We registered VoIPV3 control stream 6 2019/11/03 11:49:47.227 15412 1248 G7 VoIP: Sender: Session -671648659: VoIP streams: We registered all streams of VoIPV3 channel 2019/11/03 11:49:47.231 18004 21184 D7 CParticipantManager::SynchronizationComplete: session=-671648659, this=0337BFB0 2019/11/03 11:49:47.232 15412 2020 G7 VoIP: AudioControl: New used rendering endpoint: "Standardkommunikationsgerät" 2019/11/03 11:49:47.233 15412 2020 G7 VoIP: AudioControl: Previous rendering endpoint: "UndefinedEndpoint" 2019/11/03 11:49:47.232 18004 21184 D7 SendInfo() executed. 2019/11/03 11:49:47.233 15412 21400 G7 ReadStreamParameters(): streamID=7 type=1 (StreamType_Misc), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:47.234 18004 7716 D7 SendInfo() executed. 2019/11/03 11:49:47.238 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.238 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.238 15412 2020 G7 VoIP: AudioControl: No VoIPRadioAudioControl installed! 2019/11/03 11:49:47.238 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.238 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.239 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.239 15412 2020 G7 VoIP: AudioControl: Establish audio endpoint pair in pipeline 2019/11/03 11:49:47.239 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Creating new session... 2019/11/03 11:49:47.240 15412 2020 G7 VoIP: AudioControl: Audio endpointing disabled! 2019/11/03 11:49:47.240 15412 2020 G7 VoIP: VoIPRadioControl: ****** New capturing endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.240 15412 2020 G7 VoIP: VoIPRadioControl: ****** New rendering endpoint: "UndefinedEndpoint" ****** 2019/11/03 11:49:47.240 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: Build without capturer 2019/11/03 11:49:47.240 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Creating new session succeeded! 2019/11/03 11:49:47.240 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested 2019/11/03 11:49:47.240 15412 18488 G7 VoIP: Sender: ****** Audio: Voice capturer state changed to Unavailable ****** 2019/11/03 11:49:47.240 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested 2019/11/03 11:49:47.240 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Establishing audio endpoints requested 2019/11/03 11:49:47.240 15412 18488 G7 VoIP: Sender: ****** Visible sender status changed to VoiceSenderUnavailable ****** 2019/11/03 11:49:47.288 15412 12012 G7 UDPv4: sending pings...: (*) 2019/11/03 11:49:47.330 15412 12012 G7 UDPv4: UHP.PING response received: (*) 2019/11/03 11:49:47.331 15412 12012 G7 UDPv4: UHP.PING response received: (*) 2019/11/03 11:49:47.334 15412 12012 G7 UDPv4: UHP.PING response received: (*) 2019/11/03 11:49:47.334 15412 12012 G7 UDPv4: punching: (*) 2019/11/03 11:49:47.334 15412 12012 G7 UDPv4: PingOK.PunchInit: (*) 2019/11/03 11:49:47.336 15412 16960 G7 UDPv4: UHP.PING response received: (*) 2019/11/03 11:49:47.346 15412 16960 G7 CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0] 2019/11/03 11:49:47.346 18004 13928 D7 CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0] 2019/11/03 11:49:47.346 15412 1248 G7 CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0] 2019/11/03 11:49:47.346 15412 16960 G7 UDPv4: UHP.PING response received: (*) 2019/11/03 11:49:47.406 15412 5868 G7 ReadStreamParameters(): streamID=8 type=1 (StreamType_Misc), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.407 15412 16960 G7 ReadStreamParameters(): streamID=9 type=26 (StreamType_VoIP_Data), source=[1225706102,-1115162109], features=1, compression=1 2019/11/03 11:49:47.407 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner registered VoIPV3 audio stream 9 2019/11/03 11:49:47.407 15412 1248 G7 ReadStreamParameters(): streamID=10 type=25 (StreamType_VoIP_Control), source=[1225706102,-1115162109], features=1, compression=1 2019/11/03 11:49:47.407 15412 7584 G7 CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=9 type=26 required=1 supported=1 2019/11/03 11:49:47.407 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: We subscribed VoIPV3 audio stream 9 2019/11/03 11:49:47.408 15412 20856 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner registered VoIPV3 control stream 10 2019/11/03 11:49:47.408 15412 20856 G7 CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=10 type=25 required=1 supported=1 2019/11/03 11:49:47.408 15412 12012 G7 VoIP: Sender: Session -671648659: VoIP streams: Partner "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] subscribed VoIPV3 control stream. We have to send an init command. 2019/11/03 11:49:47.408 15412 20856 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: We subscribed VoIPV3 control stream 10 (waiting for init command) 2019/11/03 11:49:47.408 15412 11116 G7 ReadStreamParameters(): streamID=11 type=1 (StreamType_Misc, private), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.408 15412 18488 G7 VoIP: Sender: Session-format channel (-671648659, V3): Init VoIP channel 2019/11/03 11:49:47.408 15412 12012 G7 VoIP: Sender: Session -671648659: VoIP streams: Partners changed subscriptions and so the receiving usage of the VoIPV3 channel changed to 1 2019/11/03 11:49:47.408 15412 18488 G7 VoIP: Sender: Session-format channel (-671648659, V3): VoIPV3BCommandSender: We sent init command on stream 6 2019/11/03 11:49:47.408 15412 13764 G7 VoIP: Sender: Session-format channel (-671648659, V3): Receiving usage by partners changed to 1 2019/11/03 11:49:47.438 15412 5968 G7 ReadStreamParameters(): streamID=12 type=24 (StreamType_Clipboard, private), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.438 15412 12012 G7 ReadStreamParameters(): streamID=13 type=9 (StreamType_DragDrop, private), source=[1225706102,-1115162109], features=1, compression=2 2019/11/03 11:49:47.439 15412 12012 G7 ReadStreamParameters(): streamID=14 type=3 (StreamType_Audio), source=[1225706102,-1115162109], features=1, compression=1 2019/11/03 11:49:47.462 15412 5868 G7 UDPv4: SendUDPPunches: (*) 2019/11/03 11:49:47.551 15412 21400 G7!! DataTransceiver: DataTransceiver => DataTransceiverFileBox::HandleEvent: routerInstance is null 2019/11/03 11:49:47.551 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: VoIPBCommandReceiver: Partner sent init command on stream 10 2019/11/03 11:49:47.551 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]: Initialize to version V3 2019/11/03 11:49:47.552 18004 7716 D7 InfoCommandHandlerDesktop::ReceivedInfo: connected to 1225706102, client version is 14.7.1965 , OS=13 2019/11/03 11:49:47.552 18004 13928 D7 CacheManager::SetCleanupLimit: 26214400 2019/11/03 11:49:47.552 18004 7716 D7 DisplayQuality m=0, bpp=32, q=80, echo=-1, conRating=2, cpu=13632, capacity=36429, RTT=0, reliability=1, disable animation=1 remove wallpaper=1 2019/11/03 11:49:47.552 15412 12012 G7 ServerThreadInfo connected to 1225706102, client version is 14.7.1965 , OS=13 2019/11/03 11:49:47.552 15412 21400 G7 ReadStreamParameters(): streamID=15 type=1 (StreamType_Misc, private), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:47.553 15412 5868 G7 ReadStreamParameters(): streamID=16 type=2 (StreamType_Screen), source=[1663350025,-671648659], features=127, compression=3 2019/11/03 11:49:47.553 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Building pipeline finished 2019/11/03 11:49:47.553 15412 1248 G7 ReadStreamParameters(): streamID=17 type=10 (StreamType_ScreenVideo), source=[1663350025,-671648659], features=127, compression=1 2019/11/03 11:49:47.554 15412 5968 G7 ReadStreamParameters(): streamID=18 type=24 (StreamType_Clipboard, private), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:47.555 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Added to mixer 2019/11/03 11:49:47.555 15412 7584 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Initialized 2019/11/03 11:49:47.556 15412 5868 G7 ReadStreamParameters(): streamID=19 type=9 (StreamType_DragDrop, private), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:47.556 15412 11116 G7 CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation' 2019/11/03 11:49:47.556 15412 11116 G7 ServerThreadInfo connected to 1225706102, client version is 14.7.1965 , OS=13 2019/11/03 11:49:47.556 15412 1248 G7 MachineHooks: Start DragInterceptor 2019/11/03 11:49:47.557 19828 18672 H32 tv_w32.exe: DragInterceptor: Starting Up 2019/11/03 11:49:47.556 10100 20288 H64 tv_x64.exe: DragInterceptor: Starting Up 2019/11/03 11:49:47.557 19828 18672 H32 tv_w32.exe: DragInterceptor: started 2019/11/03 11:49:47.557 10100 20288 H64 tv_x64.exe: DragInterceptor: started 2019/11/03 11:49:47.557 15412 11116 G7 CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation' 2019/11/03 11:49:47.566 18004 836 D7 runLLHook(): ChangeThreadDesktop(): SetThreadDesktop to default successful 2019/11/03 11:49:47.568 15412 1248 G7 UDPv4: punch received a=91.90.44.21:56034: (*) 2019/11/03 11:49:47.563 19828 18672 H32 tv_w32.exe: Starting Update Hook 2019/11/03 11:49:47.563 10100 20288 H64 tv_x64.exe: Starting Update Hook 2019/11/03 11:49:47.568 15412 1248 G7 UDPv4: send UDPFLOW_PUNCHRECEIVED: (*) 2019/11/03 11:49:47.568 15412 1248 G7 UDPv4: SendUDPPunches: (*) 2019/11/03 11:49:47.568 15412 1248 G7 UDPv4: received punch: (*) 2019/11/03 11:49:47.629 18004 3608 D7 GuiWindowCheckBase::CheckForValidGUIWindows() ok 2019/11/03 11:49:47.651 15412 1248 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:47.651 15412 1248 G7 CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38 2019/11/03 11:49:47.675 15412 5968 G7 UDPv4: send UDPFLOW_MTUTESTRECEIVED (size = 448): (*) 2019/11/03 11:49:47.675 15412 11116 G7 UDPv4: send UDPFLOW_MTUTESTRECEIVED (size = 1008): (*) 2019/11/03 11:49:47.707 15412 5968 G7 UDPv4: send UDPFLOW_UDPSENDPOSSIBLE: (*) 2019/11/03 11:49:47.707 15412 1248 G7 UDPv4: send UDPFLOW_UDPSENDPOSSIBLE: (*) 2019/11/03 11:49:47.821 15412 11116 G7! UHP.DispatchCmd: ignore ccmd type 111 2019/11/03 11:49:47.826 15412 11116 G7 UDPv4: UDP prepare switch received: (*) 2019/11/03 11:49:47.827 15412 11116 G7 UDPv4: [2]: create udp connection was successful: (*) 2019/11/03 11:49:47.827 15412 1248 G7 UDPv6: [2]: create udp connection was not successful: UdpHolePuncher shutting down: (*) 2019/11/03 11:49:47.827 15412 11116 G7!! EmergingUdpConnection[2]::AsyncReceiveHandler receive failed e=10009 2019/11/03 11:49:47.827 15412 1248 G7! UdpConnection[3]: UDP statistics: nb=7 2019/11/03 11:49:47.827 15412 11116 G7 CarrierContainer.SendCarrierSwitch: state=1, carrier=2 2019/11/03 11:49:47.878 18004 5596 D7 CGrabMethodDuplication::Initialize() m_State=1 2019/11/03 11:49:47.885 18004 5596 D7 first fullscreen grab time in ms = 6 2019/11/03 11:49:47.896 18004 5596 D7! Desktop: Grabbed screen is black. 2019/11/03 11:49:47.897 18004 3608 D7 Desktop grab succeeded. 