Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   CPU deutlich zu überlastet trotz weniger Programme (https://www.trojaner-board.de/185711-cpu-deutlich-ueberlastet-trotz-weniger-programme.html)

eMKaWe 25.05.2017 13:29
CPU deutlich zu überlastet trotz weniger Programme
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo wertes Forum.
Aufgrund eines Freundes hab ich mich hier angemeldet und schildere mal mein Problem.
Beim Streamen aber auch nur beim zocken passiert es öfters, dass meine CPU übermäßig hoch ausgelastet ist, was mich in der Regel die Hälfte meiner Ingame-FPS kostet (Beispiel LoL offstream 120 FPS im stream 30-50 FPS. CPU dabei zu 90+ % ausgelastet.
Hier ein Beispiel wie das so aussieht:

https://gyazo.com/5574b25333cea0402efc47e61048c8d5

Leider hab ich keine weiteren Daten zu den Hintergrundprogrammen. Und nein, so sieht das aus, wenn ich den Task manager mehrere minuten laufen lasse.
Im Anhang hab ich einmal Malwarebytes Log file drinne, den ich mal durchgelaufen lasse habe und offstream durch das programm "ProcessExplorer" Mal erstellt, was bei mir im Hintergrund so läuft.

Würd mich freuen, wenn wer das Problem für die CPU-Überlastung finden würde.
Zu meinem System:
Board: ASRock Z68
CPU: Intel i7-3770
Graka: NVidia Geforce GTX 970
16 Gb Ram
Be quiet lüfter
500 watt netzteil
Und nein meine CPU läuft nicht heiß.

Mfg

burningice 25.05.2017 19:49
:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's :abklatsch:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


eMKaWe 26.05.2017 00:01
FRST.txt teil 1:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Marc (Administrator) auf MARC-PC (26-05-2017 00:45:52)
Gestartet von C:\Users\Marc\Downloads
Geladene Profile: Marc (Verfügbare Profile: Marc & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\data\SWARM_CONNECT\SwarmHW_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hammer & Chisel, Inc.) C:\Users\Marc\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Marc\AppData\Local\Discord\app-0.0.297\Discord.exe
(Valve Corporation) D:\Games\Steam Games\SteamApps\Steam.exe
(Valve Corporation) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
() D:\Games\League of Legends\LeagueClient.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [13388752 2017-01-13] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258448 2016-11-09] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Google Update] => C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Dropbox Update] => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-11] (Dropbox, Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-03-28] (Nota Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\RunOnce: [DeleteMarkAny] => C:\WINDOWS\SysWOW64\MASetupCleaner.exe [24576 2014-04-30] ((주)마크애니)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1132746113-184105214-789198808-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2016-05-29]
ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled [2016-10-01] ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6697b776-7271-4d6d-864e-17038884b67f}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130946649677629647&GUID=03BB13BC-6D20-493B-B4E2-1F77E6E9444E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
URLSearchHook: HKLM-x32 - (Kein Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1132746113-184105214-789198808-1000 -> {6D5F60DF-652D-4C54-864D-FF8F5683FA00} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-04] (Microsoft Corporation)
BHO-x32: Kein Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: Kein Name -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> Keine Datei
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Kein Name - {62d40876-df18-411f-9d34-a9dd7a197bc5} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pw95x240.default
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\pw95x240.default [2017-02-21]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-22] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-24] [ist nicht signiert]
FF HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-04-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-07-16] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default [2017-05-26]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-05]
CHR Extension: (BetterTTV) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-22]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Social Blade) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-04-11]
CHR Extension: (Google-Suche) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Grammarly for Chrome) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-05-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-06-06]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-04-28]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-30]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-30]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-30]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-28]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-04-03]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-04-03]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-03]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5 [2017-04-03]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6 [2017-04-03]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-03]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-03]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7 [2017-04-02]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-02]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8 [2017-04-02]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-02]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-02]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
StartMenuInternet: Google Chrome.P5EZDHZD2ZPCKP4ZQ4RTYX6CSY - C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1449333750&z=e4b63f1b1d7104b9a10373fgcz4z6tdceccm7o0q4o&from=cor&uid=ST500DM002-1BD142_Z2A8V6R5XXXXZ2A8V6R5

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705544 2017-05-04] (Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-04-26] (EasyAntiCheat Ltd)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2016-10-07] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2237392 2016-11-10] (Micro-Star INT'L CO., LTD.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-21] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-21] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-01] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [661760 2015-11-12] (C-MEDIA)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-05-20] (CPUID)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-09-28] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-09-28] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-20] (Disc Soft Ltd)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2012-03-05] (DT Soft Ltd)
S3 dump_wmimmc; D:\Games\Blade and Soul\BnS\bin64\GameGuard\dump_wmimmc.sys [158152 2017-03-14] ()
S3 EagleX64; C:\WINDOWS\system32\drivers\EagleX64.sys [140024 2016-06-17] (AhnLab, Inc.)
S3 ESLvnic1; C:\WINDOWS\System32\DRIVERS\ESLvnic.sys [25528 2012-01-24] (Turtle Entertainment GmbH)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-20] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-25] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52080 2013-12-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

eMKaWe 26.05.2017 00:02
FRST.txt Teil2:
Code:
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-26 00:45 - 2017-05-26 00:48 - 00047896 _____ C:\Users\Marc\Downloads\FRST.txt
2017-05-26 00:45 - 2017-05-26 00:45 - 00000000 ____D C:\FRST
2017-05-26 00:43 - 2017-05-26 00:44 - 02429952 _____ (Farbar) C:\Users\Marc\Downloads\FRST64.exe
2017-05-25 22:16 - 2017-05-25 22:18 - 00000000 ____D C:\Program Files\UNP
2017-05-25 22:16 - 2017-05-25 22:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-25 17:35 - 2017-05-25 17:35 - 00009358 _____ C:\Users\Marc\Documents\Hardware Interrupts and DPCs.txt
2017-05-25 15:24 - 2017-05-25 15:24 - 00009410 _____ C:\Users\Marc\Downloads\conhost.exe.txt
2017-05-25 15:24 - 2017-05-25 15:24 - 00005889 _____ C:\Users\Marc\Downloads\malware_bedrohungen.txt
2017-05-25 14:28 - 2017-05-25 14:28 - 00041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-05-25 14:15 - 2017-05-25 14:15 - 00009410 _____ C:\Users\Marc\Documents\conhost.exe.txt
2017-05-25 13:52 - 2017-05-25 13:52 - 01931969 _____ C:\Users\Marc\Downloads\ProcessExplorer.zip
2017-05-25 03:33 - 2017-05-25 03:33 - 00000000 ____D C:\Users\Marc\Documents\samsung
2017-05-25 03:32 - 2017-05-25 14:13 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Samsung
2017-05-25 03:29 - 2017-05-25 14:13 - 00000000 ____D C:\ProgramData\Samsung
2017-05-25 03:26 - 2017-05-25 03:28 - 72022192 _____ (Samsung Electronics) C:\Users\Marc\Downloads\KiesSetup.exe
2017-05-25 02:34 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-25 02:29 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-25 02:18 - 2017-05-25 02:18 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:17 - 2017-05-25 02:33 - 00000000 ____D C:\WINDOWS\LastGood
2017-05-25 02:17 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-25 02:17 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-20 00:26 - 2017-05-20 00:26 - 00005889 _____ C:\Users\Marc\Documents\malware_bedrohungen.txt
2017-05-19 13:59 - 2017-05-25 23:42 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-19 13:59 - 2017-05-20 00:32 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-19 13:59 - 2017-05-20 00:32 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-19 13:59 - 2017-05-20 00:30 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-19 13:59 - 2017-05-20 00:11 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-19 13:59 - 2017-05-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-19 13:59 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-19 13:58 - 2017-05-19 13:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-17 21:41 - 2017-05-17 21:41 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-15 23:01 - 2017-05-15 23:01 - 00000000 ____D C:\Users\Marc\AppData\LocalLow\Kyle Champ
2017-05-11 11:11 - 2017-05-11 11:11 - 00000000 ____D C:\Users\Marc\AppData\Local\web_engine
2017-05-11 11:11 - 2017-05-11 11:11 - 00000000 ____D C:\Users\Marc\.web_engine
2017-05-10 18:31 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 18:31 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 18:31 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 18:31 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 18:31 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 18:31 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 18:31 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 18:31 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 18:31 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 18:31 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 18:31 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 18:31 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 18:31 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 18:31 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 18:31 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 18:31 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 18:31 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 18:31 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 18:31 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 18:31 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 18:31 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 18:31 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 18:31 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 18:30 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 18:30 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 18:30 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 18:30 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 18:30 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 18:30 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 18:30 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 18:30 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 18:30 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 18:30 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 18:30 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 18:30 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 18:30 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 18:30 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 18:30 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 18:30 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 18:30 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 18:30 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 18:30 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 18:30 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 18:30 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 18:30 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 18:30 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 18:30 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 18:30 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 18:30 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 18:30 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 18:30 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 18:30 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 18:30 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 18:30 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 18:30 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 18:30 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 18:30 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 18:30 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 18:30 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 18:30 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 18:30 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 18:30 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-05-10 18:30 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-05-10 18:30 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 18:30 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 18:30 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 18:30 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 18:30 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 18:30 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 18:30 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 18:30 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 18:30 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 18:30 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 18:30 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 18:30 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 18:30 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 18:30 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 18:30 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 18:30 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 18:30 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 18:30 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 18:30 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 18:30 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 18:30 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-05-10 18:30 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 18:30 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 18:30 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 18:30 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 18:30 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 18:30 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 18:30 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 18:30 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 18:30 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 18:30 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 18:30 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 18:30 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 18:30 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 18:30 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 18:30 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 18:30 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 18:30 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 18:30 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 18:30 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 18:30 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 18:30 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 18:30 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 18:30 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 18:30 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 18:30 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 18:30 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-05-10 18:29 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 18:29 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 18:29 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 18:29 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 18:29 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 18:29 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 18:29 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 18:29 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 18:29 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 18:29 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 18:29 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 18:29 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 18:29 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 18:29 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 18:29 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 18:29 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 18:29 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 18:29 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 18:29 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 18:29 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 18:29 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 18:29 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 18:29 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 18:29 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 18:29 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 18:29 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 18:29 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 18:29 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 18:29 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 18:29 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 18:29 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 18:29 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 18:29 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 18:29 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 18:29 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 18:29 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 18:29 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 18:29 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 18:29 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 18:29 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 18:29 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 18:29 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 18:29 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 18:29 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 18:29 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 18:29 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 18:29 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 18:29 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 18:29 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 18:29 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 18:29 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 18:29 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 18:29 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 18:29 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 18:29 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 18:29 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-10 15:52 - 2017-05-10 15:52 - 00001593 _____ C:\Users\Marc\Desktop\StardewModdingAPI - Verknüpfung.lnk
2017-05-09 22:50 - 2017-05-09 22:50 - 00017679 _____ C:\Users\Marc\Downloads\emkawe.csv
2017-05-09 17:20 - 2017-05-09 17:20 - 00005667 _____ C:\Users\Marc\Documents\Skript_Video_DbD.odt
2017-05-08 23:43 - 2017-04-26 22:47 - 00383016 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-05-06 17:57 - 2017-05-06 18:03 - 29181730 _____ (Marcin Swierzowski aka AnkhHeart ) C:\Users\Marc\Downloads\AnkhBotR2_1.0.1.24_Official.exe
2017-05-06 17:11 - 2017-05-06 17:11 - 00001101 _____ C:\Users\Marc\Desktop\AnkhBotR2 - Verknüpfung.lnk
2017-05-06 01:54 - 2017-05-06 01:54 - 01496584 _____ C:\Users\Marc\Downloads\Vegas Movie Studio Platinum - CHIP-Installer.exe
2017-05-04 19:05 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-04 19:05 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-03 18:49 - 2017-04-30 20:04 - 00000000 ____D C:\Users\Marc\Downloads\SMAPI 1.11
2017-05-02 22:16 - 2017-05-02 22:16 - 00248748 _____ C:\Users\Marc\Downloads\conf-marc.pdf
2017-04-30 03:54 - 2017-04-30 03:54 - 00004755 _____ C:\Users\Marc\Documents\geschichte.odt
2017-04-28 01:34 - 2017-04-28 01:34 - 00000000 ____D C:\Users\Marc\Documents\SavedGames
2017-04-28 01:33 - 2017-04-28 01:33 - 00001445 _____ C:\Users\Public\Desktop\Breach & Clear.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-26 00:06 - 2017-02-13 13:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\obs-studio
2017-05-25 22:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-25 22:01 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-25 18:17 - 2016-03-18 18:01 - 00000000 ____D C:\Users\Marc\AppData\Local\Spotify
2017-05-25 16:12 - 2016-06-25 18:37 - 00692776 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-05-25 16:05 - 2016-03-18 18:00 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Spotify
2017-05-25 15:23 - 2016-10-01 14:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-25 14:20 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-25 14:13 - 2014-06-21 15:20 - 00000000 ____D C:\Users\Marc\AppData\Local\Samsung
2017-05-25 14:13 - 2014-06-21 15:17 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-25 14:13 - 2011-08-31 20:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-25 12:25 - 2016-10-01 14:19 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-25 11:33 - 2017-04-22 16:01 - 00005992 _____ C:\Users\Marc\Documents\Mimi_diaetplan.ods
2017-05-25 11:20 - 2012-07-25 22:05 - 00000000 ____D C:\Users\Marc\AppData\Local\LogMeIn Hamachi
2017-05-25 11:16 - 2017-03-18 18:16 - 00000000 __SHD C:\Users\Marc\IntelGraphicsProfiles
2017-05-25 11:16 - 2016-10-01 14:25 - 00000000 ____D C:\Users\Marc
2017-05-25 03:28 - 2014-06-21 15:16 - 00000000 ____D C:\Users\Marc\AppData\Local\Downloaded Installations
2017-05-25 03:07 - 2012-12-05 20:17 - 00000000 ____D C:\Users\Marc\AppData\Local\ElevatedDiagnostics
2017-05-25 02:38 - 2016-10-01 14:23 - 02763288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-25 02:38 - 2016-07-17 00:51 - 01115198 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-25 02:38 - 2016-07-17 00:51 - 00283320 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-25 02:35 - 2016-10-01 14:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-25 02:35 - 2015-12-17 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-25 02:18 - 2017-01-24 23:08 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:14 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:14 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-25 02:18 - 2016-10-06 16:13 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-01 14:19 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-25 02:18 - 2016-10-01 14:19 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-24 21:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-24 21:41 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-24 21:41 - 2013-07-31 02:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 21:36 - 2011-09-24 13:36 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-20 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-20 00:29 - 2016-10-01 14:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-20 00:28 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-20 00:26 - 2014-11-11 19:10 - 00000000 ____D C:\Program Files (x86)\eSupport.com
2017-05-19 21:51 - 2017-03-28 19:37 - 00000000 ____D C:\Users\Marc\AppData\Roaming\StardewValley
2017-05-19 21:06 - 2011-09-27 21:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\TS3Client
2017-05-19 13:58 - 2011-09-08 09:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-19 13:40 - 2014-10-12 19:57 - 00007607 _____ C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2017-05-19 03:15 - 2014-02-26 21:31 - 00000000 ____D C:\Users\Marc\AppData\Local\Battle.net
2017-05-18 23:17 - 2011-09-04 21:08 - 00000000 ____D C:\Users\Marc\AppData\Local\CrashDumps
2017-05-18 14:48 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-18 14:47 - 2014-11-09 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-18 14:41 - 2014-02-26 21:31 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-18 09:35 - 2017-04-06 16:40 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-18 09:35 - 2017-01-24 23:07 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-18 09:35 - 2016-08-27 00:26 - 04114248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 09:35 - 2016-08-27 00:26 - 03624784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 09:35 - 2016-08-02 23:52 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-18 07:55 - 2016-10-06 16:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-18 07:48 - 2016-10-01 14:19 - 06437824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00548984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 21:42 - 2011-09-27 20:41 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Dropbox
2017-05-16 20:09 - 2016-10-01 14:19 - 07993157 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-16 00:41 - 2014-08-14 01:17 - 00002493 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 20:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:20 - 2013-03-27 00:32 - 00001203 _____ C:\Users\Marc\Desktop\TeamSpeak 3 Client.lnk
2017-05-12 09:28 - 2017-04-10 12:00 - 00000000 ____D C:\Users\Marc\AppData\Local\FalloutShelter
2017-05-12 01:10 - 2017-04-17 16:46 - 00004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-12 01:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 01:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-11 11:09 - 2015-08-02 12:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 11:09 - 2011-09-03 10:35 - 00000000 ___RD C:\Users\Marc\Podcasts
2017-05-11 11:06 - 2016-10-01 14:15 - 00376112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 03:20 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 18:07 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 15:20 - 2015-08-02 12:26 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages
2017-05-06 21:29 - 2016-10-01 14:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 00:11 - 2017-04-20 14:39 - 00000000 ____D C:\Users\Marc\Documents\Soundaufnahmen
2017-05-04 01:48 - 2015-04-11 21:10 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc
2017-05-03 22:21 - 2017-01-24 23:07 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETDFC3.tmp
2017-05-03 22:21 - 2016-10-06 16:14 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 22:21 - 2016-05-10 12:18 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-02 18:03 - 2016-12-09 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snaz
2017-05-02 16:28 - 2016-05-18 14:49 - 00000000 ____D C:\Users\Marc\AppData\Roaming\discord
2017-05-02 00:38 - 2017-01-24 23:07 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETEB0.tmp
2017-05-02 00:38 - 2016-08-27 00:26 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET3191.tmp
2017-05-02 00:38 - 2016-08-27 00:26 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET4E92.tmp
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-01 14:18 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-28 01:35 - 2016-12-17 00:35 - 00003912 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d257ecbd9dba3a
2017-04-28 01:35 - 2016-12-17 00:35 - 00003644 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d257ecbd7530cd
2017-04-28 01:33 - 2016-11-19 04:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Launcher
2017-04-27 21:16 - 2016-10-01 14:58 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-27 21:16 - 2016-10-01 14:58 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 20:09 - 2011-08-31 17:04 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-16 16:12 - 2017-03-16 16:12 - 0001440 _____ () C:\Users\Marc\AppData\Local\recently-used.xbel
2014-10-12 19:57 - 2017-05-19 13:40 - 0007607 _____ () C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2011-11-10 15:10 - 2017-03-23 18:29 - 0006035 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2017-04-22 20:14 - 2017-04-22 20:14 - 0739904 _____ (Oracle Corporation) C:\Users\Marc\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-04-25 18:33 - 2017-04-20 02:18 - 0754352 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvSCPAPI.dll
2017-04-06 16:39 - 2017-05-01 22:14 - 0869200 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-25 18:29 - 2017-05-01 22:14 - 0367552 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvStInst.exe
2017-04-14 04:24 - 2017-04-14 04:24 - 0040448 ____N () C:\Users\Marc\AppData\Local\Temp\proxy_vole2232295211778137791.dll
2017-04-29 13:06 - 2017-05-02 18:03 - 2059438 _____ (JimsApps                                                    ) C:\Users\Marc\AppData\Local\Temp\SnazSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-18 01:49