2019/11/03 11:49:47.950 18004 5596 D7 Desktop: Grabbed screen is ok. 2019/11/03 11:49:48.037 18004 896 D7 ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation' 2019/11/03 11:49:48.038 18004 896 D7 InfoCommandHandlerDesktop::ReceivedInfo: connected to 1225706102, client version is 14.7.1965 , OS=13 2019/11/03 11:49:48.038 18004 896 D7 DisplayQuality m=0, bpp=8, q=60, echo=-1, conRating=0, cpu=13632, capacity=0, RTT=0, reliability=2, disable animation=1 remove wallpaper=1 2019/11/03 11:49:48.243 18004 896 D7 ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed', SessionRecording='Allowed', ExecuteScripts='After confirmation' 2019/11/03 11:49:48.244 18004 896 D7 StreamControlDesktop::StreamRegistered: Registered Clipboard Stream (00000012) 2019/11/03 11:49:48.244 18004 896 D7 StreamControlDesktop::StreamRegistered: Registered Drag&Drop Stream (00000013) 2019/11/03 11:49:48.244 18004 896 D7 tvdesktop::MachineControlDesktop::Received_AutoLockOnSessionEnd - received lockWSAfterSessionEnd = false, cp = 0620B478, this = 0655D36C 2019/11/03 11:49:48.244 18004 896 D7 WorkstationLocker::SetAutoLockOnSessionEnd() TVSessionID: -671648659 lock: 0 can lock: 1 2019/11/03 11:49:48.244 18004 896 D7 tvdesktop::MachineControlDesktop::Received_AutoLockOnSessionEnd - received lockWSAfterSessionEnd = false, cp = 0620B478, this = 0655D36C 2019/11/03 11:49:48.244 18004 896 D7 WorkstationLocker::SetAutoLockOnSessionEnd() TVSessionID: -671648659 lock: 0 can lock: 1 2019/11/03 11:49:48.259 18004 896 D7 Desktopencoding: Tiles, buffer depth=32bpp, transmitted color depth=4bpc, features=127 2019/11/03 11:49:48.270 18004 896 D7 Tile caching activated. Size divisor 1 2019/11/03 11:49:48.277 18004 896 D7 CScreenStreamSender::SendDisplayParams() 2560x1080x8 on 16 to 3 2019/11/03 11:49:48.277 15412 11116 G7 RA: RemoteAudioSender get started 2019/11/03 11:49:48.277 15412 12012 G7 StreamCompressor[2]: change compression to ZLibLevel6 for stream 16 2019/11/03 11:49:48.277 15412 11116 G7 RA: Control stream will get created 2019/11/03 11:49:48.285 15412 11116 G7 ReadStreamParameters(): streamID=20 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:48.285 15412 11116 G7 RA: Controlstream succesfull registered with id 20 2019/11/03 11:49:49.736 7016 18492 H64 explorer.exe: ResumeAllThreads: resumed 77 threads, max count 77 2019/11/03 11:49:49.736 7016 18492 H64 explorer.exe: DragInterceptor: interception successful (new interface) 2019/11/03 11:49:50.133 15412 11116 G7 RA: quality suggestion by capacity measurement: (350) 2019/11/03 11:49:50.133 18004 896 D7 Max cache size: 198.40 MB for stream 16 2019/11/03 11:49:50.133 15412 11116 G7 RA: Audio quality set to 32000 2019/11/03 11:49:50.133 18004 896 D7 CacheManager::SetCleanupLimit: 69345826 2019/11/03 11:49:50.133 15412 11116 G7 RA: Control stream will get created 2019/11/03 11:49:50.133 15412 12012 G7! CStreamManager::StreamUnregistered: Could not find outgoing stream 20 2019/11/03 11:49:50.134 15412 11116 G7 ReadStreamParameters(): streamID=21 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:49:50.134 15412 5968 G7 RA: Controlstream succesfull registered with id 21 2019/11/03 11:49:50.134 18004 896 D7 Received cache version 2 from [1225706102,-1115162109] 2019/11/03 11:49:50.134 18004 13340 D7 Max cache size: 195.20 MB for stream 16 2019/11/03 11:49:50.134 18004 13340 D7 CacheManager::SetCleanupLimit: 68227345 2019/11/03 11:49:50.141 15412 5968 G7 CarrierContainer.ProcessCarrierSwitch: state=2, carrier=2 2019/11/03 11:49:50.141 15412 5968 G7 Activating UDP carrier ... 2019/11/03 11:49:50.243 18004 3076 D7 Caching activated, partners version is 2, own version is 2 2019/11/03 11:49:50.340 18004 3076 D7 Max cache size: 192.00 MB for stream 16 2019/11/03 11:49:50.340 18004 3076 D7 CacheManager::SetCleanupLimit: 67108864 2019/11/03 11:49:50.354 15412 11116 G7 ReadStreamParameters(): streamID=22 type=11 (StreamType_RemoteAudio), source=[1663350025,-671648659], features=1, compression=1 2019/11/03 11:49:50.354 15412 11116 G7 RA: Datastream registered with id 22 2019/11/03 11:49:50.373 15412 5968 G7 UdpOutputTracker(): max 0 effectiveSent 89 RTT 0 2019/11/03 11:49:50.473 15412 11116 G7 RA: New remote audio data subscriber added [1225706102,-1115162109] 2019/11/03 11:49:53.270 15412 5868 G7 UdpOutputTracker(): max 89 effectiveSent 2530 RTT 99860 2019/11/03 11:49:53.985 15412 11116 G7 UdpOutputTracker(): max 2530 effectiveSent 5768 RTT 99860 2019/11/03 11:49:53.996 18004 13928 D7 GlyphEncoderColorCache::CleanUp(): removed 924 colors from cache 2019/11/03 11:49:54.116 15412 12012 G7 UdpOutputTracker(): max 5768 effectiveSent 32379 RTT 99860 2019/11/03 11:49:59.734 15412 12012 G7 Estimated RTT to Router: 49 ms, Reliability: 3, Carrier: 1 2019/11/03 11:50:00.036 18004 7716 D7 DisplayQuality m=0, bpp=8, q=60, echo=125, conRating=0, cpu=13632, capacity=0, RTT=113991, reliability=2, disable animation=1 remove wallpaper=1 2019/11/03 11:50:02.771 15412 16960 G7 UdpOutputTracker(): max 32379 effectiveSent 39013 RTT 98586 2019/11/03 11:50:06.817 15412 12012 G7 StreamCompressionSelectorOutgoing: switching compression to 10 (bandwidth 118028, lan=0) 2019/11/03 11:50:06.817 15412 12012 G7 RA: quality suggestion by capacity measurement: (944229) 2019/11/03 11:50:06.817 15412 12012 G7 RA: Audio quality set to 120000 2019/11/03 11:50:06.817 15412 21196 G7 RA: Stopping capturing thread 2019/11/03 11:50:06.817 15412 21196 G7 RA: LoopbackCapture with 2 discon events within 16531 ms 2019/11/03 11:50:06.817 15412 8288 G7 RA: RemoteAudioSender stopped 2019/11/03 11:50:06.817 15412 12012 G7 RA: LoopBackCapture stopped 2019/11/03 11:50:06.819 15412 12012 G7 RA: RemoteAudioSender stopping... 2019/11/03 11:50:06.819 15412 12012 G7 RA: Control stream will get created 2019/11/03 11:50:06.819 15412 16960 G7! CStreamManager::StreamUnregistered: Could not find outgoing stream 21 2019/11/03 11:50:06.819 15412 21400 G7! CStreamManager::StreamUnregistered: Could not find outgoing stream 22 2019/11/03 11:50:06.820 15412 21400 G7 ReadStreamParameters(): streamID=23 type=12 (StreamType_RemoteAudioControl), source=[1663350025,-671648659], features=1, compression=2 2019/11/03 11:50:06.820 15412 5868 G7 RA: Controlstream succesfull registered with id 23 2019/11/03 11:50:06.927 15412 15044 G7 StreamCompressor[2]: change compression to LZ4 for stream 16 2019/11/03 11:50:06.995 15412 16960 G7 StreamCompressor[2]: change compression to LZ4 for stream 15 2019/11/03 11:50:06.998 15412 16960 G7 StreamCompressor[2]: change compression to LZ4 for stream 7 2019/11/03 11:50:07.075 15412 21400 G7 ReadStreamParameters(): streamID=24 type=11 (StreamType_RemoteAudio), source=[1663350025,-671648659], features=1, compression=1 2019/11/03 11:50:07.075 15412 21400 G7 RA: Datastream registered with id 24 2019/11/03 11:50:07.174 15412 16960 G7 RA: New remote audio data subscriber added [1225706102,-1115162109] 2019/11/03 11:50:08.916 15412 15044 G7 UdpOutputTracker(): max 39013 effectiveSent 44092 RTT 98545 2019/11/03 11:50:11.787 15412 5868 G7 Estimated RTT to 1225706102: 110 ms, Reliability: 3, Carrier: 2 2019/11/03 11:50:12.792 15412 17700 G7 CMainWindow::InitCloseTV(): Prepare to close TeamViewer 2019/11/03 11:50:12.793 15412 17700 G7!! DataTransceiver: DataTransceiver => DataTransceiverBaseInstance::AbortTransfer: m_transferProtocol is null 2019/11/03 11:50:12.793 15412 17700 G7 RA: RemoteAudioSender get stopped 2019/11/03 11:50:12.793 15412 1748 G7 RA: Stopping capturing thread 2019/11/03 11:50:12.793 15412 1748 G7 RA: LoopbackCapture with 2 discon events within 5765 ms 2019/11/03 11:50:12.793 15412 12992 G7 RA: RemoteAudioSender stopped 2019/11/03 11:50:12.793 15412 17700 G7 RA: LoopBackCapture stopped 2019/11/03 11:50:12.795 15412 17700 G7 RA: RemoteAudioSender stopping... 2019/11/03 11:50:12.795 15412 16960 G7! CStreamManager::StreamUnregistered: Could not find outgoing stream 24 2019/11/03 11:50:12.795 15412 21400 G7! CStreamManager::StreamUnregistered: Could not find outgoing stream 23 2019/11/03 11:50:12.797 15412 11116 G7 CPersistentParticipantManager::RemoveParticipant: [1663350025,-671648659] 2019/11/03 11:50:12.797 15412 11116 G7 CStreamManager::ParticipantRemoved: Our own participant was removed, we must terminate our session 2019/11/03 11:50:12.797 15412 17700 G7 RA: RemoteAudioSender get stopped 2019/11/03 11:50:12.797 15412 18488 G7 VoIP: Sender: Removed session -671648659 2019/11/03 11:50:12.798 15412 12012 G7! UdpConnection[4]: UDP statistics: scf=110 nb=138 2019/11/03 11:50:12.798 15412 1248 G7 CarrierContainer.SendCarrierSwitch: state=2, carrier=1 2019/11/03 11:50:12.798 15412 1248 G7 UdpCarrierDeactivationState::DiscloseStateToCarrier: flush send buffer to partner (1 commands) 2019/11/03 11:50:12.798 15412 1248 G7 Activating Router carrier 2019/11/03 11:50:12.842 15412 12012 G7! Carrier[2]::EndCarrierInternal: Discarded 2 commands, ClientID 1225706102, ShutdownGracefully 1, SessionType_RoutingSession 2019/11/03 11:50:12.842 15412 12012 G7 ConnectionGuard: no restrictions 2019/11/03 11:50:12.842 15412 18932 G7 VoIP: Receiver: Remove channels of all participants of session -671648659 2019/11/03 11:50:12.842 15412 18932 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): Removed from mixer 2019/11/03 11:50:12.843 15412 17340 G7 Periods (in ms): Variability (#samples=0): (Undefined) 2019/11/03 11:50:12.843 15412 18932 G7 VoIP: Receiver: Session -671648659: Channel removed for participant [1225706102,-1115162109] called "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] 2019/11/03 11:50:12.843 15412 17340 G7 Periods (in ms): Histogram (#samples=0): avg=0.000000, 2019/11/03 11:50:12.843 15412 18932 G7 VoIP: Receiver: Participant channel "WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109] (V3): JitterBuffer statistics block (JBS V5) (StreamId=9): ------------------- 2019/11/03 11:50:12.843 15412 18932 G7 JBS ("WIN-8VLDG9NG6KU (1 225 706 102)" [1225706102,-1115162109]): JitterBuffer was permanently shut! 2019/11/03 11:50:12.843 15412 18932 G7 VoIP: Receiver: Removed session -671648659 2019/11/03 11:50:12.845 15412 12012 G7 SessionStatistics[2] Session to 1225706102 ended. Estimated capacity=944229kBit/s, Latency=110ms 2019/11/03 11:50:12.846 15412 12012 G7 DesktopProcessControl::StopDesktopProcess terminate process 18004 in session 7 2019/11/03 11:50:12.846 15412 12012 G7 InterProcessNetwork::TerminateProcessInSession session=7, ptype=4 2019/11/03 11:50:12.846 18004 3608 D7 SessionManagerDesktop::SessionTerminate: removing session with TVSessionID = -671648659 2019/11/03 11:50:12.846 18004 3608 D7 WorkstationLocker::OnSessionEnd() TVSessionID: -671648659 2019/11/03 11:50:12.895 15412 17700 G7 CMainWindow::OnDestroy(): Closing TeamViewer 2019/11/03 11:50:12.902 15412 17700 G7 Chat::Stop: Stopping chat 2019/11/03 11:50:12.902 15412 17700 G7 ChatManager::UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration 2019/11/03 11:50:12.902 15412 17700 G7 IncomingCommandRegistration::Stop: disconnecting ready state properties 2019/11/03 11:50:12.902 15412 17700 G7 IncomingCommandRegistration::UnregisterIncomingCommands: Unregistering incoming commands 2019/11/03 11:50:12.902 15412 17700 G7 InterProcessBase::SecureNetworkCallbackHandle destroyed (RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb) 2019/11/03 11:50:12.902 15412 11116 G7 SecureNetworkIPCAdapter::UnregisterSharedBCmdCallback(): RegistrationID: 0e42c72e-be3e-4104-b807-406aeba18acb 2019/11/03 11:50:12.902 15412 12012 G7 ChatManager::Close 2019/11/03 11:50:12.902 15412 12012 G7 ChatManager::UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration 2019/11/03 11:50:12.902 15412 12012 G7 ChatManager::ClearAccountChat: clearPersistently = 0 2019/11/03 11:50:12.902 15412 12012 G7 ChatManager::ClearNonAccountChat 2019/11/03 11:50:12.902 15412 12012 G7 ChatManager::~ChatManager: destroyed 2019/11/03 11:50:12.902 15412 12012 G7 IncomingBetterChatCommandHandler::IncomingBetterChatCommandHandler: destroyed 2019/11/03 11:50:12.903 15412 17700 G7 TrayIcon HWND does not exist! 2019/11/03 11:50:12.903 15412 20112 G7 MachineHooks: got quit event 2019/11/03 11:50:12.904 15412 17700 G7 MachineHooks: Stop DragInterceptor 2019/11/03 11:50:12.904 15412 17700 G7 ~MachineHooks: refcount = 1 2019/11/03 11:50:12.932 15412 17700 G7 VoIP: DestroyComponents start 2019/11/03 11:50:12.932 15412 18488 G7 VoIP: Sender: Terminate 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: TickUsersAndSinksHub: Stopping tick usage... 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: Audio pipeline: TickUsersHub: Stopping tick usage... 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: EndTickUsage 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: Audio pipeline: TickUsersHub: Tick usage stopped by all users 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: TickUsersAndSinksHub: Tick usage stopped by all users 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: Audio pipeline: StopTicking called 2019/11/03 11:50:12.932 15412 18932 G7 VoIP: Receiver: Terminate 2019/11/03 11:50:12.932 15412 13764 G7 VoIP: Sender: Audio pipeline: Terminate 2019/11/03 11:50:12.933 15412 18488 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: StopTicking called 2019/11/03 11:50:12.933 15412 18932 G7 VoIP: Receiver: Audio pipeline: Channel-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Variability (#samples=0): (Undefined) 2019/11/03 11:50:12.933 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: TerminatePipeline called 2019/11/03 11:50:12.933 15412 18932 G7 VoIP: Receiver: Audio pipeline: Channel-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Histogram (#samples=0): avg=0.000000, 2019/11/03 11:50:12.933 15412 18488 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturerSession #0: ****** Terminate ****** 2019/11/03 11:50:12.933 15412 13764 G7 VoIP: Sender: Audio pipeline: RebuildingAutoVoiceCapturer: Session terminated (RebuildingAutoVoiceCapturerSession #0) 2019/11/03 11:50:12.933 15412 18932 G7 Periods (in ms): Variability (#samples=0): (Undefined) 2019/11/03 11:50:12.933 15412 18488 G7 VoIP: Sender: ****** Audio: Voice capturer state changed to Uninitialized ****** 2019/11/03 11:50:12.933 15412 18932 G7 Periods (in ms): Histogram (#samples=0): avg=0.000000, 2019/11/03 11:50:12.933 15412 18488 G7 VoIP: Sender: ****** Visible sender status changed to VoiceSenderMainStatusUndefined ****** 2019/11/03 11:50:12.933 15412 18932 G7 VoIP: Receiver: Audio pipeline: Final-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Variability (#samples=0): (Undefined) 2019/11/03 11:50:12.933 15412 18932 G7 VoIP: Receiver: Audio pipeline: Final-mixer FusionPipe (a FusionPipeImplementation): TickStreamChannel: Periods (in ms): Histogram (#samples=0): avg=0.000000, 2019/11/03 11:50:12.934 15412 1248 G7 VoIP: Receiver: ThreadPool: StopThreads 2019/11/03 11:50:12.934 15412 17700 G7! VoIP: Sender: Audio pipeline: AutoVoiceCapturer data ticking: Periods (in ms): Variability (#samples=0): (Undefined) 2019/11/03 11:50:12.934 15412 17700 G7! VoIP: Sender: Audio pipeline: AutoVoiceCapturer data ticking: Periods (in ms): Histogram (#samples=0): avg=0.000000, 2019/11/03 11:50:12.934 15412 12012 G7 Sender ThreadpoolThreadPool: StopThreads 2019/11/03 11:50:12.935 15412 17700 G7 VoIP: DestroyComponents end 2019/11/03 11:50:12.935 15412 11116 G7 VoIP: AudioControl (a ThreadPool): StopThreads 2019/11/03 11:50:12.952 15412 5868 G7!! InterProcessBase::ProcessControlCommand Command 19 not handled 2019/11/03 11:50:12.952 15412 17700 G7 VoIP: Destructor 2019/11/03 11:50:12.952 15412 17700 G7 InterProcessBase::SecureNetworkCallbackHandle destroyed (RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a) 2019/11/03 11:50:12.953 15412 5868 G7 SecureNetworkIPCAdapter::UnregisterSharedBCmdCallback(): RegistrationID: 90f2c304-c79c-481d-aaff-5b496ec7c47a 2019/11/03 11:50:12.953 15412 17700 G7 interprocessbase::SecureNetwork destroyed 2019/11/03 11:50:12.953 15412 5868 G7 InterProcessNetwork: Received DisconnectIPC from processID 15412 (ProcessType: 2 in Session 7) with reason 1 2019/11/03 11:50:12.953 15412 5868 G7 InterProcessBase::EventFunctionInternal(): IPC-Connection Closed 2019/11/03 11:50:12.953 15412 1248 G7 InterProcessNetwork::ProcessDisconnected(): ConnectionClosed session=7 ptype=2 2019/11/03 11:50:12.953 15412 11116 G7 NetworkControl::UpdateOnlineState alwaysOnline=0 delayOffline=0 otherProcess=0 restart=0 2019/11/03 11:50:12.953 15412 11116 G7 TeamViewer is going offline! 2019/11/03 11:50:12.954 15412 17700 G7!! SpecificThreadCallWin::~SpecificThreadCallWin(): m_PostCallbacks not empty 2019/11/03 11:50:12.954 15412 5968 G7 NetworkControl shutdown started 2019/11/03 11:50:13.043 15412 1248 G7 SecureNetworkConnection::SendCallbackHandler(): [ remoteID: 13 connection: 4079818667 remoteConnection: 0 ], Error: RCommand (Cancel) 2019/11/03 11:50:13.043 15412 1248 G7 SecureNetworkConnection::SendCallbackHandler(): [ remoteID: 13 connection: 4079818667 remoteConnection: 0 ] Resetting connection due to error RCommand (Cancel) 2019/11/03 11:50:13.043 15412 1248 G7 RetryHandle::HandleRetry(): Trying resend to 13 failed with error RCommand:3, not retrying (2 retries would remain) BCmd: CC=19 CT=3 2019/11/03 11:50:13.043 15412 1248 G7! ConfigurationControllerImpl::HandleProviderUnregistrationResponse(): unregister failed with error RCommand:3 2019/11/03 11:50:13.043 15412 5968 G7!! SecureNetworkHandshake::ReceiveAckCallback: [remote ID: 13, connection ID: 4079818667] errorcode: Cancel(3) 2019/11/03 11:50:13.044 15412 1248 G7 TVRouterClock Schedule next request in 0 seconds 2019/11/03 11:50:13.044 15412 1248 G7! KeepAliveSessionOutgoing::ConnectEndedHandler(): KeepAliveConnection[1] with router11.teamviewer.com ended 2019/11/03 11:50:13.045 15412 11116 G7 SHMR: Destroying shared memory 2019/11/03 11:50:13.045 15412 5968 G7 CAcceptServer::HandleAccept: socket closed 2019/11/03 11:50:13.045 15412 11116 G7 RemoteSessionManager::ClearAllRemoteSessions(): RemoteSession Count: 0 2019/11/03 11:50:13.045 15412 17700 G7 NetworkControl shutdown done 2019/11/03 11:50:13.012 7016 18492 H64 explorer.exe: DragInterceptor: restored interface (v2) 2019/11/03 11:50:13.012 7016 18492 H64 explorer.exe: dll can unload now 2019/11/03 11:50:13.226 18004 5596 D7 DesktopThread ended 2019/11/03 11:50:13.230 18004 3608 D7 DesktopThread stopped 2019/11/03 11:50:13.231 18004 3608 D7 tvdesktop::InputBlocker::Shutdown(false) 2019/11/03 11:50:13.231 18004 3608 D7 tvdesktop::InputBlocker::EnableInputAsync(true) 2019/11/03 11:50:13.231 18004 3608 D7 tvdesktop::UserInteractionHelper::SendInputChangedCmd : inputDisabled:0; blackScreenEnabled: 0 2019/11/03 11:50:13.231 18004 3608 D7 tvdesktop::BlackScreen::Shutdown(0) 2019/11/03 11:50:13.231 18004 3608 D7 CollectionOrchestrator::~CollectionOrchestrator() 2019/11/03 11:50:13.232 18004 1824 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5 2019/11/03 11:50:13.232 18004 13928 D7 Received Control_TerminateProcess 2019/11/03 11:50:13.232 18004 15196 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5 2019/11/03 11:50:13.233 18004 13928 D7 Received Control_TerminateProcess 2019/11/03 11:50:13.234 18004 13928 D7 Received Control_DisconnectIPC processtype=2 2019/11/03 11:50:13.234 18004 13928 D7 Received Control_DisconnectIPC processtype=2 2019/11/03 11:50:13.264 18004 15736 D7 tvdesktop::InputBlocker::Shutdown(false) 2019/11/03 11:50:13.264 18004 15736 D7 tvdesktop::InputBlocker::EnableInputAsync(true) 2019/11/03 11:50:13.264 18004 15736 D7 tvdesktop::UserInteractionHelper::SendInputChangedCmd : inputDisabled:0; blackScreenEnabled: 0 2019/11/03 11:50:13.264 18004 1824 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5 2019/11/03 11:50:13.264 18004 15196 D7!! InputBlocker: Touch redirection failed. Enable: 1, Error code: 5, Errorcode=5 2019/11/03 11:50:13.264 18004 15736 D7 tvdesktop::BlackScreen::Shutdown(0) 2019/11/03 11:50:13.264 18004 15736 D7! CDesktop_Win::ShutDown(): Failed to reset the timer resolution. 2019/11/03 11:50:13.265 18004 15736 D7 ~MachineHooks: refcount = 0 2019/11/03 11:50:13.265 18004 15736 D7 MachineHooks: Stopping Loaders! 2019/11/03 11:50:13.265 18004 15736 D7 interprocessbase::SecureNetwork destroyed 2019/11/03 11:50:13.266 15412 1248 G7 InterProcessNetwork: Received DisconnectIPC from processID 18004 (ProcessType: 4 in Session 7) with reason 4 2019/11/03 11:50:13.266 18004 13928 D7 CTcpProcessConnector::HandleRead(): Socket gracefully closed (PID=15412) 2019/11/03 11:50:13.266 15412 1248 G7 DesktopProcessControl::ProcessDisconnected: terminating process pid 18004 in session 7 disconnected 2019/11/03 11:50:13.266 18004 13928 D7 CTcpProcessConnector::CloseConnection(): PID=15412 2019/11/03 11:50:13.266 18004 13928 D7 InterProcessBase::EventFunctionInternal(): IPC-Connection Closed 2019/11/03 11:50:13.266 18004 13928 D7 CTcpProcessConnector::CloseConnection(): PID=15412 2019/11/03 11:50:13.266 15412 11116 G7 CTcpProcessConnector::HandleRead(): Socket gracefully closed (PID=18004) 2019/11/03 11:50:13.266 15412 11116 G7 CTcpProcessConnector::CloseConnection(): PID=18004 2019/11/03 11:50:13.266 15412 11116 G7 InterProcessNetwork::ProcessDisconnected(): ConnectionClosed session=7 ptype=4 2019/11/03 11:50:13.267 10100 20288 L64 Exit 2019/11/03 11:50:13.268 19828 18672 L32 Exit 2019/11/03 11:50:13.321 15412 21932 G7 DesktopProcessControl::OnProcessTerminated: Process 18004 in session 7 has terminated |
03.11.2019, 13:15 | #3 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PCZitat:
__________________ |
03.11.2019, 13:22 | #4 | |
| Versuchter Teamviewer missbrauch auf meinen PCZitat:
Grüße |
03.11.2019, 13:23 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PC Du crackst also gerne Programme, Borderlands 3 wolltest du ja auch über JDownloader runterladen. Lesestoff: Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
03.11.2019, 13:25 | #6 |
| Versuchter Teamviewer missbrauch auf meinen PC Gerne entferne ich Vegas, wie kann ich Ihnen eine Deinstallation beweisen ? Grüße |
03.11.2019, 13:29 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PC Da muss noch mehr an unnötigem oder altem Krempel runter, das u.g. auch deinstallieren und dann neue Logs mit FRST. Adobe Flash Player 32 PPAPI Ashampoo WinOptimizer 14 Ashampoo WinOptimizer 16 Bitdefender Agent Bitdefender Internet Security Bitdefender VPN IObit Uninstaller 9 Java 8 Update 211 (64-bit) PDFCreator Updater WinRAR 5.50 (64-Bit) Vegas Pro 13.0 (64-bit)
__________________ Logfiles bitte immer in CODE-Tags posten |
03.11.2019, 13:34 | #8 | |
| Versuchter Teamviewer missbrauch auf meinen PCZitat:
Folgende Anwendungen wurden rechtmäßig erworben: Ashampoo WinOptimizer 14 Ashampoo WinOptimizer 16 Bitdefender Agent Bitdefender Internet Security Bitdefender VPN Folgende Anwendungen bieten eine konstenlose Testversion an, bzw sind konstenlos: Flashplayer !?!? WinRAR 5.50 (64-Bit) IObit Uninstaller 9 PDFCreator Java Damit verbleibt mir nur Vegas zu entfernen. Bitte erläutern Sie mir wieso ich Gratis-Tools sowie gekaufte Lizenzen entfernen soll? Grüße (Vegas bereits entfernt, logs kommen sobald wir das obige Problem erläutert haben) Geändert von TrainandGame (03.11.2019 um 13:52 Uhr) |
03.11.2019, 13:51 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PC Bitte richtig lesen. Da steht nirgends, dass das runter muss weil illegal. So ein Schrott wie WinOptimizer oder auch TuneUp machen Windows kaputt. Und Security Suites waren schon immer kontraproduktiver Müll, wenn nahm man früher einen reinen Virenscanner - heute ist nicht mehr nötig, da Windows 10 den Windows Defender hat.