==================== Ende von FRST.txt ============================

eMKaWe 26.05.2017 00:04
addition.txt teil1:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Marc (26-05-2017 00:50:24)
Gestartet von C:\Users\Marc\Downloads
Windows 10 Pro Version 1607 (X64) (2016-10-01 13:03:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1132746113-184105214-789198808-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1132746113-184105214-789198808-503 - Limited - Disabled)
Gast (S-1-5-21-1132746113-184105214-789198808-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1132746113-184105214-789198808-1002 - Limited - Enabled)
Marc (S-1-5-21-1132746113-184105214-789198808-1000 - Administrator - Enabled) => C:\Users\Marc

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
5700_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnkhBotR2 version 1.0.1.28 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.1.28 - Marcin Swierzowski aka AnkhHeart)
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
ASRock eXtreme Tuner v0.1.209 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Breach & Clear (HKLM-x32\...\660082a1-5d0f-40d5-8f8c-828b87ab55c4) (Version:  - GB36X)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Commando Jack (HKLM\...\Steam App 299260) (Version:  - Colossal Games)
Conan Exiles (HKLM\...\Steam App 440900) (Version:  - Funcom)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Deceit (HKLM\...\Steam App 466240) (Version:  - Automaton)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Drawful 2 (HKLM-x32\...\7c165bbd-272d-47bd-b387-25ebca8ea6b1) (Version:  - JBCZN)
Dropbox (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
DSF Fußballmanager 98-99 (HKLM-x32\...\DSF Fußballmanager 98-99) (Version:  - )
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout Shelter (HKLM\...\Steam App 588430) (Version:  - Bethesda Game Studios)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FINAL FANTASY XIII (HKLM\...\Steam App 292120) (Version:  - SQUARE ENIX)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
Free Audio CD Burner version 2.0.24.812 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.24.812 - DVDVideoSoft Ltd.)
Free Video Call Recorder for Skype (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.33.1029 - DVDVideoSoft Ltd.)
FTL -  Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GDR 5520 für SQL Server 2008 (KB 2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Gyazo 3.3.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM\...\Steam App 214830) (Version:  - Opus)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version:  - DFE5J)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP OfficeJet J5700 (HKLM\...\{D3A65B0A-403B-4C20-A488-BFED2BC5D2EF}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
J5700 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalonline (HKLM\...\Steam App 475100) (Version:  - Inixsoft)
Kathy Rain (HKLM-x32\...\62c80ac3-3aa5-42a8-8048-a29ff819b7a8) (Version:  - RB5QV)
League client alpha (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
Learn Japanese To Survive - Hiragana Battle (HKLM\...\Steam App 438270) (Version:  - Sleepy Duck)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version:  - SQUARE ENIX)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2084 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minion Masters (HKLM\...\Steam App 489520) (Version:  - BetaDwarf)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.06 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{615d0aea-5494-408e-a381-e75d286601ff}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\InstallShield_{E7E52DE1-B0AD-4527-8E65-275EC03A9530}) (Version: 1.40.201 - ROCCAT GmbH)
ROCCAT Swarm (x32 Version: 1.40.201 - ROCCAT GmbH) Hidden
ROCCAT Swarm AlienFX (HKLM-x32\...\InstallShield_{5B0DCD7B-6F03-4322-8182-297882922F87}) (Version: 1.02 - ROCCAT GmbH)
ROCCAT Swarm AlienFX (Version: 1.02 - ROCCAT GmbH) Hidden
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snaz Version 1.12.5.2 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.5.2 - JimsApps)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Walking Dead (HKLM-x32\...\067a7675-cf5e-456d-ab72-615e3bbb34ce) (Version:  - TEQWP)
The Walking Dead: Season Two (HKLM-x32\...\632a1869-fcfe-4a96-b7f2-47057a7d6daf) (Version:  - TEQWP)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
UE4 Prerequisites (x64) (HKLM-x32\...\{31b49e1e-03f8-4a04-8faa-f6476d8fad02}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\WhatsApp) (Version: 0.2.684 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player 64-bit Plug-in Fix (HKLM\...\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb) (Version:  - )
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Youtubers Life (HKLM\...\Steam App 428690) (Version:  - U-Play online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\ChromeHTML: -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16E66A39-8AA3-4334-9C4B-53EECADE9336} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1721515B-B280-4ECB-B4BF-BFDDF5BE0EA0} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {1A8CA9DF-C8A4-4760-97EC-C177E990BB74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {1EC3C81C-5AF1-442B-8ACB-3C0A11BF2420} - System32\Tasks\{AB373CB2-7287-444D-8012-BA7185EA23AE} => pcalua.exe -a C:\ATI\Support\11-12_vista64_win7_64_dd_ccc_ocl\Setup.exe -d C:\ATI\Support\11-12_vista64_win7_64_dd_ccc_ocl
Task: {1EE90060-4B27-4FAD-BF1A-FEF3E3892736} - System32\Tasks\{E4520F1F-96C4-43D7-99A7-78637179F6D6} => pcalua.exe -a C:\Users\Marc\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Marc\Downloads
Task: {2160C1B6-BB92-4D52-8569-141C232694C4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15] (Oracle Corporation)
Task: {2482D2DC-F76F-4F65-AF04-EA75F1775449} - System32\Tasks\{4F6CC519-D104-4CBE-BD4D-EBE4DEDEDE99} => C:\Program Files (x86)\PakkISO\pakkIso.exe
Task: {2718E79C-13E5-4F72-9AE9-2F62B253CBD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {29252641-8BC1-4D0D-B7E3-9786B7CE37EC} - System32\Tasks\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => pcalua.exe -a C:\Westwood\C&amp;C95\CCSETUP.EXE -d C:\Westwood\C&amp;C95
Task: {2A71B2AA-9DE0-49D8-BEA4-8F9615860176} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B7C04AA-13C2-45D6-87FB-DA260E2FB7B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-24] (Microsoft Corporation)
Task: {2DFC0A89-FBD0-4383-A2B7-4813F685FF6E} - System32\Tasks\{4E008CF3-A100-41B9-9482-A5B7FF1234E9} => pcalua.exe -a C:\Users\Marc\Downloads\icq_7.2.3525.exe -d C:\Users\Marc\Downloads
Task: {3645015F-EF07-48A0-ACDD-BA5C6D17A10E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {36D30CD0-5482-497F-B5D9-7AA19EB62FB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {38FCC809-0FE9-4DB6-89A3-CCD078F895CF} - System32\Tasks\{8D78FF08-6D21-4313-AFB6-A8B55C7DB738} => pcalua.exe -a C:\Users\Marc\Downloads\dotnetfx35.exe -d C:\Users\Marc\Downloads
Task: {3997563E-48B6-4DA3-9C6D-4C1CF9433633} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3BC0A2DF-8146-41DB-A8C8-4B8805331261} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {3FA3227E-35F3-40D7-8306-16DF2814374D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d257ecbd9dba3a => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {40569694-256B-4BC9-A933-E0F04D602776} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {43563EDB-2C6A-41F6-B45B-381F807E4A7C} - System32\Tasks\Google Updater and Installer => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {43991FE3-2799-4778-B921-C1ABCE0D02E7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {43EBFFD7-74F8-4F9F-B4C3-684F5068FF75} - System32\Tasks\{D1C0F8DE-9EFC-4DA4-A3B0-3121CEAF7E3A} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {458DC6E8-D918-49AF-AD81-189007ABAE3C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-06] (Microsoft Corporation)
Task: {4630EB95-233C-4F20-B2DB-C3B99597B287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B00C9E9-D7B2-421A-AE4F-5608D5E112AF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {4D82B5C3-06F1-483B-93FA-2169536F6133} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5170ADA1-A8B8-4A15-AA04-45B85786299F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {5307712C-7B3D-4C52-B0AA-2E6E9486A307} - System32\Tasks\{D5BFE14D-1B62-473C-8EF5-7C4A0E844890} => pcalua.exe -a "D:\Games\Electronic Arts\Need For Speed World\AkamaiInstall.exe" -d "D:\Games\Electronic Arts\Need For Speed World"
Task: {53FD7521-23C9-4CAA-AEAB-A32768D00323} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {5837EBB8-4CAC-473D-B197-A65ECBF8B3FC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {585DA3C8-5257-4AA9-B84B-7BB89CEFBF11} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe
Task: {61CF4399-58AA-45E6-81CD-48855A15DF94} - System32\Tasks\{641B4A92-D776-4EC7-8F3B-B5D028356578} => C:\Program Files (x86)\Steam\Steam.exe [2015-12-14] (Valve Corporation)
Task: {62301821-5596-4181-B960-D86B8761BBBD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {69DC7492-D40F-4135-9335-54C2F8CBC3CE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6A1ACC6E-24BE-44FC-BE00-95C81B7EEFAA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6F895CF1-D975-4214-B0FC-735DEEFE43DE} - System32\Tasks\{4D9719D5-66DE-49D5-83A4-11188544B2EF} => pcalua.exe -a C:\Users\Marc\Downloads\dxwebsetup0411.exe -d C:\Users\Marc\Downloads
Task: {7083EBBF-26B2-4880-914B-907E73364800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {7205E5D4-7CF3-4757-81CE-23BE761D0AC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {72AAE81D-6DF1-40FF-AF35-8FEAA622A483} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Program
Task: {754211D1-8E6F-4DAD-9009-F343A6397A37} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7588E71B-22F6-413F-83FC-64560A019779} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7765C1B5-1832-4CB3-AC1D-689E30B1D8AF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {7901EB39-C7F2-448E-B321-1BA0B70E5877} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {795B256B-F65A-4DFD-81BF-2B2ABE58D408} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d257ecbd7530cd => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7AEAC270-DFEA-4AF4-BA59-F982BD2A246D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {7E9D55A0-4B7B-4DEE-ABDC-748EB2619B07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {7EF92A7F-E969-4748-ACD1-C2E9A8659369} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe  <==== ACHTUNG
Task: {8200B8D7-CD70-4E40-AEC0-E9577BF0B4C3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {8EABD29A-8AA2-40B9-A7AA-B16644A65C73} - System32\Tasks\{70730BC4-0BFE-4744-BAD2-E91F3798140E} => pcalua.exe -a C:\Windows\IsUn0407.exe -c -fC:\SIERRA\DSF98-99\Uninst.isu
Task: {959A3583-4DA5-47BE-BF7E-3928E63B858E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {9847A64F-F140-4DA2-B7C8-97CFBB513A43} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {99A2F0D8-9C45-4540-A58B-422010C39E20} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9B018CE8-BC27-4060-AFED-0A6C09B8236A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {A23A357D-2D49-46BB-BCF8-493F33541E8F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A2557097-AEC1-4F35-B5F9-70508A3D8CC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {A83B829F-351B-4347-A032-40192154EFCB} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {AC94F2F8-2C2A-4335-B975-2073D5E7777A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {B01F3565-6DF6-42A9-99E2-E77FF328C354} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B8D6072D-844C-415B-B41E-ADC8E2F92459} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d23c064f5de62a => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.)
Task: {BEA253EC-2B81-49E7-9873-C6248AEDD69D} - System32\Tasks\{86C993B1-9965-4E96-BF1B-68A9ADA579DA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -c /app FreeVideoCallRecorderForSkype
Task: {BF20C24E-DC99-4370-A6DC-D4060CBF0D4D} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe  <==== ACHTUNG
Task: {BF4D41AC-1142-4EB0-BE79-76D8A224627B} - System32\Tasks\{BCC39CAA-1EF7-4CEE-A566-66610C956DF5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {BFB3FC34-A6EF-4D7D-BE51-2549303040CC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {C29E6FD6-AA15-4FC3-A389-92C9C210D2E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C3E5BE91-4245-44D7-B726-2BBB24831937} - System32\Tasks\{D2C93145-3150-47F4-BBEB-E035B32A3287} => pcalua.exe -a C:\Users\Marc\Downloads\setup.exe -d C:\Users\Marc\Downloads
Task: {C3E7BE52-FB1A-41A0-A266-E84E38BE1D40} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C5B79861-D633-4E14-8C63-090D9563980F} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {CA6A2D79-2642-461F-A0DF-2985909B55E0} - System32\Tasks\{1BC349F9-1642-43F5-96B5-52F35A67756A} => pcalua.exe -a "C:\Users\Marc\Downloads\dotNetFx35setup (1).exe" -d C:\Users\Marc\Downloads
Task: {CFD1656A-372E-4AE6-BD3F-28CBED98F792} - System32\Tasks\{0FB93C61-AAE5-4F6E-B5CA-426A54D6A05A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {D123BDD5-8B49-4285-9963-F9F03D2BBAD1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D1C24ACA-BB67-4059-B661-F8ECFF345763} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DC0002C3-CA7B-4051-A608-30CCD94B7A18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DCD02564-5292-42DD-A908-5FB8F1777255} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {E1C6CAEA-701A-45F1-9AAB-B185A9D0A9FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {E4717A70-3C41-4A0C-BE65-EBEF45FA780E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E79DEF92-E074-47B0-9BFB-874F7698D020} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {EBA600B8-7CB7-46AF-A681-59556E0C47D0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {EC9EBE42-36E6-46A6-933F-A8CC1E7EFA28} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {EED73BAD-10E3-4E78-B9C0-130D82001890} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F12749B1-7EF7-4D07-B6FF-1F0379E6AC0D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {F34F533A-D0ED-47D5-BD80-7E15B102B357} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F6767A6C-B6BD-4C06-AAFA-0DFB391136D2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {F7BB9C69-FE75-494A-BD8D-A4AB6E917615} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FAE074BD-F449-4845-A7F3-1D4482EEBA5A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {FD360E83-F3DB-454D-AF25-0FDA6012183A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {FDC01966-C690-490E-ACE1-B02607BBF85E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d23c064f2afa22 => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d23c064f2afa22.job => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d23c064f5de62a.job => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe

eMKaWe 26.05.2017 00:04
addition.txt Teil 2:
Code:
==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CloneSpy\Website.lnk -> hxxp://www.clonespy.com

ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 1 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 3 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 4 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 5 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 6 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 7 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 8 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Marc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\202e0fa5ad94ba62\Profil 2 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-19 13:59 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-06 16:13 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-01 14:19 - 2017-05-18 07:48 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-01 15:17 - 2016-10-01 15:17 - 00959168 _____ () C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2011-09-02 19:40 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-10-01 15:06 - 2016-10-01 15:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 00:20 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 00:18 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-25 22:00 - 2017-05-25 22:01 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-25 22:00 - 2017-05-25 22:01 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-25 22:00 - 2017-05-25 22:01 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-25 22:00 - 2017-05-25 22:01 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2016-07-25 23:54 - 2017-05-18 18:22 - 03395712 _____ () D:\Games\League of Legends\LeagueClient.exe
2013-12-12 18:37 - 2013-12-12 18:37 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2017-01-14 12:39 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-10-06 16:13 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-10-23 18:27 - 2014-10-23 12:27 - 00119822 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libgcc_s_dw2-1.dll
2014-10-23 18:27 - 2015-12-29 00:25 - 01540622 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libstdc++-6.dll
2017-01-24 22:12 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Marc\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-24 22:13 - 2017-01-24 22:13 - 01082880 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-24 22:13 - 2017-01-24 22:13 - 03750400 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-24 22:13 - 2017-01-24 22:13 - 00914432 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-24 22:13 - 2017-01-24 22:13 - 01127424 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-04-18 21:31 - 2017-04-18 21:31 - 00148992 _____ () \\?\C:\Users\Marc\AppData\Local\Discord\app-0.0.297\resources\app\node_modules\erlpack\build\Release\erlpack.node
2017-01-24 22:13 - 2017-04-26 20:26 - 02658296 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-24 22:13 - 2017-03-22 19:14 - 02665976 _____ () \\?\C:\Users\Marc\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2015-12-18 16:04 - 2017-03-10 02:13 - 00674592 _____ () D:\Games\Steam Games\SteamApps\SDL2.dll
2015-12-18 16:04 - 2016-09-01 03:02 - 04969248 _____ () D:\Games\Steam Games\SteamApps\v8.dll
2015-12-18 16:04 - 2017-04-26 01:55 - 02465056 _____ () D:\Games\Steam Games\SteamApps\video.dll
2015-12-18 16:04 - 2016-01-27 09:49 - 02549760 _____ () D:\Games\Steam Games\SteamApps\libavcodec-56.dll
2015-12-18 16:04 - 2016-01-27 09:49 - 00491008 _____ () D:\Games\Steam Games\SteamApps\libavformat-56.dll
2015-12-18 16:04 - 2016-01-27 09:49 - 00332800 _____ () D:\Games\Steam Games\SteamApps\libavresample-2.dll
2015-12-18 16:04 - 2016-01-27 09:49 - 00442880 _____ () D:\Games\Steam Games\SteamApps\libavutil-54.dll
2015-12-18 16:04 - 2016-01-27 09:49 - 00485888 _____ () D:\Games\Steam Games\SteamApps\libswscale-3.dll
2015-12-18 16:04 - 2016-09-01 03:02 - 01563936 _____ () D:\Games\Steam Games\SteamApps\icui18n.dll
2015-12-18 16:04 - 2016-09-01 03:02 - 01195296 _____ () D:\Games\Steam Games\SteamApps\icuuc.dll
2015-12-18 16:04 - 2017-04-26 01:55 - 00848672 _____ () D:\Games\Steam Games\SteamApps\bin\chromehtml.DLL
2016-03-11 21:57 - 2016-07-05 00:17 - 00266560 _____ () D:\Games\Steam Games\SteamApps\openvr_api.dll
2016-12-13 15:20 - 2017-01-30 23:41 - 68875552 _____ () D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\libcef.dll
2015-12-18 16:04 - 2017-04-26 01:55 - 00383776 _____ () D:\Games\Steam Games\SteamApps\steam.dll
2015-12-18 16:04 - 2015-09-25 01:52 - 00119208 _____ () D:\Games\Steam Games\SteamApps\winh264.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 03395712 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClient.exe
2017-05-18 18:22 - 2017-05-18 18:22 - 00108672 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\zlib.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 00128640 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\yaml.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 01409664 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00656000 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 01051264 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00521856 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00665728 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00574592 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00497792 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00644224 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00534656 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00627328 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00575616 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00807552 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00479360 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00575616 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00564352 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 00448640 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00542336 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00541312 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00493696 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 01038976 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00492160 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00935040 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00587392 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 01229952 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00806528 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00591488 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00514176 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 02604672 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00489600 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00514688 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00874624 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00469632 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00485504 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00710784 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00476288 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00488576 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00533120 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00735872 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00519296 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00545920 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-kudos\rcp-be-lol-kudos.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00631424 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00799360 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00595072 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00622208 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00602240 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00526976 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00555136 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00654464 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00699008 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00778880 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00521344 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00584320 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00724608 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00659584 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00501376 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00481408 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00563840 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00541824 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00576128 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00467584 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00532608 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00605312 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
2017-05-18 18:22 - 2017-05-03 08:06 - 00486016 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00537216 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00649856 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-clash\rcp-be-lol-clash.dll
2017-05-18 18:22 - 2017-05-17 10:13 - 00649856 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 01732736 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClientUx.exe
2017-05-18 18:22 - 2017-05-18 18:22 - 55775872 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\libcef.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 01732736 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\LeagueClientUxRender.exe
2017-05-18 18:22 - 2017-05-18 18:22 - 01801344 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\libglesv2.dll
2017-05-18 18:22 - 2017-05-18 18:22 - 00022144 _____ () D:\Games\League of Legends\RADS\projects\league_client\releases\0.0.0.76\deploy\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Marc\.DS_Store:AFP_AfpInfo [122]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7752 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-11-09 19:42 - 00442922 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        www.100888290cs.com
127.0.0.1        100888290cs.com
127.0.0.1        100sexlinks.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        www.10sek.com
127.0.0.1        10sek.com
127.0.0.1        1-2005-search.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        www.123fporn.info
127.0.0.1        123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123moviedownload.com
127.0.0.1        123moviedownload.com

Da befinden sich 15207 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1132746113-184105214-789198808-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc\Pictures\Raptr Screenshots\junko_enoshima_wallpaper_by_ishockwavei-d7j73hz.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FILSHtray.lnk => C:\Windows\pss\FILSHtray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk => C:\Windows\pss\ZooskMessenger.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                     
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\StartupFolder: => "Sidebar743.lnk"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{76A8BFF2-29B1-4EFF-809E-62F495ED414D}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{74277C60-1B9B-48B4-BD5F-C9CEE99661B0}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{D3098AB1-3258-4786-A7D3-7952F682EE12}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{097C0B7A-B28E-45E9-98A1-088E430B431B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{C3EC4996-91D4-44AF-927E-F97258D10949}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{271D86D2-76BC-43AC-B719-44FB5F5A163A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{BD5B6C15-2FC3-4C3B-9D77-E8BEAC140E1B}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{77CC69D0-43B6-4A62-9400-A66A4D002522}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{E7D4D5E0-93F1-4ACA-9BC9-22D5355DEF5E}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{1E7D72BD-9096-4D28-8C2D-448BCB0E1C66}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{62FB549E-DC96-4E77-AB6D-E56DBC2855D2}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{98A037E6-1000-4A99-BAD8-AB9C3748FE60}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{97730673-1C1F-4766-92B7-4DCA79E82840}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{66D3772D-3634-41E4-B0F2-33A477439ACF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{56F8E7A4-8E2D-4C71-8DF5-330DD6CD399A}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{0D278BE4-16B1-4A58-9150-AA0B213069E6}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{F81A14B1-CB99-4602-812F-AF9CDF5106F9}] => (Allow) C:\Users\Marc\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{7BD73BCA-42D8-4DCF-9EA8-8B78442CCA03}] => (Allow) C:\Users\Marc\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{CD93F975-3CCF-46EC-85FC-2A359D5BEE9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{9890AFF1-A555-442F-AF3D-00BAA034B1AD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{5A8F706A-40D4-4E0F-B6D4-3D3120EA4E61}] => (Allow) J:\SteamLibrary\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{745A146C-8181-4A21-B195-1DB9169CC20F}] => (Allow) J:\SteamLibrary\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A5FE26F9-98A6-4526-A0ED-EDD7BE151F53}] => (Block) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [{CD0AD7A7-9EA7-4DD6-9523-CD94085E8835}] => (Block) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [UDP Query User{A6018128-430B-47B2-87D9-4AC292AA4DED}D:\origin games\command and conquer tiberian sun\game.exe] => (Allow) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [TCP Query User{D506FB30-EBAD-488A-A2C8-DAA3DBAA02FB}D:\origin games\command and conquer tiberian sun\game.exe] => (Allow) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [UDP Query User{1BC818B7-2B86-4556-AB44-9AB3ABFF62D1}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{6DEEBF8A-2C14-4FB7-8E7C-F3020F1B8130}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7EA9045E-BCA0-402B-94C3-7402EB4135FA}] => (Allow) J:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{48384B79-3287-4659-938D-A2A7C81BFCC9}] => (Allow) J:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{20A889CC-14DD-453E-9B78-459854E4F46E}] => (Allow) J:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9958C4C2-D483-4A12-8C7D-22D7C1619C37}] => (Allow) J:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EFBD40BC-31FE-4A86-A0E9-FF5E8A50DD12}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3D47D322-C0AE-4B6E-873D-ED8BEE22F5D1}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{99EE5768-EA20-43AA-8F29-04E992AA0148}] => (Allow) J:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{0CC3D5BD-1560-4133-9659-EE534FD47A4A}] => (Allow) J:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{F3F3F7E1-4A83-46A5-A44D-FBAAC1FBA9CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4D3248B2-BA22-4E91-81C5-18FC679176A4}] => (Allow) D:\Games\Watch Dogs\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{7FD664A7-BEBF-40A5-9528-AC62FE76D6AB}] => (Allow) D:\Games\Watch Dogs\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{36AEBEF8-7319-48F8-B840-AECF0AF391C0}] => (Allow) J:\SteamLibrary\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{FB4FE2D1-1673-47EC-B283-4DD15E60D3BC}] => (Allow) J:\SteamLibrary\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [UDP Query User{5C836680-F0FE-4F18-9EB4-77DCBFE01FF3}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [TCP Query User{E49163AF-721B-4280-9E58-C0AC3138A2B5}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [{8DBFD679-B5DB-4862-AE98-A0608BC0F487}] => (Block) C:\games\minetest\bin\minetest.exe
FirewallRules: [{D7D49E94-A5DF-4C92-BE67-E91F58C848CF}] => (Block) C:\games\minetest\bin\minetest.exe
FirewallRules: [UDP Query User{F75B24EF-991C-4D2E-A309-2B93E94D0B83}C:\games\minetest\bin\minetest.exe] => (Allow) C:\games\minetest\bin\minetest.exe
FirewallRules: [TCP Query User{4DE1640F-88F3-4115-ABEC-E7D480A53902}C:\games\minetest\bin\minetest.exe] => (Allow) C:\games\minetest\bin\minetest.exe
FirewallRules: [{D1F221E4-9C68-4FC7-92FF-20F2E90FF91E}] => (Block) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [{C77CC189-5A5C-4BE6-A217-B60E4A16F9DE}] => (Block) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EE8FDA1F-C160-4C38-A108-27CF60C5854B}D:\games\world of warcraft\overwatch\overwatch.exe] => (Allow) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [TCP Query User{965DA77C-5287-4B45-BBCF-C12BF48ECECF}D:\games\world of warcraft\overwatch\overwatch.exe] => (Allow) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [{5672D4AC-042D-4E7A-970C-19F85135073B}] => (Block) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [{4BDBB034-BF0C-4585-BBA8-D44EE5649DA3}] => (Block) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [UDP Query User{3F1C0133-581C-4C0D-839B-E5ACE294C8F6}J:\steamlibrary\steamapps\common\this war of mine\modtools.exe] => (Allow) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [TCP Query User{1D1FEC44-4470-42AA-B080-B973DED9075F}J:\steamlibrary\steamapps\common\this war of mine\modtools.exe] => (Allow) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [{09BFEE62-7BF6-49D6-95F6-A8BC6D3AD975}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{5D743520-5F29-41F1-AEF0-FD41EF265796}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{10092AA4-2177-4509-803A-9AE8479ACE62}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EF55CB3E-83AD-4A91-A6C1-9B85E4F223BD}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CFCA9EF9-0C5F-4C1B-AC83-A85AA4EC57A3}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{DE07F763-BBBF-49FE-983B-5B11DEDC924F}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{371E8988-7AA8-4187-B00F-3C85378A7ED9}] => (Allow) J:\PRO64_94.exe
FirewallRules: [UDP Query User{A52F3BA7-1BBC-41A8-A02E-E72139D30228}C:\users\marc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{9E87EA97-602A-4334-B73E-DD3AE7A7FCB3}C:\users\marc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{A49611B2-D39A-4CD0-BAC1-E52411CCCD5E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{7BC34057-566C-4B7C-A131-4E5E8403ED7A}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{50D0BA35-694C-47BF-8B97-4AE7C902441F}] => (Allow) J:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{ABEDFE69-550F-4065-9BD0-CE402597597A}] => (Allow) J:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{02289619-5C32-4E81-B77C-25D9E0462ECF}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B6278655-3CD6-4970-9986-1761E34EF530}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{ED2AF035-5D79-47B9-BE24-0C02D8AF4ADC}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{5E94B6C0-51F9-43C2-AA09-8B6EB068391B}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [UDP Query User{28067909-69DF-4150-9B5F-470F071FB9D7}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{A1E9EEC2-6482-4CE8-85DA-5EC9BB74212A}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{28649F8D-7DCE-4FAC-B63F-386D86858567}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{40F02E56-2BE7-4677-8664-CDF9C6F77AB9}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{E192A8E1-7865-43E5-96E1-F71CBEACDE36}] => (Allow) J:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{FE4AB27D-E4BF-4CC9-9E67-C6EEC24714FB}] => (Allow) J:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [UDP Query User{438C7422-2777-4588-B287-FF711012E498}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{96C54A2F-7D19-4070-A98A-51CED99EC13E}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{90A4F812-36C8-4377-8E1C-5EF0988E0954}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Block) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{C5B547F8-1A6A-422E-BEA8-F727A3D17F5F}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Block) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{34BBAEB0-B67A-4F15-9000-545F6D617508}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [TCP Query User{154985FE-9406-45CA-AA9B-0144B612DBBE}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [UDP Query User{EB544F23-0FF1-4EFB-BC44-2741F1C416C7}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Allow) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{4E232423-44D4-4050-BA83-DD07531AD135}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Allow) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{A978A03B-91F6-405C-BD9F-1589C78F336F}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{98AF30EB-57E9-4EC8-AC8F-66B9E4B4F3A0}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{5C1A6BA3-2E99-4CCB-B8F0-059146027645}] => (Allow) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8035F415-7AED-4EAD-9107-474C044B479B}] => (Allow) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{0BFC3443-D505-42E1-A7D3-5EC13C40C6F5}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4B84FEFA-C40B-4E82-A9E7-58E2E33B4D03}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{24263DEE-4051-4BB6-BF5C-C8D8BA46308A}D:\games\nfs mw\speed.exe] => (Allow) D:\games\nfs mw\speed.exe
FirewallRules: [TCP Query User{B7573C1C-5F77-4BB6-99A9-DBA912C2E447}D:\games\nfs mw\speed.exe] => (Allow) D:\games\nfs mw\speed.exe
FirewallRules: [UDP Query User{C6CF5B9F-B9C6-464D-892F-9BE818F4E5C5}D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe
FirewallRules: [TCP Query User{0FE32065-EA01-496D-9A93-859E4D1F99B9}D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe
FirewallRules: [UDP Query User{6002963D-688C-4202-A52D-22222844CCF2}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{333F08A6-D5B2-469B-8AB4-1FE6EAFE733A}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{7E0C848C-4975-4AB2-98C3-2ABDFF53A2F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{039EA803-1EDC-4D05-8D8D-5EACC48A812F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{138AA5D1-0A58-46E5-8A92-CD5F94C2B7F8}] => (Allow) D:\Games\Steam Games\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2189FAB6-2050-46BF-B7F3-6FD4B8016506}] => (Allow) D:\Games\Steam Games\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D0A285A-2D5B-495D-8E72-3010350D2682}] => (Allow) D:\Games\Steam Games\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{6E1F5CE1-BE8F-4E4E-B1DD-1DA7A1523B55}] => (Allow) D:\Games\Steam Games\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{6432BA1D-493F-41E0-8A0A-2C8D0E1569FD}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{8A001CF3-545A-46B3-9178-F387954F57DD}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{C8CDD98D-534F-4B93-8780-7D0F2265D6AD}] => (Allow) D:\Games\Steam Games\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C0D68CFA-9038-4127-B334-98019501A68F}] => (Allow) D:\Games\Steam Games\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{F9934AAD-2BE7-4384-B440-7532B1D34675}] => (Allow) D:\Games\Steam Games\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5D2B2C2C-525F-4252-9698-5D733DFA4B32}] => (Allow) D:\Games\Steam Games\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0668515C-9B95-4084-A6ED-8CA66AAFD29A}] => (Allow) D:\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{BCFC0D19-7FA0-4309-8F14-BA67DC9B0171}] => (Allow) D:\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{1FF38040-0745-4EC3-808C-8F1CBC94666B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{01877E58-6803-46E4-BEF1-C8312FE5623A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{BABAD951-C5F2-4873-B784-8909DFCBFD73}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{367B8B80-9BF3-46FC-B1D9-D020D42A8A7A}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{F2B7FE75-0417-4FC0-A182-11C6290DAC21}D:\games\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) D:\games\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{5BA9EC58-778F-4074-9B67-8A87E133D4E5}D:\games\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) D:\games\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{27C5C372-42DA-4D9F-9C9F-6E18EC120C9C}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{DDE24F9E-6E48-44B8-93B3-B94DBDFE6966}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{896E23AD-DADE-4095-A645-9127BA5625BB}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{D35C0BD1-982D-468F-A0FF-7E45DCC75CAA}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [UDP Query User{0FCDB20C-81BC-4D5B-8878-1D31FD6B6539}D:\games\guild wars 2\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{6BFBC84A-CC9D-4AB5-BFC2-F91164309249}D:\games\guild wars 2\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\guild wars 2\gw2.exe
FirewallRules: [{702AE8AF-FDEA-4A9D-AFB5-3875CAA7EB4B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{6942882F-EC92-4D93-B4DF-9493B34782DC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{AF0A4415-F016-4D79-8811-7D8A04F0FF93}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{8AD75573-B8EA-488E-9E85-4664608C57DC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6A1A967A-7C12-4B3E-97D0-438D7B9D7EC3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{06CEC8E2-5FFD-4F27-B3B3-DA924DE2E5E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{34A1943F-1C5C-404D-9270-656518F04F46}] => (Allow) D:\Games\Steam Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{EC3ADE35-F6E9-41F4-BFBB-D90DA969F81D}] => (Allow) D:\Games\Steam Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{51EB8C2D-A854-4003-ABE0-4A46822A4616}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4C20F46C-258A-4F28-9B95-462F071229E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{93D65393-DEBB-47DE-B70D-D44A1F9DA979}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CE4C8FBB-8A08-4E67-B7FE-70020389DD65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3436E838-7B00-43A6-8E4F-9A84C4D62BFA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3119CD95-1C27-4D9D-8CBB-E3E2FE9320DA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EBF0A9C1-6E59-4919-8D01-EC44840ACE80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{08887436-F54C-4005-B2D6-6D520BECF65B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1AB89C23-0A65-4154-B816-F4C6DAD3AAAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EB21F3EB-70DA-408F-B343-48E32B297C64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{66A266DC-49E7-4C30-BBF8-D5AB9ABB5403}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0BB11670-E146-4F8C-8E0E-AC843AD17BA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8F08086A-DAA2-49B7-B6EE-B21AB9A82E84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{46A7A48B-CC2C-4CF8-A7B0-D1FAF7209859}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{26793E67-2BD7-4893-8254-F53ED62B58A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8D6E4C95-CF6D-4C13-8D8C-A6256A4947DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{343481F1-BC2E-4028-A607-0C3CE773AD91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{48712EC0-088C-4290-AB6A-6B47C5965922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{833ABD6F-A892-4A17-BAFE-A8ACF621B24F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7154B88D-F0F4-474B-A845-F61BBDA682FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{80C9CCE8-2D18-46E7-91C2-FFAB0B9A47A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EC205117-02E4-4103-BD49-274EA0B497CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0E78A796-82AB-4423-9C77-4F5AF7149983}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5A2ED19F-EE80-49AF-92AF-01D06D708BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{753C097A-DE9D-4463-A87A-AD11A4C23977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8CB92063-8557-417F-8BC0-CB407635A926}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D882D7F0-BC94-45DE-8944-880F522EDBFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CC4E8E0E-31D1-490B-B703-F00BF6A37E88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AD333F1D-5B5D-4409-BF1D-E1AFDC154310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{448A5F2D-C8FB-4A8F-97C5-1C9D127B8A66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BF98D179-44A6-4534-8968-FDA2878B880C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B1A17AB1-CF8E-4547-BEEE-9FA1E90C0732}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E2E21EF3-2C59-4184-88CB-A3D1BCB74A72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C8F6553B-4466-44B1-9AB9-64968CC7290E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1BBA3CE8-097A-4FFB-B15B-31543733F4A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4671F075-7548-424D-AA4A-4B05A4CB2A4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FAD57914-F15D-4838-95D8-2D38A108567E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4D38AA99-F3FB-4672-8EED-A3EBC3FC7560}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E3B3ED98-2208-42CB-9E53-BEAA44752587}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{27DDF419-5EA1-42D6-9969-186ED5E2EB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A80840E6-2FEF-4A17-8723-9BB012D7AC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E5B6095-2896-49A8-861E-00624EA3E5FA}] => (Allow) D:\Games\Steam Games\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{C042BBBE-7FED-4859-A84C-C3EECB2915C0}] => (Allow) D:\Games\Steam Games\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{224F2360-716B-4851-AA8A-8420515A20F9}] => (Allow) D:\Games\Steam Games\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7B449A2F-8490-455A-9731-1EA10E399A61}] => (Allow) D:\Games\Steam Games\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3CD70090-A424-4BE1-A3B4-0B29DF7C61BA}] => (Allow) D:\Games\Steam Games\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C32C27E7-09F5-41DC-BB97-497F7AAE164A}] => (Allow) D:\Games\Steam Games\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E97B19D4-B0A5-4EB9-AB4B-8050DAAF1E6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5CFE296-47FA-4E00-984D-64CCE3789D94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4535175F-C208-4B17-9FEC-60186A441E91}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EDD77C88-02BD-41CF-A72C-0EB37DD88F92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14C8D592-3F3B-4529-954E-C7EAD1C9D4E0}] => (Allow) D:\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{D6B37DBD-77C4-41F6-B2EA-7A6E5A98C02E}] => (Allow) D:\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [UDP Query User{84542289-54E7-4DBB-904E-EF66B37C10D2}D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{F9467EC3-86C8-4576-91A5-ABA5228F9918}D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{0C9EE5A7-65E8-412E-B49A-E7345F4E0C03}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [TCP Query User{E2D9CDDF-675D-44C1-A962-7815CBDDC2FA}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{CA8F3B2B-8215-46C3-B608-37700D3EAEDC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A8BAECC8-6DC9-4B9E-B9B7-7091D9CE03A0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9E60FB78-186F-4D00-B50A-36581F191A36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{42955C50-F5B3-49FE-9E11-65739867082B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{7937471B-ADAD-494C-8973-7BE4FEC44CD7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fortix\Fortix.exe
FirewallRules: [{CFE5EB5F-45A9-4CF7-9448-92E38603D501}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fortix\Fortix.exe
FirewallRules: [UDP Query User{C26336EB-5DFF-4520-B956-B9346CB76DD1}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{E018D0DC-5A80-4A30-9279-30849251A51B}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{74BB8E19-C098-492C-9154-11EB86F99F14}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{467B1039-FD96-4BAD-BFAB-7374DA9E68B9}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [UDP Query User{20271E7B-C0CE-40E5-A80B-748975347EEE}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{083F750E-B168-4160-B8F9-9008BF2CA048}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{B0DB93FA-464C-4EC0-8052-0BC14E190206}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E005AE06-F34A-40F7-9E49-40099BA4A449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{37EE1367-2219-4160-8F52-70153BB8B218}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{620DD70B-29A6-4ECE-8394-B10831D34BA1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8118C1FB-2431-4404-8270-84E9DF51FBCB}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{76201678-1F3F-4038-AB3F-2857DFA96337}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [UDP Query User{ADCAE2CE-63CB-4CA4-BA0D-AED224471C0A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3845D14E-E58E-4108-9542-9F8CD9605396}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{E79854CC-4A44-4B0B-91D7-8EE7E66D0987}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{990567DB-15A2-4165-B3F4-6DBF62C23E9C}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe
FirewallRules: [{973DFF8A-FE77-40E0-B660-52E18685A82E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{656FB8A1-FB21-406D-892F-850D0735E179}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{88528A13-7082-4DB2-BC81-F4805DEC8718}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{73663C19-9F69-4D20-BA28-049416DE0255}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{8AB1C26C-3F5D-441F-BCA3-8292E2FB88B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F8622482-6F36-4B23-85E6-20D33ADE8A2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{E1E330B5-7210-420C-96DA-0C7642656E52}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{82112054-A46B-4567-BC4A-D37AF0917799}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B406FE0C-9B2F-4B89-BB26-9133281C6029}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{303B4D26-B6F0-4E13-9D42-BDC9F35444B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4DB783EB-4EFB-42B0-AD68-47F06B6D04AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{693E1FFD-A985-4047-9837-79046D9BB363}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{E8DCA318-823F-4169-83E4-31B4CA0F97FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{B7DAE0E2-ABCF-41C3-8D33-421BBEAC9D07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{01F8DB83-1C63-4C91-838D-FCB81CB60A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{C04C991A-9BDD-4EFC-A715-FF73FA065B06}F:\games\wow\world of warcraft\backgrounddownloader.exe] => (Allow) F:\games\wow\world of warcraft\backgrounddownloader.exe