__________________ Logfiles bitte immer in CODE-Tags posten Geändert von cosinus (03.11.2019 um 14:19 Uhr) Grund: typo |
03.11.2019, 13:57 | #10 | |
| Versuchter Teamviewer missbrauch auf meinen PCZitat:
Aber eben nicht alles, wieso ich WinRaR z.B entfernen sollte erschließt sich mir nicht als Windows Nutzer. Bei der Wahl meines Antivir bitte ich ebenfalls meine Entscheidung dahingehend zu respektieren und persönliche Empfehlungen hier zurückzuhalten. Gerne entferne ich alles, was einen Regelverstoß ergibt, jedoch nicht was aus persönlichen Meinungen entsteht und nicht in Konflikt mit den Boardregeln steht oder nicht Teil meines Problems ist Trotzdem danke ich Ihnen für Ihre Hilfe, diverse Programme habe ich entfernt. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019 durchgeführt von sasch (Administrator) auf DESKTOP-FOHP40Q (03-11-2019 13:54:44) Gestartet von C:\Users\sasch\Desktop Geladene Profile: sasch (Verfügbare Profile: sasch & OVRLibraryService) Platform: Windows 10 Pro Version 1809 17763.805 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Opera Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\WO16.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systèmes SolidWorks Corp.) [Datei ist nicht signiert] C:\SolidWorks_Flexnet_Server\sw_d.exe (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe (Flexera Software LLC -> Flexera Software LLC) C:\SolidWorks_Flexnet_Server\lmgrd.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectMonitor.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KinectService.exe (Microsoft Corporation -> ) C:\Windows\System32\Kinect\KStudioHostService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Oculus VR, LLC -> ) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\63.0.3368.107\opera_crashreporter.exe (Razer USA Ltd. -> ) C:\Windows\System32\RZSurroundHelper.exe (Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-04-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\Syswow64\cm108.dll [13463552 2014-03-11] (C-Media Corporation) [Datei ist nicht signiert] HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner2.exe [4507552 2019-02-18] (Ashampoo GmbH & Co. KG -> ) HKLM\...\Run: [RZSurroundHelper] => C:\WINDOWS\system32\RZSurroundHelper.exe [382704 2019-06-07] (Razer USA Ltd. -> ) HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [456088 2019-10-13] (Bitdefender SRL -> Bitdefender) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SE61T-UserTools] => C:\Program Files (x86)\uRage Reaper nxt\uRage Reaper nxt..exe [1976832 2015-05-22] (TODO: <公司名>) [Datei ist nicht signiert] HKLM-x32\...\Run: [SKILLER SGK4] => C:\Program Files (x86)\SKILLER SGK4\Monitor.exe [503808 2018-06-23] (Sharkoon Technologies) [Datei ist nicht signiert] HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [OculusTrayTool] => C:\Program Files (x86)\Oculus Tray Tool\OculusTrayTool.exe [1404928 2019-07-04] (ApollyonVR) [Datei ist nicht signiert] HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1788400 2018-09-28] (LG Electronics Inc. -> TODO: <Company name>) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3278288 2019-10-30] (Valve -> Valve Corporation) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [Discord] => C:\Users\sasch\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27146448 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7611464 2019-09-15] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\MountPoints2: {4725549b-7809-11e9-a081-3497f6383a15} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\MountPoints2: {95a01ebb-b136-11e9-a093-3497f6383a15} - "E:\HiSuiteDownLoader.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2019 Fast Start.lnk [2019-08-24] ShortcutTarget: SOLIDWORKS 2019 Fast Start.lnk -> C:\Windows\Installer\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [Datei ist nicht signiert] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Hintergrund-Downloader.lnk [2019-08-24] ShortcutTarget: SOLIDWORKS Hintergrund-Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) InternetURL: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FileHoster.url -> URL: file:///C:/Users/sasch/AppData/Roaming/FileHoster.exe Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-05-31] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Open Source Developer, Thomas Markham -> Rainmeter) Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-05-31] ShortcutTarget: Twitch.lnk -> C:\Users\sasch\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1672496E-8949-4FE5-AD2B-20D44B677148} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1F8F6DDB-823D-43C7-8B33-AD0C996414C2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {214B26C2-8FF0-4865-9FBE-4CBD4D1651F4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {30E93B17-5356-439F-ABDF-594D13945A19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {50BC001F-2F25-4FDC-82FF-05812E1F6D0F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {59CB7FB3-FF1E-46E8-B7FE-776D2198F5B3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7AB61240-F9FB-4CB4-A4B4-D36962A48325} - System32\Tasks\Opera scheduled Autoupdate 1522585103 => C:\Program Files\Opera\launcher.exe [1520152 2019-10-04] (Opera Software AS -> Opera Software) Task: {8433E01D-46B8-4A8F-A0D6-5597F7850AFC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9078D9A6-0D40-4062-AE42-FB79F5D0C38A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {B6CAB73E-BF80-4907-84EB-A2D40E0E2A1E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CC008A8A-1A87-4522-A837-597E2A16E955} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D0FDB901-7672-42FD-A94F-2A85CA6F7504} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4463936 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {D4F37BBB-1665-4CF6-8233-CF5BE0E0F003} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {DEE255EC-1CA1-47F2-B494-42E572822A9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4463936 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {E0E96138-7828-4507-8E78-9803A42226A0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E3D89EF0-AB17-4324-998D-31FAF755B151} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {ED0ADD49-A216-4EA5-8C1D-173B1B74E274} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EFDD1EF4-191B-4276-8D07-F3EB13F06472} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender) Task: {F0C88797-E65D-4476-B6A1-2B593B971756} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27289376 2019-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {F7CD9F9F-2AEC-4F6E-9C9E-B025542051DE} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [522504 2019-10-16] (Bitdefender SRL -> Bitdefender) Task: {F8D4F491-9E9D-4D6A-88BA-9B9F145D5E6C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FC694FF9-3A60-435F-A2C7-13DCC7691437} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79082cd2-0b75-4890-b797-d9a2c11443f7}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00 SearchScopes: HKU\S-1-5-21-1368799669-3117233153-4274516567-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-1368799669-3117233153-4274516567-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender) BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2019-10-16] (Bitdefender SRL -> Bitdefender) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-05] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 75ixojxb.default FF DefaultProfile: d8v3etzk.default FF ProfilePath: C:\Users\sasch\AppData\Roaming\Supermedium\Profiles\75ixojxb.default [2019-07-13] FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\d8v3etzk.default [2019-08-17] FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\b0vvmwdj.default-release [2019-10-13] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-09-22] FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-10-16] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-03-06] [] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\NPCOMP~1.DLL [2018-12-26] (Dassault Systemes SE -> Dassault Systemes) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\x86\NPCOMP~1.DLL [2018-12-26] (Dassault Systemes SE -> Dassault Systemes) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-10-04] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-10-04] <==== ACHTUNG Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Notifications: hxxps://coin-update.de; hxxps://coincierge.de; hxxps://de.cointelegraph.com; hxxps://ethereumworldnews.com; hxxps://web.whatsapp.com; hxxps://www.desktophut.com; hxxps://www.instagram.com; hxxps://www.pcwelt.de; hxxps://www.reddit.com; hxxps://www.tradingview.com OPR StartupUrls: OPR Extension: (MyJDownloader Browser Extension) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-06-07] OPR Extension: (WhatsApp Launcher) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\hagnfpbbhgmdlpfclekicpodfeoakino [2019-07-30] OPR Extension: (Whatsapp™ For PC) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\jjimieccdnabogjoebnblfaahgipddcm [2018-11-21] OPR Extension: (uBlock Origin) - C:\Users\sasch\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-10-13] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [322432 2019-06-04] (AnchorFree Inc -> AnchorFree Inc.) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-23] (Bitdefender SRL -> Bitdefender) R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [471120 2019-10-13] (Bitdefender SRL -> Bitdefender) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-05-05] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11636808 2019-10-18] (Microsoft Corporation -> Microsoft Corporation) S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [49704 2019-02-15] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe [406016 2019-02-18] (mst software GmbH, Germany) [Datei ist nicht signiert] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-07-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-12-26] (Trace Software International -> ) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-03-01] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791624 2019-09-15] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7170632 2019-06-12] (GOG Sp. z o.o. -> GOG.com) S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [924472 2018-12-26] (Intel(R) Software Development Products -> Intel Corporation) R2 KinectMonitor; C:\WINDOWS\system32\Kinect\KinectMonitor.exe [29568 2018-11-11] (Microsoft Corporation -> ) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2403120 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3282736 2019-10-30] (Electronic Arts, Inc. -> Electronic Arts) S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [145336 2019-10-28] (Oculus VR, LLC -> Facebook Technologies, LLC) R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [917432 2019-10-28] (Oculus VR, LLC -> Facebook Technologies, LLC) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2019-09-08] (Even Balance, Inc. -> ) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender) R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [263168 2018-12-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SolidWorks Flexnet Server; C:\SolidWorks_Flexnet_Server\lmgrd.exe [1393128 2018-09-21] (Flexera Software LLC -> Flexera Software LLC) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-08-24] (SolidWorks) [Datei ist nicht signiert] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) R2 SWVisualize2019.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [61328 2018-12-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) R2 SWVisualize2019.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [27024 2018-12-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [146472 2019-10-16] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [786376 2019-10-16] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-13] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation) R2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe [308128 2019-02-18] (Ashampoo GmbH & Co. KG -> ) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1586784 2019-09-22] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [399824 2019-09-22] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender) R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2019-09-22] (Bitdefender SRL -> © Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-16] (Bitdefender SRL -> BitDefender) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46944 2019-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [23392 2019-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-11-03] (CPUID S.A.R.L.U. -> CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [596632 2019-10-16] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2019-05-31] (Bitdefender SRL -> BitDefender LLC) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-01] (Martin Malik - REALiX -> REALiX(tm)) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-05-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [196392 2019-09-22] (Bitdefender SRL -> Bitdefender) S3 KinectSensor; C:\WINDOWS\system32\DRIVERS\KinectSensor.sys [95920 2014-10-19] (Microsoft Corporation -> ) R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys [14320 2019-02-18] (Ashampoo GmbH & Co. KG -> ) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 OCULUSUDSVR; C:\WINDOWS\system32\DRIVERS\OCULUSUD.sys [3867552 2019-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.) R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2019-10-06] (Oculus VR, LLC -> Facebook Inc.) S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-03-04] (Bitdefender SRL -> Bitdefender) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert] R3 VUSB3HUB; C:\WINDOWS\System32\drivers\ViaHub3.sys [227840 2013-12-11] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [47616 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation) R3 xhcdrv; C:\WINDOWS\System32\drivers\xhcdrv.sys [297984 2013-12-11] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.) S3 ALSysIO; \??