FirewallRules: [TCP Query User{582DD15D-7131-442D-B9ED-4D7B3FE5B8CA}F:\games\wow\world of warcraft\backgrounddownloader.exe] => (Allow) F:\games\wow\world of warcraft\backgrounddownloader.exe
FirewallRules: [{0829F564-F4DA-4098-8812-6517B1088083}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.patch.exe
FirewallRules: [{5305DC19-C406-4709-8B46-030E6CF1D580}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.patch.exe
FirewallRules: [{D7109215-6480-4220-8C43-CF765253CEDB}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.exe
FirewallRules: [{CAE91AA7-903D-4A8F-88A8-D8C3AB2A5009}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.exe
FirewallRules: [UDP Query User{33551634-5DEF-4EAD-9BC8-1566177913D4}F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe] => (Allow) F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe
FirewallRules: [TCP Query User{D4AC2DEF-3E38-4FE8-8B7D-56664B61C1B6}F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe] => (Allow) F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe
FirewallRules: [UDP Query User{9CC93BF8-CD2A-4D4B-AD50-28FC35D278F7}F:\starcraft ii\support\blizzarddownloader.exe] => (Allow) F:\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{B830836F-EC77-4035-8DA0-E65802F6D647}F:\starcraft ii\support\blizzarddownloader.exe] => (Allow) F:\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{77FFB291-6762-4B3F-AC71-B0F318D2AA38}F:\starcraft ii\starcraft ii.exe] => (Allow) F:\starcraft ii\starcraft ii.exe
FirewallRules: [TCP Query User{FB56325E-49A6-435B-9ADB-800C888B6349}F:\starcraft ii\starcraft ii.exe] => (Allow) F:\starcraft ii\starcraft ii.exe
FirewallRules: [{05969B54-624C-4850-BA51-222096B0293E}] => (Allow) LPort=1900
FirewallRules: [{4934F939-C2AD-4599-90D9-3F0BC9098E27}] => (Allow) LPort=2869
FirewallRules: [{62C79E59-6AB9-48F4-8E5C-F0DF79F925D4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7EAB9A0-1C3E-4383-B42C-74FCD5B59ABD}] => (Allow) LPort=5000
FirewallRules: [{24202314-606F-4D11-9D27-CFB693AEA581}] => (Allow) LPort=49217
FirewallRules: [UDP Query User{F04B13DB-DEE4-444B-9764-2DEF1FB1F630}F:\games\rsv2\binaries\r6vegas2_game.exe] => (Allow) F:\games\rsv2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{9BB651CC-B924-4D77-9FB6-D84159A3E001}F:\games\rsv2\binaries\r6vegas2_game.exe] => (Allow) F:\games\rsv2\binaries\r6vegas2_game.exe
FirewallRules: [{1DBA39FF-43BD-4B92-AC48-07C820DA345F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0C59A854-D68A-4FC3-B48E-6BB39149117D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1D77DB98-E734-4F7C-B6C4-737B581BCEBD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0E28345F-EA93-49B5-83A5-9066FED064EE}F:\starcraft ii\versions\base19132\sc2.exe] => (Allow) F:\starcraft ii\versions\base19132\sc2.exe
FirewallRules: [TCP Query User{BDDDFBD3-80FB-4810-9F22-9FB6A749D8C7}F:\starcraft ii\versions\base19132\sc2.exe] => (Allow) F:\starcraft ii\versions\base19132\sc2.exe
FirewallRules: [{332D4998-FCB9-4A3D-9BC2-93CA41F379A6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{20FDB8B7-B533-432C-BBAD-BE3EB3B1EF83}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{917110D0-E171-4EB6-B53F-3C6B1B1C5CF6}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F4B8C2C4-7708-47F2-A971-04D3C9F2B611}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{EE9BE810-CECD-4062-9E58-169DFBBB7766}D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{04BA119D-1AFB-490B-A02D-5988549D7A21}D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{A9D1CBB4-6C27-4F86-8706-2545908FCDED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{22901EDB-883C-4E73-BD95-17694B35AF75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{C0A202DC-110F-49DA-A052-E7808EC07A2A}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{EAC31E6A-5FDC-4C8C-B55D-BF1208F5651C}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{B1E99389-095F-4312-B017-06D250767B31}D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A2DC6DF3-CCD2-4350-8E88-8FD972A54086}D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [{F9E624F2-09B6-48BD-8AD0-AC6C31F8B5C1}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{CE0C4829-9FF5-43C3-A2FC-995CBE1DACB1}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{C6956E58-5156-4270-B8BE-773801D459BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34B309DF-164A-448A-A52E-6CA74076E351}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AA895A-7F95-429D-83BE-649C7A7F8093}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{D99E0292-3970-49C0-AC1E-F6E42592FD11}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{80F65E66-71F0-436C-95F3-356F83F566B7}D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C3ED3C1E-052D-45CB-B958-B6D2EE29D4D5}D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{80DC3684-5316-4D9E-B579-3E98E4D37415}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B7B42A78-A402-4CD9-8DEA-9BE8D3985037}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{A1C98125-B227-4083-AE62-713353F132B4}D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F9E1975E-0336-4BDE-ADE4-192121089176}D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [{58D1F939-7EEF-4DC9-B163-15C956011CCF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DEE5544F-F186-45FD-925D-F8270340C78E}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{13904848-2D01-4EBB-938B-D631B7079EE2}D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{21D078AA-5FFB-4185-9AEE-21A92FB83864}D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{8B50C102-A873-4B99-A002-4CFEBCF71AAE}C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{5474DF04-179B-4424-ACB4-B71C60DE1B70}C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{102825DB-27B5-45FF-9EF9-5FC84ED5A52D}C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{FCBA1ACF-F2A4-4097-AA16-7119AA466963}C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{357BB791-1780-4DFB-A5E0-569742D88307}D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{39B7269C-1716-49B8-A4D3-84BC296BAE5E}D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C917E059-82B3-4710-A440-DFE85A51BD9A}D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE91676B-9455-48C3-9E10-484C9C5546C4}D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [{C1707E56-E1B3-4A05-9AC4-64660433BCEF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{9A613755-F51B-4CAD-A2FF-FB50B2D645FF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{A8168B82-D907-4853-8C13-D29640A0F0CB}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{3B34BFD7-16BA-47C0-839D-3447098DF74C}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{126D1813-819E-4F31-AD38-A151402406F2}] => (Allow) D:\Games\Steam Games\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CED359D7-526C-44EA-B739-E27B957D1B43}] => (Allow) D:\Games\Steam Games\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{982280D4-0F2D-4921-953D-5F0AFBED7164}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{58EBE510-76B5-44E1-8B95-91C4F6410FBD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{569506EB-E1DC-4FF1-96AD-1B67A1DD5072}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{71AB22C8-F953-47D0-BB3C-C6FEBF699021}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8F70CEB7-B907-44F6-95A7-E31CC616A078}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{AC22E999-8A03-4924-8F28-3B6F14D70C5E}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F8E22D28-3BC1-4138-9C3B-7186DAF57903}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{946988B9-E888-4E90-8868-9C041AD59B91}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{B7221F94-732D-4EB3-B4F8-9DBDC1EC6366}] => (Allow) C:\Users\Marc\Desktop\Steam.exe
FirewallRules: [{6F0470D5-BC42-4C30-816B-581EC6805761}] => (Allow) C:\Users\Marc\Desktop\Steam.exe
FirewallRules: [{72F737E3-1D0F-4B6E-BD8F-85E748025E80}] => (Allow) C:\Users\Marc\Desktop\bin\steamwebhelper.exe
FirewallRules: [{189B4C3B-FB93-4AA3-89EA-26EDC809B045}] => (Allow) C:\Users\Marc\Desktop\bin\steamwebhelper.exe
FirewallRules: [{976F9351-905A-4AC4-9B20-5F669828459C}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\Steam.exe
FirewallRules: [{593C982F-2045-486B-B8DA-8EE92A0A04FA}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\Steam.exe
FirewallRules: [{70DE215E-B8D6-450C-AC1D-3ECDA1980880}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\bin\steamwebhelper.exe
FirewallRules: [{CA455E4E-54ED-4CD5-9F50-FD138FBA83AB}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\bin\steamwebhelper.exe
FirewallRules: [{520BCA97-9F10-4126-BAC3-C1676499449C}] => (Allow) D:\Games\Steam Games\SteamApps\Steam.exe
FirewallRules: [{E94144BB-4529-4EF2-9392-55245B6731B2}] => (Allow) D:\Games\Steam Games\SteamApps\Steam.exe
FirewallRules: [{4B26B5BC-69DC-46AB-A6FE-9FEB34290E4E}] => (Allow) D:\Games\Steam Games\SteamApps\bin\steamwebhelper.exe
FirewallRules: [{1255D479-8B31-4B8D-98A4-607C148E4002}] => (Allow) D:\Games\Steam Games\SteamApps\bin\steamwebhelper.exe
FirewallRules: [{F123EBEF-7BA7-476F-A279-2FDDCB2373F5}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{3D2C98C1-A7C4-4D24-B1AD-81681747C831}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{48301286-85DE-4A21-9F5F-0763A15A3C7D}] => (Allow) E:\FSetup.exe
FirewallRules: [{086D5E9A-7FF3-4B47-84CF-F140A39A5DEE}] => (Allow) E:\FSetup.exe
FirewallRules: [{D240D550-6D04-40E8-B579-C2B669BD799C}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{20B14C70-6121-49B7-9E6A-386425310CBD}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B7319684-0B12-4FBB-B9DD-E52226A069DB}] => (Allow) E:\FSetup.exe
FirewallRules: [{FEDE8C62-54D7-469B-B97E-B68A6AC17A70}] => (Allow) E:\FSetup.exe
FirewallRules: [TCP Query User{8CF818DD-FD1D-465C-8813-F2430831A7DF}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4DB1B0BF-CF9D-4C55-8C3D-15B43682ABD3}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0042442E-086C-41AB-B812-046B28677F5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2AF0B8E3-715F-4F08-9C12-738F72E06458}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BE93C36-A21D-4726-B01B-D0A5FB4E336C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6EC7B453-BDBC-48A1-9D7D-29BC9BB52E32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{313CD83B-7983-44AF-A3B7-8A9435310AAA}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [UDP Query User{2D323E1D-9D2E-4E7B-A954-D6667A8FFE7C}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [TCP Query User{0C35AAFF-7D0E-4850-ADD5-16A2AA4E2A3D}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F5ECAAEC-3986-49F1-985A-B2725A392556}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{56501670-530E-4BF8-A661-F2553A7A4A7F}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{130131AC-CA2C-4A21-B8E0-D08EF7DE18F6}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CC91A8FD-453A-48B4-B060-8FF667474FE6}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{4FFFF602-3A29-4C99-AED2-1663FCBFF49D}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D53FB64F-B228-450B-A209-2948676B7DF8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5F79E6F9-C9EE-47AB-ACF6-F3FA4798C4C1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{887D55A0-8B3D-4403-9C27-C7761B6CD40E}] => (Allow) J:\SteamLibrary\steamapps\common\Kalonline\KalOnline.exe
FirewallRules: [{D8008F75-90A3-444F-BF6B-78EAED310CCD}] => (Allow) J:\SteamLibrary\steamapps\common\Kalonline\KalOnline.exe
FirewallRules: [{7585C05C-2AA6-4382-AFEA-9E60F22EC5F2}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{312C933A-DDDE-4D97-8355-F3CAE8C88164}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{D11E9614-6553-4F7C-B333-A7ED5B04EB01}] => (Allow) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B59BB8F7-7E0F-4084-8EF5-0157FB374535}] => (Allow) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7EDECDFE-3F94-4343-8F42-0BEB60848F90}] => (Allow) J:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{D11A675D-AAA1-4475-8EDB-808161E34142}] => (Allow) J:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{8A61EEF3-0E1F-4D21-9C2C-D15FDE3E9A65}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{85C6F45B-6EF0-41B1-BAB2-3F1FE7C08179}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{3088397E-786A-4ACD-9EF9-5A21D99E9A68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AE287F07-9893-4632-BF18-5EFD1C393CA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{71A3205B-6D9C-4A69-BF53-2A84AE8ECE61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{56AF01A2-9B7F-46E4-A61E-352153A5B449}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3500C11F-0D79-409E-81BE-DA28A126CF3A}] => (Allow) J:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F934B2A6-D6E1-493D-8043-F4F1FF5F6633}] => (Allow) J:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [TCP Query User{5C1DB4CF-FA76-46F4-A5A7-F41E5CC059FB}J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{FF3FBC76-7210-4297-A10A-EC1B0D1E7063}J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{7C081012-2A54-4E97-8F21-7E14006F70B1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{7ACD3270-70CB-4864-92ED-A247ABD9CF2F}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{79DE9B62-B709-430D-B197-989DE96BA055}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{503D065F-6264-451F-8E8F-0E336B91EFE4}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{27675987-CE56-48AF-9BC3-5CA0A9F5567B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{71F44419-D13C-4873-9103-4CB130799429}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AC8F91CD-362C-4145-826C-212208ED3856}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{41B5E56F-4D67-4C36-A700-894F7072FF08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{11EC0E31-C8BF-46D0-95DB-0E1105155CB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CB62EAB5-22B7-4FFD-8178-3C7C402E1F5E}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{B4F1B7F1-68DF-4BDC-8331-9A10673713DA}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{86C09935-2D58-412F-9259-5626D112A1BD}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9489DE11-E330-414B-B7B3-D0C62B73BA91}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{40E8A9C9-BF8A-44EA-9B8B-F3B61FD4FE8D}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{B2C596FC-FCA0-43AC-95C3-4AB65E7014FC}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{64331623-B118-484A-ABFA-CF9339A9ABBC}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{2CE72A29-5483-49C6-B1C1-FAA9D61CA55A}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{5E680042-94FD-499A-AACE-5D778D548970}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{800D862A-7088-4360-AE9A-0094326FBFE8}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{0C244A73-BE19-4262-BE72-DE97FAE91785}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{9C4C18A0-324E-45B8-B4AA-3006C68563A8}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{211420AE-24AE-4F99-BA95-A598024C1C89}] => (Allow) J:\SteamLibrary\steamapps\common\Commander Jack\CommandoJackWindows64.exe
FirewallRules: [{B25959C8-B4DE-41F7-8C7F-8C0447C26BD0}] => (Allow) J:\SteamLibrary\steamapps\common\Commander Jack\CommandoJackWindows64.exe
FirewallRules: [{73D413AE-BA22-4282-A533-BA905CF66589}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5CA6C438-A254-4861-B951-D9ACE9D0891B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D4696DDB-9418-4057-8737-28464CD90BF5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{31B27187-3E7F-498E-B408-219B3B3D2A21}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{38B2ACD3-6D7F-4C7F-8BF9-AB90F4E67F30}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E4FB15A9-1D5A-47C3-A982-26995ADA1566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6FD7C805-9897-4F10-9B3E-4EFAEA95BECD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D8C91083-37B0-48A9-9862-9248EEE4C9DD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F19D7DA8-2875-4E5B-9863-7F42B6BC6052}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90589E93-9F76-44A7-A02A-311507618A8B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F49CDBC0-54B1-4246-9C7D-5E70DC3FA500}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D66F6379-1B57-46FD-BBE6-2F460CE39793}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{BAD8C1A0-9BB7-4C52-975D-792A434F8300}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D920B866-E77C-4B95-8FAE-A92354B42C9E}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{28057A10-ACA6-4409-89DD-9077E71032C8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{76325073-1561-42F9-ACAB-5C8F1E6F0701}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{422BDE56-22A1-44A2-BE25-57DBC4E62D4A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{902D65C4-9E02-432E-923A-9317DBBBE3B1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{4922C401-57B1-4E60-9773-D26C4DBE1F1F}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{68ACF740-4384-43C3-8E1B-F04C78C7C010}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D7FE27EE-4D97-4661-962D-B2E5543DED53}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{E0EC5173-0C19-4667-9968-FC8845FE9788}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{9B673831-4B30-4A71-B0CD-0FCF100F4E71}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{930AD148-089F-46DC-9390-22FF47DB7874}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{D6172641-85F1-4650-934E-7AA694D3124B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{A23F0DE4-BD8B-4B96-AB46-515AAD4D3CB2}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{72E4B23E-0D6B-4B87-B0F6-041829944063}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{5C9C1E98-55F1-4707-95C1-504D3138B3E5}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{240FBB72-5EF0-459B-B6B6-08A363E64AF3}] => (Allow) J:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{153FF3C2-5D27-444F-94F2-4AAFC29201B1}] => (Allow) J:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [TCP Query User{DACD5314-1048-48B7-B52B-F2C0DBDD6644}D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{DAD8C216-0E97-4E70-A041-EB1A79159802}D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{CF7882A4-F127-4370-9498-2F4F62A53F3E}] => (Allow) J:\SteamLibrary\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{E5E42C75-C6CB-44F0-BF52-8F9092214BE8}] => (Allow) J:\SteamLibrary\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{B511F635-7BEC-4BB5-A4DC-EEE841ED1C7A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D8963103-C1E4-4B30-B0DD-BF7551ECC322}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D2F1295D-087C-49F0-898E-16AC466E28C4}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5D333E7C-1C24-4273-9B2E-B81F5FFC93C7}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F1445A6D-251A-44DA-8008-3E14F317B405}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E32C5EDB-97FD-4CFD-AE8C-53C0C2AA3286}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7CF72A81-F03B-4B37-8FBE-1698548471C3}] => (Allow) J:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{30A21C37-BAD2-4A3A-A891-C782ABE67838}] => (Allow) J:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{4409964C-F56F-4C2C-854B-DDF6317DAFCE}] => (Allow) J:\SteamLibrary\steamapps\common\Half Minute Hero\HMH.exe
FirewallRules: [{A91D7F72-2274-4742-93B5-7BD4A32F270F}] => (Allow) J:\SteamLibrary\steamapps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8B6BC9D0-2602-46FA-AF9F-43231866D14A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90C98D15-38C3-4230-8D6B-5B0C9370A296}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F5CAAC62-18CA-4560-964B-F8473C55F8CE}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{ED9E9837-B96C-4EFC-9DC2-FF8FCEAE8372}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{06371956-5399-49B2-89EF-F7E6FEDEE514}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B399E02D-2919-4DFD-BAF9-966394D5A6DA}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{7FE0E10C-49BA-4DF3-B190-0E67764C8DBE}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{59A6657B-F71B-439A-9A46-31B340072542}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{9F94F783-1DEC-4086-B0EC-583BC0BC436F}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{7B47FB8C-F252-4252-92B2-4E7FEC4AE695}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{75FC9E72-B4FF-4AAD-86FB-4F30D93CEA27}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D324BB3C-2EB2-4708-937E-B802AD0F2229}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{DD67B990-36B5-4ED2-85D5-9E98991E6F83}D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{C437F1B0-F437-4067-976B-68E2069DC3A5}D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe
FirewallRules: [{EAD68C1B-B064-45DD-B408-E0293D6A50C9}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{C2DA7D90-94C7-4365-AB44-BB68C5610EF8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{F3E8D6A2-2552-46B5-99A2-5744DA933BCB}J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe] => (Allow) J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe
FirewallRules: [UDP Query User{BFCC9BB0-6CE2-4451-837E-AFBDDB092BA3}J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe] => (Allow) J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe
FirewallRules: [TCP Query User{62356686-77EE-4334-8BF7-E9DAB50143E2}D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6DD3465A-ADE5-4CFC-82FB-B3541DE0F4B7}D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [{82DA93B1-DA33-40E5-9501-85B0CBD16A4C}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5264BAC5-0AAA-40CD-A45E-FC2156519126}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{82F26B2E-5266-4D47-BE89-15949C26AFA8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{961F54B9-0BBE-4AF5-B90A-9AA2B12798CC}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{EDEE093F-0C48-47D4-B2E0-021ED7E177CD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90BA0AD7-88D8-4660-AD49-5115C0054CEE}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{72176C15-45D9-4590-A691-6A7EAEC623AD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{AE56CAC2-1DAE-4031-8D6A-BBB938C29866}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{B5E49B04-E2D8-48C2-AB89-1C5FF0AFD322}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{8DD8FAA8-A2A0-4149-97E9-0B107FB18932}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{248EF257-D964-4842-96F8-D997D8DA630E}D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7BBC0367-2003-4B2A-876B-F651D8CE340A}D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{7D0799F7-A615-4AD2-A269-E0985B056624}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F14E3DB1-EA2C-4F0A-8EB6-A44169FE8993}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{14F653AC-067A-454A-BA67-43A620342BE6}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{6B03AFB4-233F-42B2-882E-01FCDB7FF876}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{51255789-2A1A-4144-A937-C9B41FADB183}] => (Allow) J:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{2C830C30-B43D-4FE5-980E-306CA8B3C446}] => (Allow) J:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{9FD7E615-4B6C-4B92-AAED-80372519BEEE}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{FD771DD5-A179-436D-8096-C883A9399B53}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{B3169504-9AB6-4497-A846-F82F42A0805A}] => (Allow) J:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{94B2D2B2-52DF-4416-9B0E-035EBD624E5B}] => (Allow) J:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{F22E5EF2-15D0-49B6-81D8-FF5C41D01FDD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8C4807BE-A74E-48ED-9C03-6F406A651D69}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