\C:\Users\sasch\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG U4 npcap_wifi; kein ImagePath S3 OCULUSVRHEADSET; \SystemRoot\system32\DRIVERS\OCULUS119B.sys [X] S3 OCUSBVID; \SystemRoot\System32\drivers\ocusbvid111.sys [X] S3 sRZVAD; \SystemRoot\system32\DRIVERS\RZSurround.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-03 13:10 - 2019-11-03 13:10 - 001767759 _____ C:\Users\sasch\Downloads\DarkCometRemover2.zip 2019-11-03 13:10 - 2013-04-08 20:31 - 001702400 _____ (PhrozenSoft) C:\Users\sasch\Desktop\DarkComet Remover 2 Portable.exe 2019-11-03 12:20 - 2019-11-03 13:55 - 000040442 _____ C:\Users\sasch\Desktop\FRST.txt 2019-11-03 12:09 - 2019-11-03 12:09 - 007622344 _____ (Malwarebytes) C:\Users\sasch\Desktop\AdwCleaner.exe 2019-11-03 12:08 - 2019-11-03 13:55 - 000000000 ____D C:\FRST 2019-11-03 12:08 - 2019-11-03 12:08 - 001619456 _____ (Farbar) C:\Users\sasch\Desktop\FRST64.exe 2019-11-03 12:03 - 2019-11-03 12:03 - 000388608 _____ (Trend Micro Inc.) C:\Users\sasch\Desktop\HijackThis.exe 2019-11-03 11:49 - 2019-11-03 11:49 - 000000000 ____D C:\Users\sasch\AppData\Roaming\TeamViewer 2019-11-03 11:48 - 2019-11-03 11:48 - 000000000 ____D C:\Users\sasch\AppData\Roaming\AnyDesk 2019-11-03 11:10 - 2019-11-03 11:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\alocal 2019-11-03 11:10 - 2019-11-02 13:54 - 016726016 _____ C:\Users\sasch\AppData\Roaming\FileHoster.exe 2019-11-03 11:06 - 2019-11-03 11:06 - 000004009 _____ C:\Users\sasch\Downloads\Borderlands 3 (3).nzb 2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3.nzb 2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3 (2).nzb 2019-11-03 11:04 - 2019-11-03 11:04 - 000001690 _____ C:\Users\sasch\Downloads\Borderlands 3 (1).nzb 2019-11-03 10:56 - 2019-11-03 10:56 - 000000000 ____D C:\Users\sasch\Downloads\incomplete 2019-11-03 10:56 - 2019-11-03 10:56 - 000000000 ____D C:\Users\sasch\AppData\Local\sabnzbd 2019-11-03 10:52 - 2019-11-03 10:54 - 012139609 _____ C:\Users\sasch\Downloads\SABnzbd-2.3.9-win64-bin.zip 2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NZBGet 2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\ProgramData\NZBGet 2019-11-03 10:47 - 2019-11-03 10:47 - 000000000 ____D C:\Program Files\NZBGet 2019-11-03 10:46 - 2019-11-03 10:46 - 005683947 _____ C:\Users\sasch\Desktop\nzbget-21.0-bin-windows-setup.exe 2019-11-02 21:49 - 2019-11-02 21:49 - 000000000 ____D C:\Users\sasch\AppData\Roaming\YURinc 2019-11-01 19:50 - 2019-11-01 19:50 - 000036987 _____ C:\Users\sasch\Downloads\Lockpick Pro v3-1989-3.zip 2019-11-01 17:59 - 2019-11-01 17:59 - 002534378 _____ C:\Users\sasch\Downloads\enbseries_skyrimvr_v0391.zip 2019-11-01 17:56 - 2019-11-01 17:56 - 000341096 _____ C:\Users\sasch\Downloads\Sin Xtreme Realism Enb V372d-831-V-372d-1551307734.rar 2019-11-01 17:56 - 2019-02-22 23:47 - 000000000 ____D C:\Users\sasch\Desktop\SinXRv372d 2019-11-01 16:40 - 2019-11-01 16:40 - 000001863 _____ C:\Users\sasch\Desktop\sksevr_loader.exe - Verknüpfung.lnk 2019-11-01 12:38 - 2019-11-01 12:38 - 000751557 _____ C:\Users\sasch\Downloads\sksevr_2_00_10.7z 2019-11-01 12:38 - 2018-05-27 05:33 - 000000000 ____D C:\Users\sasch\Desktop\sksevr_2_00_10 2019-11-01 11:42 - 2019-11-01 11:45 - 005192280 _____ (Husdawg, LLC) C:\Users\sasch\Desktop\Detection.exe 2019-10-31 18:39 - 2019-10-31 18:39 - 000010923 _____ C:\Users\sasch\Desktop\doc.pdf 2019-10-29 18:27 - 2019-10-29 18:27 - 047453544 _____ C:\Users\sasch\Downloads\MSIAfterburnerSetup.zip 2019-10-26 19:39 - 2019-10-26 19:42 - 049339793 _____ C:\Users\sasch\Downloads\ModernArch-256x.mcpack 2019-10-26 19:39 - 2019-10-26 19:40 - 012746891 _____ C:\Users\sasch\Downloads\ModernArch-128x.mcpack 2019-10-18 20:58 - 2019-10-18 20:58 - 000153159 _____ C:\Users\sasch\Downloads\BlueOcean PE .mcpack 2019-10-18 20:52 - 2019-10-18 20:52 - 011333633 _____ C:\Users\sasch\Downloads\Feluxis RealistPack v9.0 b1.zip 2019-10-18 20:52 - 2019-10-18 20:52 - 000000000 ____D C:\Users\sasch\Desktop\Feluxis RealistPack v9.0 b1 2019-10-17 12:57 - 2019-10-17 12:57 - 000045936 _____ C:\ProgramData\vpn.1571313448.15504.bin 2019-10-17 12:57 - 2019-10-17 12:57 - 000038300 _____ C:\ProgramData\vpn.uninstall.1571313452.bdinstall.bin 2019-10-17 12:57 - 2019-10-17 12:57 - 000034289 _____ C:\ProgramData\vpn.1571313448.18104.bin 2019-10-17 12:57 - 2019-10-17 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN 2019-10-14 18:30 - 2019-10-14 18:30 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-10-14 18:30 - 2019-10-14 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2019-10-08 19:24 - 2019-10-08 19:24 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 023455744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 012960768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 009680400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 008903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 004873728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002429768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-10-08 19:24 - 2019-10-08 19:24 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-10-08 19:24 - 2019-10-08 19:24 - 002110472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 002015400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-10-08 19:24 - 2019-10-08 19:24 - 001677816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001666232 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-10-08 19:24 - 2019-10-08 19:24 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001056056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000895560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2019-10-08 19:24 - 2019-10-08 19:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2019-10-08 19:24 - 2019-10-08 19:24 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000805296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000681720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000508728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000385336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-10-08 19:24 - 2019-10-08 19:24 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000201736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-10-08 19:24 - 2019-10-08 19:24 - 000163232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000104464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-10-08 19:24 - 2019-10-08 19:24 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe 2019-10-08 19:24 - 2019-10-08 19:24 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL 2019-10-08 19:24 - 2019-10-08 19:24 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-10-08 19:24 - 2019-10-08 19:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-10-06 15:32 - 2019-10-06 15:32 - 000032856 _____ (Facebook Inc.) C:\WINDOWS\system32\Drivers\Oculus_ViGEmBus.sys 2019-10-06 15:32 - 2019-10-06 15:32 - 000002011 _____ C:\Users\Public\Desktop\Oculus.lnk 2019-10-06 15:32 - 2019-10-06 15:32 - 000002011 _____ C:\ProgramData\Desktop\Oculus.lnk 2019-10-06 15:32 - 2019-10-06 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Oculus 2019-10-06 15:23 - 2019-11-01 12:03 - 000000000 ____D C:\Program Files\Oculus 2019-10-06 15:10 - 2019-10-06 15:10 - 004957624 _____ (Facebook Technologies, LLC) C:\Users\sasch\Desktop\OculusSetup.exe 2019-10-06 14:50 - 2019-10-06 14:50 - 020473160 _____ (IObit ) C:\Users\sasch\Downloads\iobituninstaller.exe 2019-10-06 14:49 - 2019-10-06 14:49 - 001396200 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-10-06 14:19 - 2019-10-06 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-10-06 14:19 - 2019-10-06 14:19 - 000000000 ____D C:\Program Files\VS Revo Group 2019-10-06 14:11 - 2019-03-28 10:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2019-10-06 14:11 - 2019-03-28 10:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2019-10-06 14:11 - 2019-03-28 10:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2019-10-06 14:11 - 2019-03-28 10:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll 2019-10-06 14:11 - 2019-03-28 07:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-03 13:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-11-03 13:53 - 2018-04-01 13:20 - 000000000 ____D C:\Users\sasch\AppData\Roaming\IObit 2019-11-03 13:53 - 2018-04-01 13:20 - 000000000 ____D C:\Program Files (x86)\IObit 2019-11-03 13:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-11-03 13:44 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-11-03 12:58 - 2019-02-08 18:33 - 000000000 ____D C:\ProgramData\NVIDIA 2019-11-03 12:56 - 2019-06-24 19:46 - 000000000 ____D C:\Users\sasch\AppData\Local\Oculus 2019-11-03 12:56 - 2018-04-01 13:36 - 000000000 ____D C:\ProgramData\Origin 2019-11-03 12:50 - 2019-02-08 20:48 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2019-11-03 12:19 - 2019-07-14 15:34 - 000859944 _____ C:\WINDOWS\system32\perfh019.dat 2019-11-03 12:19 - 2019-07-14 15:34 - 000191842 _____ C:\WINDOWS\system32\perfc019.dat 2019-11-03 12:19 - 2019-02-08 20:50 - 003062622 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-11-03 12:19 - 2018-09-15 18:37 - 000842986 _____ C:\WINDOWS\system32\perfh007.dat 2019-11-03 12:19 - 2018-09-15 18:37 - 000190598 _____ C:\WINDOWS\system32\perfc007.dat 2019-11-03 12:19 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-11-03 12:16 - 2018-04-01 13:35 - 000000000 ____D C:\Program Files (x86)\Steam 2019-11-03 12:14 - 2019-08-24 15:23 - 000000000 ____D C:\SolidWorks_Flexnet_Server 2019-11-03 12:14 - 2019-02-08 20:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-11-03 12:14 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-11-03 12:13 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-11-03 12:11 - 2018-09-15 07:09 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-11-03 12:10 - 2018-04-01 13:20 - 000000000 ____D C:\ProgramData\IObit 2019-11-03 12:06 - 2018-04-15 13:12 - 000000000 ____D C:\Users\sasch\AppData\Local\CrashDumps 2019-11-03 11:17 - 2018-04-15 17:06 - 000000000 ____D C:\Users\sasch\AppData\Local\JDownloader 2.0 2019-11-03 10:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-11-03 10:36 - 2018-08-07 11:44 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2019-11-03 00:12 - 2019-06-28 19:20 - 000000000 ____D C:\Program Files (x86)\Oculus Tray Tool 2019-11-03 00:12 - 2019-02-08 20:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-11-02 20:05 - 2019-02-08 20:48 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1368799669-3117233153-4274516567-1001 2019-11-02 20:05 - 2019-02-08 20:43 - 000002428 _____ C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-02 20:05 - 2018-04-01 13:17 - 000000000 ___RD C:\Users\sasch\OneDrive 2019-11-01 21:17 - 2019-09-18 18:37 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Vortex 2019-11-01 19:50 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-01 14:53 - 2019-06-24 20:08 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Oculus 2019-11-01 11:49 - 2018-04-01 14:34 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-10-31 20:29 - 2019-06-27 19:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\beatdrop 2019-10-31 18:47 - 2019-03-22 17:58 - 000000000 ____D C:\ProgramData\boost_interprocess 2019-10-31 18:16 - 2019-02-08 21:09 - 001065984 _____ C:\Users\sasch\AppData\Local\file__0.localstorage 2019-10-30 17:02 - 2018-04-01 13:53 - 000000000 ____D C:\Program Files (x86)\Origin 2019-10-28 19:13 - 2018-04-01 13:21 - 000000000 ____D C:\ProgramData\ProductData 2019-10-27 18:05 - 2018-04-01 13:33 - 000000000 ____D C:\Users\sasch\AppData\Local\PlaceholderTileLogoFolder 2019-10-27 13:49 - 2018-10-27 17:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-10-18 20:53 - 2019-08-16 18:34 - 000000000 ____D C:\Users\sasch\AppData\Roaming\.minecraft 2019-10-18 19:10 - 2018-04-01 13:18 - 000000000 ____D C:\Program Files\Opera 2019-10-17 12:57 - 2018-04-01 14:32 - 000000000 ____D C:\Program Files\Bitdefender 2019-10-16 19:49 - 2018-05-10 11:13 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Twitch 2019-10-16 18:34 - 2018-12-12 16:29 - 000596632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys 2019-10-15 11:26 - 2018-04-01 14:39 - 000000000 ____D C:\Users\sasch\AppData\Local\UnrealEngine 2019-10-13 17:50 - 2018-04-01 13:53 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Origin 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-10-08 20:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-10-08 20:56 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-10-08 19:28 - 2018-04-01 20:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-10-08 19:25 - 2018-04-01 20:34 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-10-08 19:10 - 2019-02-08 20:48 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522585103 2019-10-08 19:10 - 2018-04-01 13:18 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2019-10-06 15:53 - 2018-05-27 18:22 - 000000000 ____D C:\Users\sasch\Documents\Soundaufnahmen 2019-10-06 14:51 - 2018-04-01 13:20 - 000000000 ____D C:\Users\sasch\AppData\LocalLow\IObit 2019-10-06 14:49 - 2019-02-08 20:43 - 000000000 ____D C:\Users\sasch 2019-10-06 14:47 - 2018-04-01 22:41 - 000000000 ____D C:\Users\sasch\Desktop\Spiele 2019-10-06 14:46 - 2019-07-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oculus Tray Tool 2019-10-06 14:46 - 2019-06-20 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic 2019-10-06 14:46 - 2019-06-10 15:13 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witcher 3 HD Reworked Project 5.1 2019-10-06 14:46 - 2019-05-31 17:57 - 000000000 ____D C:\Users\sasch\Desktop\@ 2019-10-06 14:46 - 2019-04-20 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice 2019-10-06 14:46 - 2019-04-11 21:55 - 000000000 ____D C:\Users\sasch\Desktop\PC 2019-10-06 14:46 - 2019-04-11 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light Redux 2019-10-06 14:46 - 2019-04-11 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo 2019-10-06 14:45 - 2019-09-17 09:52 - 000000000 ____D C:\Program Files\Npcap 2019-10-06 14:44 - 2018-04-01 13:16 - 000000000 ____D C:\Users\sasch\AppData\Local\Packages 2019-10-06 14:43 - 2018-06-24 15:14 - 000000000 ____D C:\Users\sasch\AppData\Roaming\E-Ciga 2019-10-06 14:39 - 2018-10-13 14:26 - 000000000 ____D C:\ProgramData\Apple 2019-10-06 13:49 - 2019-06-24 20:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\OculusClient 2019-10-04 21:26 - 2018-05-30 08:31 - 000000000 ____D C:\Users\sasch\AppData\LocalLow\Mozilla 2019-10-04 21:14 - 2019-08-17 16:07 - 000000000 ____D C:\Program Files\Mozilla Firefox ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2019-07-24 18:53 - 2019-07-24 18:53 - 000367104 _____ () C:\Users\sasch\ModAssistant.exe 2019-06-25 19:44 - 2019-06-27 18:06 - 000000000 _____ () C:\Users\sasch\AppData\Roaming\.OculusDebugToolGUI 2019-11-03 11:10 - 2019-11-02 13:54 - 016726016 _____ () C:\Users\sasch\AppData\Roaming\FileHoster.exe 2019-02-08 21:09 - 2019-10-31 18:16 - 001065984 _____ () C:\Users\sasch\AppData\Local\file__0.localstorage ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Geändert von TrainandGame (03.11.2019 um 14:04 Uhr) |
03.11.2019, 14:01 | #11 |
| Versuchter Teamviewer missbrauch auf meinen PCCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019 durchgeführt von sasch (03-11-2019 13:56:03) Gestartet von C:\Users\sasch\Desktop Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled) Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled) golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled) sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.05 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns) Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender) Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender) Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.2.693 - Bitdefender) Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU) CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair) Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.) Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.) Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark) Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research) Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation) Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version: - Deep Silver) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - ) MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC) Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla) MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation) NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NZBGet (HKLM-x32\...\NZBGet) (Version: - Andrey Prygunkov) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project) OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS) Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC) Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version: - ) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team) OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - ) OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version: - ) Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.) Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x) Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH) PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder) Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version: - Roblox Corporation) ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation) SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies) SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation) SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2019 SP01 (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.) Superhot Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot Incl. Update 3 MULTi9 1.0) (Version: - ) TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance) Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP) The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com) Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version: - ) TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software) Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - ) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.) VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - STMicroelectronics (STTub30) USB (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics) WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) Packages: ========= 3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.) Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat () Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libEGL.DLL 2018-04-01 13:53 - 2019-10-30 17:02 - 003090944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libGLESv2.dll 2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll 2019-08-24 15:39 - 2019-08-24 15:39 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll 2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000002560 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icudt58.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001252864 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icuuc58.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000030208 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qgif.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000032768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qico.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000256512 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000026112 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtga.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000305152 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000025600 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000709120 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Multimedia.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000207360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Positioning.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000310272 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 003513344 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Qml.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 003390976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Quick.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000068096 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000045568 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000116224 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebChannel.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 054071296 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000211456 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Public\AppData:CSM [236] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108] AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA [16] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ========== ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-09-29 14:46 - 2019-11-03 13:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\ HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "BdVpnApp" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2" HKLM\...\StartupApproved\Run32: => "Updater" HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKLM\...\StartupApproved\Run32: => "SE61T-UserTools" HKLM\...\StartupApproved\Run32: => "SKILLER SGK4" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "OculusTrayTool" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027 FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027 FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027 FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027 FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027 FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027 FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027 FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027 FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027 FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027 FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027 FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027 FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027 FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027 FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027 FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027 FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027 FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027 ==================== Wiederherstellungspunkte ========================= 02-11-2019 18:16:04 Geplanter Prüfpunkt 03-11-2019 13:27:34 Removed Vegas Pro 13.0 (64-bit) 03-11-2019 13:54:05 Removed Java 8 Update 211 (64-bit) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/03/2019 12:53:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 15816. Meldungs-ID: [0x2509]. Error: (11/03/2019 12:51:28 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509]. Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f Ausnahmecode: 0xc000027b Fehleroffset: 0x0000000000701a52 ID des fehlerhaften Prozesses: 0x168c Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/02/2019 11:02:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Beat Saber.exe, Version: 2018.4.4.16502, Zeitstempel: 0x5d23e6af Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000021399fb7300 ID des fehlerhaften Prozesses: 0xdc0 Startzeit der fehlerhaften Anwendung: 0x01d591c45509e62d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 00a7de21-caec-4766-834e-df68a6cf9605 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (11/03/2019 01:53:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 12:57:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:56:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 12:56:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:39:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:24:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/03/2019 12:17:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 12:16:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2019-11-03 12:14:50.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 12:11:25.049 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 11:54:42.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 19:38:13.968 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:15:01.526 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:50.034 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:29.410 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 18:49:31.791 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2003 09/19/2016 Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2 Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 42% Installierter physikalischer RAM: 16324.48 MB Verfügbarer physikalischer RAM: 9382.9 MB Summe virtueller Speicher: 20676.48 MB Verfügbarer virtueller Speicher: 11590.81 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:475.64 GB) (Free:36.44 GB) NTFS Drive d: () (Fixed) (Total:920.1 GB) (Free:251.07 GB) NTFS \\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS \\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS \\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS \\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
03.11.2019, 14:04 | #12 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PCZitat:
Deine WinRAR-Version ist alt und muss runter. Und ich bereinige keine Systeme mit störrischen Virenscannern mehr, dafür hast du sicher auch Verständnis. Dein Bitdefender wird sicher all deine Probleme lösen.
__________________ Logfiles bitte immer in CODE-Tags posten |
03.11.2019, 14:08 | #13 | |
| Versuchter Teamviewer missbrauch auf meinen PCZitat:
|
03.11.2019, 14:19 | #14 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Versuchter Teamviewer missbrauch auf meinen PCZitat:
"Und Security Suites waren schon immer kontraproduktiver Müll, wenn nahm man früher einen reinen Virenscanner - heute ist nicht mehr nötig, da Windows 10 den Windows Defender hat." Ansonsten erklären Sie mir mal, warum ich mich mit dem Team von Bitdefender messen lassen muss, wo Sie doch den Windows Defender von Microsoft nutzen sollen. Wir sind das TB und nicht Microsoft. Das Winoptimizer Geraffel haben Sie auch nicht deinstalliert. Wenn Sie hier Hilfe wollen aber keine Anweisungen umsetzen und alles in Frage stellen müssen, wird das Thema beendet und in die Tonne verfrachtet. Und ich dabei hab hier schon ein Auge zugedrückt, nachdem Sie offen den Einsatz von illegalen Cracks zugegeben haben; mein Kollege M-K-D-B ist in der Hinsicht deutlich strenger!