==================== Wiederherstellungspunkte =========================

24-05-2017 21:35:17 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ATA Channel 0
Description: IDE-Kanal
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: ATA Channel 1
Description: IDE-Kanal
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/25/2017 04:00:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:18 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (05/25/2017 04:00:18 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (05/25/2017 04:00:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (05/25/2017 10:16:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (05/25/2017 10:16:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (05/25/2017 11:16:18 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2017 08:59:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 11:37:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 12:56:42 AM) (Source: DCOM) (EventID: 10010) (User: MARC-PC)
Description: Der Server "CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/20/2017 12:35:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 12:32:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/20/2017 12:32:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (05/20/2017 12:31:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2017-04-27 17:19:19.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-24 02:24:20.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-06 01:43:43.992
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 20:55:40.349
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-25 23:20:14.322
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 18:07:44.468
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 18:07:10.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-22 12:48:36.392
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-22 12:48:35.343
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-16 14:32:33.082
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 15522.18 MB
Verfügbarer physikalischer RAM: 10087.76 MB
Summe virtueller Speicher: 31394.18 MB
Verfügbarer virtueller Speicher: 25233.87 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:145.95 GB) (Free:32.55 GB) NTFS
Drive d: () (Fixed) (Total:319.28 GB) (Free:74.15 GB) NTFS
Drive j: (Volume) (Fixed) (Total:465.56 GB) (Free:102.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3E10DDB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice 26.05.2017 14:57
Sagmal wofür hast du 8 verschiedene Chrome Profile?

Schritt 1
http://filepony.de/icon/tiny/malware...ti_malware.png Starte bitte wieder Malwarebytes Anti-Malware
  • Klicke links auf Einstellungen und wechsle zum Tab Schutz.
  • Unter Scan-Optionen aktiviere die Option Nach Rootkits suchen
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

eMKaWe 27.05.2017 03:57
Die Profile brauchte ich zwecks eines Gewinnspiels, habe diese jedoch wieder auf 2 reduziert.

Logfile Malwarebytes:
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 27.05.17
Scan-Zeit: 02:42
Protokolldatei: Bericht.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.2030
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: System

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 473277
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 30 Min., 55 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
Logfile AdwCleaner:
Code:
# AdwCleaner v6.046 - Bericht erstellt am 27/05/2017 um 04:38:53
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-26.6 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Marc - MARC-PC
# Gestartet von : C:\Users\Marc\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: DrvAgent64


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\eSupport.com
[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\NativeMessaging
[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\Software Updater
[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\Software_Updater
[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\SoftwareUpdater
[-] Ordner gelöscht: C:\Users\Marc\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\Marc\AppData\LocalLow\HPAppData
[-] Ordner gelöscht: C:\Users\Marc\AppData\LocalLow\Toolbar4
[-] Ordner gelöscht: C:\Users\Marc\AppData\Roaming\DesktopIconForAmazon
[-] Ordner gelöscht: C:\Users\Marc\AppData\Roaming\DeviceVM
[-] Ordner gelöscht: C:\Users\Marc\AppData\Roaming\Media Finder
[-] Ordner gelöscht: C:\Users\Marc\AppData\Roaming\OCS
[-] Ordner gelöscht: C:\Users\Marc\AppData\Roaming\RPEng
[-] Ordner gelöscht: C:\ProgramData\apn
[-] Ordner gelöscht: C:\ProgramData\DeviceVM
[-] Ordner gelöscht: C:\Users\Public\Documents\Guid
[-] Ordner gelöscht: C:\Program Files (x86)\eSupport.com
[#] Ordner mit Neustart gelöscht: C:\Users\Marc\AppData\Local\SoftwareUpdater


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysWOW64\drivers\DRVAGENT64.SYS
[-] Datei gelöscht: C:\user.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: Software Updater
[-] Aufgabe gelöscht: Software Updater Ui


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bc.exe
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SystemStoreService
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SystemStoreService
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\systemstoreservice
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\systemstoreservice
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.StringList
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.CacheLoader
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.CacheLoader.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.Clickstream
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.Clickstream.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTBM.YTBMButton
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.DataStore
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.StringList
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.CacheLoader
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.CacheLoader.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.Clickstream
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.Clickstream.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.YTHelper
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.YTHelper.2
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.YToolbarBand
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTBM.YTBMButton
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.NameSpaceCF.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.NameSpacePP.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTNavAssist.YTNavAssistPlugin.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YTSingleInstance.SingleInstance.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\CToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\MediaFinder
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\tinydm.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\Mail.Ru
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\AppDataLow\Software\Mail.Ru
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\CToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MediaFinder
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\tinydm.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Mail.Ru
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\hdcode
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SupDp
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\SUPDP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\CToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MediaFinder
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\tinydm.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Mail.Ru
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YTNavAssist.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\b
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [23342 Bytes] - [27/05/2017 04:38:53]
C:\AdwCleaner\AdwCleaner[S0].txt - [21591 Bytes] - [27/05/2017 04:36:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [23490 Bytes] ##########
Logfile FRST Teil 1:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Marc (Administrator) auf MARC-PC (27-05-2017 04:47:47)
Gestartet von C:\Users\Marc\Downloads
Geladene Profile: Marc (Verfügbare Profile: Marc & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\data\SWARM_CONNECT\SwarmHW_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [13388752 2017-01-13] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258448 2016-11-09] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Google Update] => C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Dropbox Update] => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-11] (Dropbox, Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-03-28] (Nota Inc.)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4954176 2017-05-24] (GOG.com)
HKU\S-1-5-21-1132746113-184105214-789198808-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marc\AppData\Local\MEGAsync\ShellExtX32.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2016-05-29]
ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled [2016-10-01] ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6697b776-7271-4d6d-864e-17038884b67f}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130946649677629647&GUID=03BB13BC-6D20-493B-B4E2-1F77E6E9444E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
URLSearchHook: HKLM-x32 - (Kein Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
SearchScopes: HKU\S-1-5-21-1132746113-184105214-789198808-1000 -> {6D5F60DF-652D-4C54-864D-FF8F5683FA00} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-04] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Kein Name - {62d40876-df18-411f-9d34-a9dd7a197bc5} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-04] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pw95x240.default
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\pw95x240.default [2017-02-21]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-22] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-24] [ist nicht signiert]
FF HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1132746113-184105214-789198808-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-04-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-07-16] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default [2017-05-27]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-05]
CHR Extension: (BetterTTV) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-22]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Social Blade) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-04-11]
CHR Extension: (Google-Suche) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Grammarly for Chrome) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-05-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-06-06]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-04-28]
CHR Extension: (Google Präsentationen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-30]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-30]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01]
CHR Extension: (Skype) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-30]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-28]
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\System Profile [2017-05-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe
StartMenuInternet: Google Chrome.P5EZDHZD2ZPCKP4ZQ4RTYX6CSY - C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1449333750&z=e4b63f1b1d7104b9a10373fgcz4z6tdceccm7o0q4o&from=cor&uid=ST500DM002-1BD142_Z2A8V6R5XXXXZ2A8V6R5