__________________ Logfiles bitte immer in CODE-Tags posten |
03.11.2019, 14:24 | #15 |
| Versuchter Teamviewer missbrauch auf meinen PC Nun gut, nachdem ich mir Artikel durchgelesen habe über den Defender, dass dieser mittlerweile eine gute Arbeit macht, würde ich Ihren Weg versuchen wollen. Ich folge nun Ihren Anweisungen und hänge gleich die Logs an. Grüße Defender zieht erstmal Updates. Hier die Logs Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2019 durchgeführt von sasch (03-11-2019 14:30:33) Gestartet von C:\Users\sasch\Desktop Windows 10 Pro Version 1809 17763.805 (X64) (2019-02-08 19:48:52) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1368799669-3117233153-4274516567-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1368799669-3117233153-4274516567-503 - Limited - Disabled) Gast (S-1-5-21-1368799669-3117233153-4274516567-501 - Limited - Disabled) golem-docker (S-1-5-21-1368799669-3117233153-4274516567-1003 - Limited - Enabled) sasch (S-1-5-21-1368799669-3117233153-4274516567-1001 - Administrator - Enabled) => C:\Users\sasch WDAGUtilityAccount (S-1-5-21-1368799669-3117233153-4274516567-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) beatdrop 2.5.9 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\5a38d27a-3f69-5264-ba9a-effba89c0b95) (Version: 2.5.9 - Nathaniel Johns) Binance version 1.8.0 (HKLM-x32\...\{F7C9C013-C42C-440F-979C-46BA1F534351}_is1) (Version: 1.8.0 - Binance) Core Temp 1.13 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.13 - ALCPU) CORSAIR iCUE Software (HKLM-x32\...\{37E2CEEA-E7E8-44C4-B3E6-D214543D9DA9}) (Version: 3.13.94 - Corsair) Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.) Discord (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden DOOM VFR MULTi2 1.0 (HKLM-x32\...\DOOM VFR MULTi2 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.) Epic Games Launcher (HKLM-x32\...\{6E35ADC1-C951-4FD2-B81F-D37CCE0B5D84}) (Version: 1.1.220.0 - Epic Games, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark) Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research) Kinect for Windows Drivers v2.0_1409 (DAILY) (HKLM\...\{7C9F054E-F742-4DAD-B7E0-9A280F1F0ACB}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows Runtime v2.2_1811 (HKLM\...\{87941EDF-6084-42AD-B5EF-36A44667A64C}) (Version: 2.2.1811.10000 - Microsoft Corporation) Kinect for Windows SDK v2.0 (HKLM\...\{77FBF502-4136-4BC8-B754-6A01C02598C9}) (Version: 2.0.1410.19000 - Microsoft Corporation) Hidden Kinect for Windows SDK v2.0_1409 (HKLM-x32\...\{2f7f3dc4-de9a-4605-821f-b686f26392d8}) (Version: 2.0.1410.19000 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version: - Deep Silver) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12026.20344 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - ) MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC) Mozilla Firefox 68.0.2 (x64 de) (HKLM\...\Mozilla Firefox 68.0.2 (x64 de)) (Version: 68.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla) MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation) NVIDIA Grafiktreiber 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NZBGet (HKLM-x32\...\NZBGet) (Version: - Andrey Prygunkov) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project) OBS-VirtualCam version 2.0.2 (HKLM-x32\...\{7B7182E6-D22D-4E5A-BCA2-EC985A4BD588}_is1) (Version: 2.0.2 - OBS) Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC) Oculus Tray Tool v0.86.0 (HKLM-x32\...\Oculus Tray Tool_is1) (Version: - ) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20344 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 4.29 - LG Electronics Inc) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenIV (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team) OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - ) OpenVR Input Emulator (HKLM-x32\...\OpenVRInputEmulator) (Version: - ) Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.52.32372 - Electronic Arts, Inc.) Outward Day One Edition MULTi5 1.0 (HKLM-x32\...\Outward Day One Edition MULTi5 1.0) (Version: 1.0 - x.X.RIDDICK.X.x) Outward Update 1 (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - ) PhonerLite 2.72 (HKLM-x32\...\PhonerLite_is1) (Version: 2.72 - Heiko Sommerfeldt) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - Win10 Widgets) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder) Roblox Player for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for sasch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\roblox-studio) (Version: - Roblox Corporation) ROCCAT Juke (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation) SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies) SOLIDWORKS 2019 German Resources (HKLM\...\{A3551568-7512-4052-8B69-9F295CE0252A}) (Version: 27.110.0072 - Ihr Firmenname) Hidden SOLIDWORKS 2019 SP01 (HKLM\...\{F261BF5C-81C4-4E81-9ED6-D7EBFA2A9A5B}) (Version: 27.110.0072 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2019 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20190-40100-1100-100) (Version: 27.1.0.72 - SolidWorks Corporation) SOLIDWORKS CAM 2019 SP01 (HKLM\...\{FF62C344-015F-4A9F-8F49-7F02CBAB288E}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2019 SP01 (HKLM\...\{661FCA7C-4962-46FD-84CD-CB72459058A4}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS eDrawings 2019 SP01 (HKLM\...\{49641C8E-5ADA-42A8-8019-90CBDC933F86}) (Version: 27.10.0092 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2019 SP01 (HKLM\...\{D47DBAC4-C1AB-4B16-B431-01120E8BB141}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Explorer 2019 SP01 (HKLM\...\{ED3F46FA-EF6F-4633-AA94-5C44815EA2B2}) (Version: 27.10.0072 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2019 SP01 (HKLM\...\{5D9A5C34-85FD-40FE-8C1A-ACA3C8CF423E}) (Version: 27.10.0073 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2019 SP01 (HKLM\...\{974A87F0-517F-480A-A87F-218649E02880}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS PCB 2019 SP01 (HKLM\...\{BF11D72C-9B96-4B91-BF1E-AC2137BBB604}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Plastics 2019 SP01 (HKLM\...\{6BC5795E-314F-4BA6-9A2D-A8DE4A35C688}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize 2019 SP01 (HKLM\...\{CD7FCE59-87E4-4C32-AB24-DCA29802CBA5}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SOLIDWORKS Visualize Boost 2019 SP01 (HKLM\...\{D67F8A59-1F6E-422E-AD34-1A66751CD44D}) (Version: 27.10.0072 - Ihr Firmenname) Hidden SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.) Superhot Incl. Update 3 MULTi9 1.0 (HKLM-x32\...\Superhot Incl. Update 3 MULTi9 1.0) (Version: - ) TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance) Telegram Desktop version 1.7.7 (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP) The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com) Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version: - ) TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software) Twitch (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) uRage Reaper nxt. Version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - ) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.3 - Black Tree Gaming Ltd.) VSDC Free Video Editor Version 6.3.6.18 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.18 - Flash-Integro LLC) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - STMicroelectronics (STTub30) USB (07/05/2012 3.0.4.0) (HKLM\...\4A1A85C6E9813B77863C2401251A5284B1923DA4) (Version: 07/05/2012 3.0.4.0 - STMicroelectronics) Wireshark 3.0.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.4 - The Wireshark developer community, hxxps://www.wireshark.org) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) Packages: ========= 3D Scan -> C:\Program Files\WindowsApps\Microsoft.3DScan_2.0.47.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-23] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-17] (king.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (HP Inc.) Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-23] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-13] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.140.89.0_x86__xpfg3f7e9an52 [2019-10-08] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Keine Datei ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.voxacm160] => c:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.scg726] => c:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.alf2cd] => c:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3acm] => c:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lame] => c:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dvsd] => c:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mpg4] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp42] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp43] => c:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => c:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.DIVX] => c:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP60] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP62] => c:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.LAGS] => c:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\sasch\Desktop\Spiele\startdesktopmode.bat - Verknüpfung.lnk -> C:\Program Files\OpenVR-AdvancedSettings\startdesktopmode.bat () Shortcut: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\sasch\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2019-03-05 15:06 - 2019-03-05 15:06 - 000232448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2019-03-05 15:07 - 2019-03-05 15:07 - 000642048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000072704 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2019-03-05 15:06 - 2019-03-05 15:06 - 000364544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libEGL.DLL 2018-04-01 13:53 - 2019-10-30 17:02 - 003090944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Origin\libGLESv2.dll 2019-08-24 15:49 - 2018-10-16 21:35 - 000107520 _____ () [Datei ist nicht signiert] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll 2019-01-10 10:44 - 2019-01-10 10:44 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000002560 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icudt58.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001252864 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\icuuc58.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000030208 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qgif.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000032768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qico.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000256512 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000026112 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtga.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000305152 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000025600 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000709120 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Multimedia.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000207360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Positioning.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000310272 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 003513344 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Qml.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 003390976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Quick.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000068096 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000045568 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000116224 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebChannel.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 054071296 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000211456 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2018-04-01 13:53 - 2019-10-30 17:02 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Public\AppData:CSM [236] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] AlternateDataStreams: C:\Users\sasch\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108] AlternateDataStreams: C:\Users\sasch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\sasch\AppData\Local\Temp:$DATA [16] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ========== ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-09-29 14:46 - 2019-11-03 14:14 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-05-28 19:13 - 2019-05-28 19:14 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.18.70.1 DESKTOP-FOHP40Q.mshome.net # 2024 5 0 26 18 14 23 458 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\ HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sasch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\earth multiscreen widescreen 5760x1080 wallpaper_www.paperhi.com_58.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Hintergrund-Downloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2019 Fast Start.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "BdVpnApp" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2" HKLM\...\StartupApproved\Run32: => "Updater" HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKLM\...\StartupApproved\Run32: => "SE61T-UserTools" HKLM\...\StartupApproved\Run32: => "SKILLER SGK4" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "OculusTrayTool" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "DesktopHut.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "Argus Monitor" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "CorsairLink4" HKU\S-1-5-21-1368799669-3117233153-4274516567-1001\...\StartupApproved\Run: => "GalaxyClient" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{0740E682-1F83-4FAD-B54A-DAAF94B61BD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C243317-3B6B-47E2-A311-8A3E95904140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B31F1B3-43B4-4A9E-8B52-B3CB0390558D}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3B3E03A3-4BF8-4468-81F8-60273D1B0652}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{DC2B08A1-7048-4335-9536-A2FE80B22D29}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{ACD69343-1FFF-4AAC-888E-A1B325D6C58E}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{5B7EFE95-AF2A-4407-99DE-1B714B3F5CF0}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2926D9FF-8085-4B05-B3F9-A068BCBE6589}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B119755F-53BB-4912-993B-2D0034642C03}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{5D136926-BF5F-4ED8-9DEE-701B82FF1C27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{37D4D204-1534-467B-9CF5-31487D488767}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{2F46E517-7A8F-44B0-B7EB-9072CDCF06DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{42D70C77-D1BD-4ABF-9A4A-A91A61F45B0A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{40E831A5-4689-4E79-8348-E90C48CB539C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{98287F36-F3E7-40FF-9A23-8867CBEFB7D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AD32DEE1-58EA-4224-87E4-EA0583A948DE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{417E877D-496E-4066-8477-8A5938E23774}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Datei ist nicht signiert] FirewallRules: [DNS Server Forward Rule - TCP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - A2918A61-5D01-4BBD-BDBB-CEBE9E9C6511 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - CD8B8542-DEF3-4E52-A908-8E6FBC2125BF - 0] => (Allow) LPort=53 FirewallRules: [{94933B1A-2289-4DBB-8E4F-A00CE7FD829F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{39876E1F-0A04-4ED9-A8DC-C58D8D6A95F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> ) FirewallRules: [{2B5004E3-0383-4975-845F-C911CFCAF264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{22C21BB7-A0F4-4B79-B66C-46B243346958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{FD5AA058-690C-4067-9985-2F88A0334CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{26F2F6CD-5D0C-4C3A-ACD2-7B9B019934AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{0AF4755F-B58E-4248-A261-B91130CEC729}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{A4E44422-C7F4-4E77-8A3E-142A41C85C45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{3C2EBDD9-7A1B-42E6-9F03-32F7756AB8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2D678C7D-5AF9-4BED-AD85-75E4872517AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert] FirewallRules: [{2A53B5C8-113F-436A-9AD3-0C4C54F0FD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{7D753089-180E-428F-8ABF-378BF050405E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{65BB94D9-3967-4BA5-9CA8-EAFDC253D9DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{40051D45-C677-4B79-8E90-497BE913BDF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{170F38BC-9EA3-406E-B712-279DE6CE8A4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{D8237A19-A7A4-480E-8009-7EBBF027F44C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PavlovVR\Pavlov.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1A487B10-842E-431B-941B-16B764ECD443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{B6821163-09CB-4420-9761-69D0B8A48345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Pirate Trainer VR\SpacePirateVR.exe () [Datei ist nicht signiert] FirewallRules: [{7ACE9B64-D42D-460B-82A1-BE53B9BA14F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{78F40822-AC3B-44C4-8AFB-EDC6FBA4C480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steam360VideoPlayer\Steam360VideoPlayer.exe () [Datei ist nicht signiert] FirewallRules: [{8DF97BAC-F571-4C19-B098-C966882F8395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{203B78AD-52DE-4BAF-8171-D81BD464EBEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RecRoom\Recroom_Release.exe () [Datei ist nicht signiert] FirewallRules: [{403150D1-81F4-4B33-A3A3-3A8AF621813C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{60D70BDF-64CD-495D-8A21-529AA91F3A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparc\Sparc.exe () [Datei ist nicht signiert] FirewallRules: [{7B4A954D-F3EC-4E42-A779-C1A54CDBB85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{24F2845A-CCA3-46FF-96DB-1F2887137872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{0F39A282-9A26-49A6-B5DD-78B369D5B0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{DAC58D3F-0852-46DC-857C-BF9914B4127D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LIV\LIV.App.exe (LIV Inc -> LIV Inc.) FirewallRules: [{BD9CD2C6-BDBF-494B-9C8E-E3EC5F878FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{09FDAB7C-8953-427C-836F-440C7A922BB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{6A89D5E1-8A28-4770-9E1B-75C2227B9F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0675F42F-F727-48A7-92CD-1ECF4802EA23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F8D3F73F-8C0E-4658-8C65-7C45BF6A8CB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{905758A4-99EE-4A58-A647-E48434BF5391}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{BF1C68BC-3EDD-4300-903E-5A3646F1E395}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{A7E58B70-540D-44C9-B72A-E5C90E07879B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [{F1595CF3-888D-4A73-B171-A309D796C2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5075C7AA-E3D6-42D1-810B-807E24B34C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{502B7574-E188-4F9C-BA7C-DE77B5F2FB58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E9446889-83DB-4BE3-94FA-D1F4474B7244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E7B25816-80BC-4106-8A92-69A0CD0104F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{0F348082-5969-429B-A255-47BE1CD5E2DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{2CD85A61-18BA-4ABA-BA1F-0E80A5E8B437}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{B1395916-5D64-4DAF-AF06-A30844FEADEC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{CC2E3010-017D-43CB-8F47-EC773CC07902}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{1EAE3853-521B-42CE-A885-98E6775E739E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC) FirewallRules: [{A4FC4F01-56D2-43D5-8D97-1F7B3DC1AB3A}] => (Allow) LPort=8027 FirewallRules: [{5214D303-B8F4-4A8F-85E1-21A22483C6F2}] => (Allow) LPort=8027 FirewallRules: [{AF2BC330-AED4-47D1-9A01-FB8634214F09}] => (Allow) LPort=8027 FirewallRules: [{43E2493B-9A4E-4C0A-9076-554D6E131256}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9D28B1DA-C902-477B-AFFD-51C595FDD1DA}] => (Allow) LPort=8027 FirewallRules: [{372821C7-D852-4544-B569-7320035202F3}] => (Allow) LPort=8027 FirewallRules: [{5902DD16-657D-4E4F-87ED-2BADDE3E6562}] => (Allow) LPort=8027 FirewallRules: [{1039D7DF-C3FD-47E8-BD62-FCAD62FAACEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D91A5413-719A-469D-A91E-DFF47E626793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D177C423-B229-4035-8453-F633FA27DD00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A3A36CEC-E1D7-4FCD-8F4B-94ABDD62E51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{C6ADF639-0B0A-4243-AE41-CEDD2E6E8BFB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{A87B6FD3-62AC-4426-979C-036E933B8B14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{3A501E89-37B9-4E5F-911F-332A989DF2D9}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{2258E533-64AB-4CCD-A0C3-9FCF0A8C6171}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{58DD4DCC-B967-40C1-86C3-1B1FFF1BB909}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E6C46A1B-DD61-418B-A527-2E85BA66A52B}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{4372EFF5-2D73-4681-B970-0DC8D9CC01AD}] => (Allow) LPort=8027 FirewallRules: [{4A9C0C46-8BFB-4E60-9101-B3A45B536362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{BC485528-26C9-46C5-9F4D-EF108C68741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Datei ist nicht signiert] FirewallRules: [{8515539D-90E6-4747-B547-B042280D2827}] => (Allow) LPort=8027 FirewallRules: [{247E5E19-6A37-439B-BCA7-C9397174C50B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{974EDA6A-9B30-48E4-816D-2EDC1B39F051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SkyrimVR\SkyrimVR.exe (Bethesda Softworks) [Datei ist nicht signiert] FirewallRules: [{7AD88789-2895-449A-9041-E9F2DEAE861E}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{229AFEF2-8A24-425A-86B1-5B5D49B63F14}] => (Allow) LPort=8027 FirewallRules: [{C51F7625-84D9-48BA-BF9F-109EFE9AD1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{C1F426A7-7724-4A3A-AA22-9D231DF01CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert] FirewallRules: [{802DDF0E-DC51-4AC8-95EF-F7D06FE4EBB8}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{757AA0DE-9C61-4EFA-953E-A6EE75C4A659}] => (Allow) D:\steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{E730DFD8-C4F2-4D90-AF1F-E47383E82DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{B9DA83CE-3E14-4715-9F70-32D70EDD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArizonaSunshine\ArizonaSunshine.exe () [Datei ist nicht signiert] FirewallRules: [{3323FE0A-DB23-412F-ADF7-BBB66B2006DD}] => (Allow) LPort=8027 FirewallRules: [{A7399E1E-CA23-4485-930F-44CEC35CE5D0}] => (Allow) LPort=8027 FirewallRules: [{9B5C6CC2-9544-4E83-A529-F77280D5B48B}] => (Allow) LPort=8027 FirewallRules: [{F033AF30-69D8-42B6-9D9E-A25B1FC2FD93}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{8A2701D5-9116-428E-A361-320F091D2E55}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C34DF57D-F1B6-477A-949C-9434AD72BA5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{C02B5304-3C95-493F-BCD1-3740E4ED8222}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{60F36C3B-48E5-43B0-8CFB-0EBED47E6F11}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{0139A4A1-F639-4343-8F07-60C2C2386685}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> ) FirewallRules: [{4F9A28DB-010B-4626-B5B8-936142B04892}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{A1F32280-91E9-46FF-9EDD-24C48EAA4BC6}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{3CD93529-F035-4918-843D-1A9EB5E8A831}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{08716381-CF14-4184-8849-459445098475}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1FA78D26-20A8-4C03-9AF3-14544156D2DA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{322DCE80-1F93-4DC7-8B8D-DB9B88BD6EBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.) FirewallRules: [{E9EA684E-D352-4B71-82A9-3B9036DEFE8E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{FA36CC9C-2F2A-4AEB-8584-607EEAE48F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert] FirewallRules: [{0E52E449-243C-4519-BEF4-E35A3FD6EEF7}] => (Allow) LPort=8027 FirewallRules: [{DCB0F3E3-B130-4C6D-84CC-58A75D553DE5}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{38962F38-1793-42BC-A10E-8257D6114D7B}] => (Allow) LPort=8027 FirewallRules: [{811F2136-0E52-4CFB-BC21-4049B6B49643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1D8BA397-1870-44AA-9260-85D4FB06066F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFF5297D-2415-4DBC-AD55-367B2E70F5A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9702396E-5B2D-44AB-855D-EC683DCB3405}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{392450AE-D6DC-40AD-AD3B-E2BE3D9185D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1879C90E-BF88-4B2E-B0AB-AA3002726F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C7DD4EA7-19B3-42EB-97C8-932C1C783B5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BC14455-058A-4404-8DB9-B0C3DFC8342E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4E507679-CFA9-4C09-B74C-D00FF7511814}] => (Allow) LPort=8027 FirewallRules: [{4EC20FEA-9C8E-48B4-B272-DF4CD9BC6EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2A68C28-907E-494C-8739-110470EE847A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1DA10DF9-ABEC-4509-B472-71B05B25BB4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FBEC7B5F-1849-43E0-A1DF-15D690C46BCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BFEB41B6-7A4F-42FF-8AD1-34B1F8AABF62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{85128EC7-11AF-44C1-AEAC-4CB7AD1A3E9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5474CDB4-3B78-4690-A998-178703FE2244}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D46C2EE3-6EBB-4DDD-99EE-3BD4DE75A2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{B4035018-04D1-44A8-967E-52BF65D50ABC}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{EF2DB5A2-F4EB-45A6-96C8-9CAC5F772CCE}C:\program files\nzbget\nzbget.exe] => (Block) C:\program files\nzbget\nzbget.exe () [Datei ist nicht signiert] FirewallRules: [{47BB0284-57DC-49DA-8051-E0A63FF7A64F}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{1A5EDF56-92C4-4EAF-A493-D47263FC2E37}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{519D1845-687A-4B2F-BFBD-DDC00C9B22D1}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{58C68B9E-3FAB-4EBE-92D2-B6843A347CD2}] => (Allow) C:\Users\sasch\AppData\Local\Temp\downloaded.exe (TeamViewer GmbH -> TeamViewer) FirewallRules: [{4897EC8F-B674-4000-94B1-3DC51B11192C}] => (Allow) LPort=8027 FirewallRules: [{9AB82D20-D696-46CD-8602-0CDEA1FB371D}] => (Allow) LPort=8027 FirewallRules: [{08A5C124-26A4-4882-A458-73DEF6B0BAD4}] => (Allow) LPort=8027 FirewallRules: [{486AC4A1-2565-4E4C-ACBF-F5ADCAB3254F}] => (Allow) LPort=8027 ==================== Wiederherstellungspunkte ========================= 02-11-2019 18:16:04 Geplanter Prüfpunkt 03-11-2019 13:27:34 Removed Vegas Pro 13.0 (64-bit) 03-11-2019 13:54:05 Removed Java 8 Update 211 (64-bit) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/03/2019 02:24:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WO14.exe, Version: 14.0.0.0, Zeitstempel: 0x58529fe9 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17763.802, Zeitstempel: 0x936e7d37 Ausnahmecode: 0xc0000409 Fehleroffset: 0x00121932 ID des fehlerhaften Prozesses: 0x195c Startzeit der fehlerhaften Anwendung: 0x01d5924a08eb9a7e Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\WO14.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: bc0fb12a-ea02-469f-a54c-db05908abae2 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/03/2019 12:53:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 15816. Meldungs-ID: [0x2509]. Error: (11/03/2019 12:51:28 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:16:41 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.0 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 11276. Meldungs-ID: [0x2509]. Error: (11/03/2019 12:14:43 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:11:24 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/03/2019 12:06:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HxAccounts.exe, Version: 16.0.12026.20218, Zeitstempel: 0x5d81ddff Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.17763.802, Zeitstempel: 0x322dae8f Ausnahmecode: 0xc000027b Fehleroffset: 0x0000000000701a52 ID des fehlerhaften Prozesses: 0x168c Startzeit der fehlerhaften Anwendung: 0x01d5923542ab9e49 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxAccounts.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll Berichtskennung: 08bb2cd2-1722-4276-8eb3-369be6cdc972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windowslive.manageaccounts Error: (11/03/2019 11:54:42 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Systemfehler: ============= Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.WscBrokerManager und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.SecurityAppBroker und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.WscBrokerManager und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.SecurityAppBroker und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.WscBrokerManager und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID Windows.SecurityCenter.SecurityAppBroker und der APPID Nicht verfügbar im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:28:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FOHP40Q) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-FOHP40Q\sasch" (SID: S-1-5-21-1368799669-3117233153-4274516567-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} und der APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/03/2019 02:28:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FOHP40Q) Description: Der Server "Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: =================================== Date: 2019-11-03 14:30:35.873 Description: Fehler von Windows Defender Antivirus beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Betroffene Signaturen: Aktuell Fehlercode: 0x80070003 Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden. Signaturversion: 0.0.0.0;0.0.0.0 Modulversion: 0.0.0.0 CodeIntegrity: =================================== Date: 2019-11-03 12:14:50.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 12:11:25.049 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-11-03 11:54:42.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 19:38:13.968 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:15:01.526 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:50.034 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. Date: 2019-10-28 19:08:29.410 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-10-28 18:49:31.791 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2003 09/19/2016 Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2 Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 30% Installierter physikalischer RAM: 16324.48 MB Verfügbarer physikalischer RAM: 11308.61 MB Summe virtueller Speicher: 20676.48 MB Verfügbarer virtueller Speicher: 13279.91 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:475.64 GB) (Free:38.08 GB) NTFS Drive d: () (Fixed) (Total:920.1 GB) (Free:251.07 GB) NTFS \\?\Volume{1a022361-6a33-451c-a3dc-4f38368cdc3f}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS \\?\Volume{5e8405a9-996a-4ff1-8dc3-9f318ece2991}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS \\?\Volume{a93a4bec-3861-4942-a1dd-c8f8c8d9fb93}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{37692e76-e640-4ae3-a7db-50945538aca7}\ (Recovery) (Fixed) (Total:10.74 GB) (Free:1.27 GB) NTFS \\?\Volume{d4153ab6-a4ff-4bb1-b6b1-a5696cd51fee}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 8038C2AD) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Geändert von TrainandGame (03.11.2019 um 14:32 Uhr) |
Themen zu Versuchter Teamviewer missbrauch auf meinen PC |
amazon, beendet, bewusst, bitdefender, datei, defender, ebenfalls, erneut, fenster, frage, guten, installiert, internet, kleines, löschen, maus, neuen, neues, nichts, node.js, opera, prüfen, schnell, security, setup, taskmanager, teamviewer, version, windowsapps |