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705544 2017-05-04] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-04-26] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [512576 2017-05-24] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7955008 2017-05-24] (GOG.com)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2016-10-07] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2237392 2016-11-10] (Micro-Star INT'L CO., LTD.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-21] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-21] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-01] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [661760 2015-11-12] (C-MEDIA)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-05-27] (CPUID)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-09-28] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-09-28] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-20] (Disc Soft Ltd)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2012-03-05] (DT Soft Ltd)
S3 dump_wmimmc; D:\Games\Blade and Soul\BnS\bin64\GameGuard\dump_wmimmc.sys [158152 2017-03-14] ()
S3 EagleX64; C:\WINDOWS\system32\drivers\EagleX64.sys [140024 2016-06-17] (AhnLab, Inc.)
S3 ESLvnic1; C:\WINDOWS\System32\DRIVERS\ESLvnic.sys [25528 2012-01-24] (Turtle Entertainment GmbH)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-27] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-27] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52080 2013-12-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

eMKaWe 27.05.2017 03:58
Logfiel FRST teil 2:
Code:
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 04:46 - 2017-05-27 04:46 - 00008980 _____ C:\Users\Marc\Documents\Hardware Interrupts and DPCs_2.txt
2017-05-27 04:43 - 2017-05-27 04:43 - 00000000 ____D C:\Users\Marc\AppData\Local\UNP
2017-05-27 04:33 - 2017-05-27 04:33 - 04102600 _____ C:\Users\Marc\Downloads\AdwCleaner_6.046.exe
2017-05-27 04:32 - 2017-05-27 04:38 - 00000000 ____D C:\AdwCleaner
2017-05-26 23:23 - 2017-05-26 23:23 - 00001383 _____ C:\Users\Marc\Desktop\Bericht.txt
2017-05-26 14:56 - 2017-05-26 14:56 - 00000000 ____D C:\Users\Marc\AppData\Local\GOG.com
2017-05-26 14:56 - 2017-05-26 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2017-05-26 14:56 - 2017-05-26 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-05-26 14:55 - 2017-05-26 14:56 - 00000000 ____D C:\Program Files (x86)\GOG Galaxy
2017-05-26 14:55 - 2017-05-26 14:55 - 00000000 ____D C:\ProgramData\GOG.com
2017-05-26 14:51 - 2017-05-26 14:55 - 156000232 _____ (GOG.com ) C:\Users\Marc\Downloads\setup_gwent_1.2.9.5a_de.exe
2017-05-26 14:51 - 2017-05-26 14:51 - 00000064 _____ C:\Users\Marc\Downloads\gogGalaxy.auth
2017-05-26 13:18 - 2017-05-26 13:18 - 00001252 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-26 00:50 - 2017-05-26 00:54 - 00163019 _____ C:\Users\Marc\Downloads\Addition.txt
2017-05-26 00:45 - 2017-05-27 04:49 - 00036123 _____ C:\Users\Marc\Downloads\FRST.txt
2017-05-26 00:45 - 2017-05-27 04:47 - 00000000 ____D C:\FRST
2017-05-26 00:43 - 2017-05-26 00:44 - 02429952 _____ (Farbar) C:\Users\Marc\Downloads\FRST64.exe
2017-05-25 22:16 - 2017-05-25 22:18 - 00000000 ____D C:\Program Files\UNP
2017-05-25 22:16 - 2017-05-25 22:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-25 17:35 - 2017-05-25 17:35 - 00009358 _____ C:\Users\Marc\Documents\Hardware Interrupts and DPCs.txt
2017-05-25 15:24 - 2017-05-25 15:24 - 00009410 _____ C:\Users\Marc\Downloads\conhost.exe.txt
2017-05-25 15:24 - 2017-05-25 15:24 - 00005889 _____ C:\Users\Marc\Downloads\malware_bedrohungen.txt
2017-05-25 14:28 - 2017-05-25 14:28 - 00041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-05-25 14:15 - 2017-05-25 14:15 - 00009410 _____ C:\Users\Marc\Documents\conhost.exe.txt
2017-05-25 13:52 - 2017-05-25 13:52 - 01931969 _____ C:\Users\Marc\Downloads\ProcessExplorer.zip
2017-05-25 03:33 - 2017-05-25 03:33 - 00000000 ____D C:\Users\Marc\Documents\samsung
2017-05-25 03:32 - 2017-05-25 14:13 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Samsung
2017-05-25 03:29 - 2017-05-25 14:13 - 00000000 ____D C:\ProgramData\Samsung
2017-05-25 02:34 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-25 02:29 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-25 02:29 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-25 02:18 - 2017-05-25 02:18 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:17 - 2017-05-25 02:33 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-25 02:17 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-25 02:17 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-20 00:26 - 2017-05-20 00:26 - 00005889 _____ C:\Users\Marc\Documents\malware_bedrohungen.txt
2017-05-19 13:59 - 2017-05-27 04:42 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-19 13:59 - 2017-05-27 04:42 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-19 13:59 - 2017-05-27 04:42 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-19 13:59 - 2017-05-27 04:41 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-19 13:59 - 2017-05-20 00:11 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-19 13:59 - 2017-05-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-19 13:59 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-19 13:58 - 2017-05-19 13:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-17 21:41 - 2017-05-17 21:41 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-15 23:01 - 2017-05-15 23:01 - 00000000 ____D C:\Users\Marc\AppData\LocalLow\Kyle Champ
2017-05-11 11:11 - 2017-05-11 11:11 - 00000000 ____D C:\Users\Marc\AppData\Local\web_engine
2017-05-11 11:11 - 2017-05-11 11:11 - 00000000 ____D C:\Users\Marc\.web_engine
2017-05-10 18:31 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 18:31 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 18:31 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 18:31 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 18:31 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 18:31 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 18:31 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 18:31 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 18:31 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 18:31 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 18:31 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 18:31 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 18:31 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 18:31 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 18:31 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 18:31 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 18:31 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 18:31 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 18:31 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 18:31 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 18:31 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 18:31 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 18:31 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 18:30 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 18:30 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 18:30 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 18:30 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 18:30 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 18:30 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 18:30 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 18:30 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 18:30 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 18:30 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 18:30 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 18:30 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 18:30 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 18:30 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 18:30 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 18:30 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 18:30 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 18:30 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 18:30 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 18:30 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 18:30 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 18:30 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 18:30 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 18:30 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 18:30 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 18:30 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 18:30 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 18:30 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 18:30 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 18:30 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 18:30 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 18:30 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 18:30 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 18:30 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 18:30 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 18:30 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 18:30 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 18:30 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 18:30 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 18:30 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 18:30 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 18:30 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 18:30 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 18:30 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 18:30 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 18:30 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 18:30 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 18:30 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 18:30 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 18:30 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 18:30 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 18:30 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 18:30 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 18:30 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 18:30 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-05-10 18:30 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 18:30 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-05-10 18:30 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 18:30 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 18:30 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 18:30 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 18:30 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 18:30 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 18:30 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 18:30 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 18:30 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 18:30 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 18:30 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 18:30 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 18:30 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 18:30 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 18:30 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 18:30 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 18:30 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 18:30 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 18:30 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 18:30 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 18:30 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 18:30 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 18:30 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 18:30 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 18:30 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 18:30 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 18:30 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 18:30 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 18:30 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 18:30 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 18:30 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 18:30 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 18:30 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 18:30 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-05-10 18:30 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 18:30 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 18:30 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 18:30 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 18:30 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 18:30 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 18:30 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 18:30 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 18:30 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 18:30 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 18:30 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 18:30 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 18:30 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 18:30 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 18:30 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 18:30 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 18:30 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 18:30 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 18:30 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 18:30 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 18:30 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 18:30 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 18:30 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 18:30 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 18:30 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 18:30 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 18:30 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 18:30 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 18:30 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 18:30 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 18:30 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 18:30 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 18:30 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 18:30 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 18:29 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-05-10 18:29 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 18:29 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 18:29 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 18:29 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 18:29 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 18:29 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 18:29 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 18:29 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 18:29 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 18:29 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 18:29 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 18:29 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 18:29 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 18:29 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 18:29 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 18:29 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 18:29 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 18:29 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 18:29 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 18:29 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 18:29 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 18:29 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 18:29 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 18:29 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 18:29 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 18:29 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 18:29 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 18:29 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 18:29 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 18:29 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 18:29 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 18:29 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 18:29 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 18:29 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 18:29 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 18:29 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 18:29 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 18:29 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 18:29 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 18:29 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 18:29 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 18:29 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 18:29 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 18:29 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 18:29 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 18:29 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 18:29 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 18:29 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 18:29 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 18:29 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 18:29 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 18:29 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 18:29 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 18:29 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 18:29 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 18:29 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 18:29 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 18:29 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 18:29 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 18:29 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 18:29 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 18:29 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 18:29 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 18:29 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 18:29 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 18:29 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 18:29 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 18:29 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 18:29 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 18:29 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 18:29 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 18:29 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 18:29 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 18:29 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 18:29 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 18:29 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 18:29 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 18:29 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-10 15:52 - 2017-05-10 15:52 - 00001593 _____ C:\Users\Marc\Desktop\StardewModdingAPI - Verknüpfung.lnk
2017-05-09 22:50 - 2017-05-09 22:50 - 00017679 _____ C:\Users\Marc\Downloads\emkawe.csv
2017-05-09 17:20 - 2017-05-09 17:20 - 00005667 _____ C:\Users\Marc\Documents\Skript_Video_DbD.odt
2017-05-08 23:43 - 2017-04-26 22:47 - 00383016 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-05-06 17:57 - 2017-05-06 18:03 - 29181730 _____ (Marcin Swierzowski aka AnkhHeart ) C:\Users\Marc\Downloads\AnkhBotR2_1.0.1.24_Official.exe
2017-05-06 17:11 - 2017-05-06 17:11 - 00001101 _____ C:\Users\Marc\Desktop\AnkhBotR2 - Verknüpfung.lnk
2017-05-06 01:54 - 2017-05-06 01:54 - 01496584 _____ C:\Users\Marc\Downloads\Vegas Movie Studio Platinum - CHIP-Installer.exe
2017-05-04 19:05 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-04 19:05 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-03 18:49 - 2017-04-30 20:04 - 00000000 ____D C:\Users\Marc\Downloads\SMAPI 1.11
2017-05-02 22:16 - 2017-05-02 22:16 - 00248748 _____ C:\Users\Marc\Downloads\conf-marc.pdf
2017-04-30 03:54 - 2017-04-30 03:54 - 00004755 _____ C:\Users\Marc\Documents\geschichte.odt
2017-04-28 01:34 - 2017-04-28 01:34 - 00000000 ____D C:\Users\Marc\Documents\SavedGames
2017-04-28 01:33 - 2017-04-28 01:33 - 00001445 _____ C:\Users\Public\Desktop\Breach & Clear.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 04:46 - 2016-10-01 14:19 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-27 04:46 - 2012-07-25 22:05 - 00000000 ____D C:\Users\Marc\AppData\Local\LogMeIn Hamachi
2017-05-27 04:42 - 2017-03-18 18:16 - 00000000 __SHD C:\Users\Marc\IntelGraphicsProfiles
2017-05-27 04:40 - 2016-10-01 14:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-27 04:40 - 2016-10-01 14:15 - 00374456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-27 04:39 - 2016-10-01 14:25 - 00000000 ____D C:\Users\Marc
2017-05-27 04:39 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-27 04:38 - 2016-10-01 15:03 - 00000008 __RSH C:\Users\Marc\ntuser.pol
2017-05-27 04:31 - 2016-03-18 18:01 - 00000000 ____D C:\Users\Marc\AppData\Local\Spotify
2017-05-27 04:28 - 2016-03-18 18:00 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Spotify
2017-05-27 03:13 - 2017-04-22 16:01 - 00006262 _____ C:\Users\Marc\Documents\Mimi_diaetplan.ods
2017-05-27 00:40 - 2016-06-25 18:37 - 00688680 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-05-26 22:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 21:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 20:05 - 2016-10-01 14:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-26 03:41 - 2017-02-13 13:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\obs-studio
2017-05-25 14:20 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-25 14:13 - 2014-06-21 15:20 - 00000000 ____D C:\Users\Marc\AppData\Local\Samsung
2017-05-25 14:13 - 2014-06-21 15:17 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-25 14:13 - 2011-08-31 20:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-25 03:28 - 2014-06-21 15:16 - 00000000 ____D C:\Users\Marc\AppData\Local\Downloaded Installations
2017-05-25 03:07 - 2012-12-05 20:17 - 00000000 ____D C:\Users\Marc\AppData\Local\ElevatedDiagnostics
2017-05-25 02:38 - 2016-10-01 14:23 - 02763288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-25 02:38 - 2016-07-17 00:51 - 01115198 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-25 02:38 - 2016-07-17 00:51 - 00283320 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-25 02:35 - 2016-10-01 14:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-25 02:35 - 2015-12-17 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-25 02:18 - 2017-01-24 23:08 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:14 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:14 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-25 02:18 - 2016-10-06 16:13 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-06 16:13 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-25 02:18 - 2016-10-01 14:19 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-25 02:18 - 2016-10-01 14:19 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-24 21:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-24 21:41 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-24 21:41 - 2013-07-31 02:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 21:36 - 2011-09-24 13:36 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-20 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-19 21:51 - 2017-03-28 19:37 - 00000000 ____D C:\Users\Marc\AppData\Roaming\StardewValley
2017-05-19 21:06 - 2011-09-27 21:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\TS3Client
2017-05-19 13:58 - 2011-09-08 09:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-19 13:40 - 2014-10-12 19:57 - 00007607 _____ C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2017-05-19 03:15 - 2014-02-26 21:31 - 00000000 ____D C:\Users\Marc\AppData\Local\Battle.net
2017-05-18 23:17 - 2011-09-04 21:08 - 00000000 ____D C:\Users\Marc\AppData\Local\CrashDumps
2017-05-18 14:48 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-18 14:47 - 2014-11-09 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-18 14:41 - 2014-02-26 21:31 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-18 09:35 - 2017-04-06 16:40 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-18 09:35 - 2017-01-24 23:07 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-18 09:35 - 2016-08-27 00:26 - 04114248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 09:35 - 2016-08-27 00:26 - 03624784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 09:35 - 2016-08-02 23:52 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-18 07:55 - 2016-10-06 16:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-18 07:48 - 2016-10-01 14:19 - 06437824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00548984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-18 07:48 - 2016-10-01 14:19 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 21:42 - 2011-09-27 20:41 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Dropbox
2017-05-16 20:09 - 2016-10-01 14:19 - 07993157 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-16 00:41 - 2014-08-14 01:17 - 00002493 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 20:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:20 - 2013-03-27 00:32 - 00001203 _____ C:\Users\Marc\Desktop\TeamSpeak 3 Client.lnk
2017-05-12 09:28 - 2017-04-10 12:00 - 00000000 ____D C:\Users\Marc\AppData\Local\FalloutShelter
2017-05-12 01:10 - 2017-04-17 16:46 - 00004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-12 01:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 01:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-11 11:09 - 2015-08-02 12:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 11:09 - 2011-09-03 10:35 - 00000000 ___RD C:\Users\Marc\Podcasts
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 03:20 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 03:20 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 18:07 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 15:20 - 2015-08-02 12:26 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages
2017-05-06 21:29 - 2016-10-01 14:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 00:11 - 2017-04-20 14:39 - 00000000 ____D C:\Users\Marc\Documents\Soundaufnahmen
2017-05-04 01:48 - 2015-04-11 21:10 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc
2017-05-03 22:21 - 2017-01-24 23:07 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETDFC3.tmp
2017-05-03 22:21 - 2016-10-06 16:14 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-10-06 16:14 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 22:21 - 2016-05-10 12:18 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-02 18:03 - 2016-12-09 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snaz
2017-05-02 16:28 - 2016-05-18 14:49 - 00000000 ____D C:\Users\Marc\AppData\Roaming\discord
2017-05-02 00:38 - 2017-01-24 23:07 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETEB0.tmp
2017-05-02 00:38 - 2016-08-27 00:26 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET3191.tmp
2017-05-02 00:38 - 2016-08-27 00:26 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET4E92.tmp
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-01 14:18 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-28 01:35 - 2016-12-17 00:35 - 00003912 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d257ecbd9dba3a
2017-04-28 01:35 - 2016-12-17 00:35 - 00003644 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d257ecbd7530cd
2017-04-28 01:33 - 2016-11-19 04:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Launcher
2017-04-27 21:16 - 2016-10-01 14:58 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-27 21:16 - 2016-10-01 14:58 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 20:09 - 2011-08-31 17:04 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-16 16:12 - 2017-03-16 16:12 - 0001440 _____ () C:\Users\Marc\AppData\Local\recently-used.xbel
2014-10-12 19:57 - 2017-05-19 13:40 - 0007607 _____ () C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2011-11-10 15:10 - 2017-03-23 18:29 - 0006035 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2017-04-22 20:14 - 2017-04-22 20:14 - 0739904 _____ (Oracle Corporation) C:\Users\Marc\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-04-25 18:33 - 2017-04-20 02:18 - 0754352 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvSCPAPI.dll
2017-04-06 16:39 - 2017-05-01 22:14 - 0869200 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvSCPAPI64.dll
2017-04-25 18:29 - 2017-05-01 22:14 - 0367552 _____ (NVIDIA Corporation) C:\Users\Marc\AppData\Local\Temp\nvStInst.exe
2017-04-14 04:24 - 2017-04-14 04:24 - 0040448 ____N () C:\Users\Marc\AppData\Local\Temp\proxy_vole2232295211778137791.dll
2017-04-29 13:06 - 2017-05-02 18:03 - 2059438 _____ (JimsApps                                                    ) C:\Users\Marc\AppData\Local\Temp\SnazSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-18 01:49

==================== Ende von FRST.txt ============================

eMKaWe 27.05.2017 03:59
Addition.txt teil1:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Marc (27-05-2017 04:50:29)
Gestartet von C:\Users\Marc\Downloads
Windows 10 Pro Version 1607 (X64) (2016-10-01 13:03:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1132746113-184105214-789198808-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1132746113-184105214-789198808-503 - Limited - Disabled)
Gast (S-1-5-21-1132746113-184105214-789198808-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1132746113-184105214-789198808-1002 - Limited - Enabled)
Marc (S-1-5-21-1132746113-184105214-789198808-1000 - Administrator - Enabled) => C:\Users\Marc

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
5700_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnkhBotR2 version 1.0.1.28 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.1.28 - Marcin Swierzowski aka AnkhHeart)
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
ASRock eXtreme Tuner v0.1.209 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Breach & Clear (HKLM-x32\...\660082a1-5d0f-40d5-8f8c-828b87ab55c4) (Version:  - GB36X)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Commando Jack (HKLM\...\Steam App 299260) (Version:  - Colossal Games)
Conan Exiles (HKLM\...\Steam App 440900) (Version:  - Funcom)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Deceit (HKLM\...\Steam App 466240) (Version:  - Automaton)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Drawful 2 (HKLM-x32\...\7c165bbd-272d-47bd-b387-25ebca8ea6b1) (Version:  - JBCZN)
Dropbox (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
DSF Fußballmanager 98-99 (HKLM-x32\...\DSF Fußballmanager 98-99) (Version:  - )
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout Shelter (HKLM\...\Steam App 588430) (Version:  - Bethesda Game Studios)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FINAL FANTASY XIII (HKLM\...\Steam App 292120) (Version:  - SQUARE ENIX)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
Free Audio CD Burner version 2.0.24.812 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.24.812 - DVDVideoSoft Ltd.)
Free Video Call Recorder for Skype (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.33.1029 - DVDVideoSoft Ltd.)
FTL -  Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GDR 5520 für SQL Server 2008 (KB 2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Gyazo 3.3.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM\...\Steam App 214830) (Version:  - Opus)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version:  - DFE5J)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP OfficeJet J5700 (HKLM\...\{D3A65B0A-403B-4C20-A488-BFED2BC5D2EF}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
J5700 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalonline (HKLM\...\Steam App 475100) (Version:  - Inixsoft)
Kathy Rain (HKLM-x32\...\62c80ac3-3aa5-42a8-8048-a29ff819b7a8) (Version:  - RB5QV)
League client alpha (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
Learn Japanese To Survive - Hiragana Battle (HKLM\...\Steam App 438270) (Version:  - Sleepy Duck)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version:  - SQUARE ENIX)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2084 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minion Masters (HKLM\...\Steam App 489520) (Version:  - BetaDwarf)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.06 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2084 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{615d0aea-5494-408e-a381-e75d286601ff}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\InstallShield_{E7E52DE1-B0AD-4527-8E65-275EC03A9530}) (Version: 1.40.201 - ROCCAT GmbH)
ROCCAT Swarm (x32 Version: 1.40.201 - ROCCAT GmbH) Hidden
ROCCAT Swarm AlienFX (HKLM-x32\...\InstallShield_{5B0DCD7B-6F03-4322-8182-297882922F87}) (Version: 1.02 - ROCCAT GmbH)
ROCCAT Swarm AlienFX (Version: 1.02 - ROCCAT GmbH) Hidden
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snaz Version 1.12.5.2 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.5.2 - JimsApps)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Walking Dead (HKLM-x32\...\067a7675-cf5e-456d-ab72-615e3bbb34ce) (Version:  - TEQWP)
The Walking Dead: Season Two (HKLM-x32\...\632a1869-fcfe-4a96-b7f2-47057a7d6daf) (Version:  - TEQWP)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
UE4 Prerequisites (x64) (HKLM-x32\...\{31b49e1e-03f8-4a04-8faa-f6476d8fad02}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\WhatsApp) (Version: 0.2.684 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player 64-bit Plug-in Fix (HKLM\...\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb) (Version:  - )
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Youtubers Life (HKLM\...\Steam App 428690) (Version:  - U-Play online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1132746113-184105214-789198808-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16E66A39-8AA3-4334-9C4B-53EECADE9336} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1721515B-B280-4ECB-B4BF-BFDDF5BE0EA0} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {1A8CA9DF-C8A4-4760-97EC-C177E990BB74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {1EC3C81C-5AF1-442B-8ACB-3C0A11BF2420} - System32\Tasks\{AB373CB2-7287-444D-8012-BA7185EA23AE} => pcalua.exe -a C:\ATI\Support\11-12_vista64_win7_64_dd_ccc_ocl\Setup.exe -d C:\ATI\Support\11-12_vista64_win7_64_dd_ccc_ocl
Task: {1EE90060-4B27-4FAD-BF1A-FEF3E3892736} - System32\Tasks\{E4520F1F-96C4-43D7-99A7-78637179F6D6} => pcalua.exe -a C:\Users\Marc\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Marc\Downloads
Task: {2160C1B6-BB92-4D52-8569-141C232694C4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15] (Oracle Corporation)
Task: {2482D2DC-F76F-4F65-AF04-EA75F1775449} - System32\Tasks\{4F6CC519-D104-4CBE-BD4D-EBE4DEDEDE99} => C:\Program Files (x86)\PakkISO\pakkIso.exe
Task: {2718E79C-13E5-4F72-9AE9-2F62B253CBD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {29252641-8BC1-4D0D-B7E3-9786B7CE37EC} - System32\Tasks\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => pcalua.exe -a C:\Westwood\C&amp;C95\CCSETUP.EXE -d C:\Westwood\C&amp;C95
Task: {2A71B2AA-9DE0-49D8-BEA4-8F9615860176} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B7C04AA-13C2-45D6-87FB-DA260E2FB7B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-24] (Microsoft Corporation)
Task: {2DFC0A89-FBD0-4383-A2B7-4813F685FF6E} - System32\Tasks\{4E008CF3-A100-41B9-9482-A5B7FF1234E9} => pcalua.exe -a C:\Users\Marc\Downloads\icq_7.2.3525.exe -d C:\Users\Marc\Downloads
Task: {3645015F-EF07-48A0-ACDD-BA5C6D17A10E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {36D30CD0-5482-497F-B5D9-7AA19EB62FB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {38FCC809-0FE9-4DB6-89A3-CCD078F895CF} - System32\Tasks\{8D78FF08-6D21-4313-AFB6-A8B55C7DB738} => pcalua.exe -a C:\Users\Marc\Downloads\dotnetfx35.exe -d C:\Users\Marc\Downloads
Task: {3997563E-48B6-4DA3-9C6D-4C1CF9433633} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3BC0A2DF-8146-41DB-A8C8-4B8805331261} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {3FA3227E-35F3-40D7-8306-16DF2814374D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d257ecbd9dba3a => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {40569694-256B-4BC9-A933-E0F04D602776} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {43563EDB-2C6A-41F6-B45B-381F807E4A7C} - System32\Tasks\Google Updater and Installer => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {43991FE3-2799-4778-B921-C1ABCE0D02E7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {43EBFFD7-74F8-4F9F-B4C3-684F5068FF75} - System32\Tasks\{D1C0F8DE-9EFC-4DA4-A3B0-3121CEAF7E3A} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {458DC6E8-D918-49AF-AD81-189007ABAE3C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-06] (Microsoft Corporation)
Task: {4630EB95-233C-4F20-B2DB-C3B99597B287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B00C9E9-D7B2-421A-AE4F-5608D5E112AF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {4D82B5C3-06F1-483B-93FA-2169536F6133} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5170ADA1-A8B8-4A15-AA04-45B85786299F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {5307712C-7B3D-4C52-B0AA-2E6E9486A307} - System32\Tasks\{D5BFE14D-1B62-473C-8EF5-7C4A0E844890} => pcalua.exe -a "D:\Games\Electronic Arts\Need For Speed World\AkamaiInstall.exe" -d "D:\Games\Electronic Arts\Need For Speed World"
Task: {53FD7521-23C9-4CAA-AEAB-A32768D00323} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {5837EBB8-4CAC-473D-B197-A65ECBF8B3FC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {585DA3C8-5257-4AA9-B84B-7BB89CEFBF11} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe
Task: {61CF4399-58AA-45E6-81CD-48855A15DF94} - System32\Tasks\{641B4A92-D776-4EC7-8F3B-B5D028356578} => C:\Program Files (x86)\Steam\Steam.exe [2015-12-14] (Valve Corporation)
Task: {62301821-5596-4181-B960-D86B8761BBBD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {69DC7492-D40F-4135-9335-54C2F8CBC3CE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6A1ACC6E-24BE-44FC-BE00-95C81B7EEFAA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6F895CF1-D975-4214-B0FC-735DEEFE43DE} - System32\Tasks\{4D9719D5-66DE-49D5-83A4-11188544B2EF} => pcalua.exe -a C:\Users\Marc\Downloads\dxwebsetup0411.exe -d C:\Users\Marc\Downloads
Task: {7083EBBF-26B2-4880-914B-907E73364800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {7205E5D4-7CF3-4757-81CE-23BE761D0AC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {72AAE81D-6DF1-40FF-AF35-8FEAA622A483} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Program
Task: {754211D1-8E6F-4DAD-9009-F343A6397A37} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7588E71B-22F6-413F-83FC-64560A019779} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7765C1B5-1832-4CB3-AC1D-689E30B1D8AF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {7901EB39-C7F2-448E-B321-1BA0B70E5877} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {795B256B-F65A-4DFD-81BF-2B2ABE58D408} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d257ecbd7530cd => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7AEAC270-DFEA-4AF4-BA59-F982BD2A246D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-03-28] ()
Task: {7E9D55A0-4B7B-4DEE-ABDC-748EB2619B07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {8200B8D7-CD70-4E40-AEC0-E9577BF0B4C3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {8EABD29A-8AA2-40B9-A7AA-B16644A65C73} - System32\Tasks\{70730BC4-0BFE-4744-BAD2-E91F3798140E} => pcalua.exe -a C:\Windows\IsUn0407.exe -c -fC:\SIERRA\DSF98-99\Uninst.isu
Task: {959A3583-4DA5-47BE-BF7E-3928E63B858E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {9847A64F-F140-4DA2-B7C8-97CFBB513A43} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {99A2F0D8-9C45-4540-A58B-422010C39E20} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9B018CE8-BC27-4060-AFED-0A6C09B8236A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {A23A357D-2D49-46BB-BCF8-493F33541E8F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A2557097-AEC1-4F35-B5F9-70508A3D8CC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {A83B829F-351B-4347-A032-40192154EFCB} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {AC94F2F8-2C2A-4335-B975-2073D5E7777A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {B01F3565-6DF6-42A9-99E2-E77FF328C354} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B8D6072D-844C-415B-B41E-ADC8E2F92459} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d23c064f5de62a => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.)
Task: {BEA253EC-2B81-49E7-9873-C6248AEDD69D} - System32\Tasks\{86C993B1-9965-4E96-BF1B-68A9ADA579DA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -c /app FreeVideoCallRecorderForSkype
Task: {BF4D41AC-1142-4EB0-BE79-76D8A224627B} - System32\Tasks\{BCC39CAA-1EF7-4CEE-A566-66610C956DF5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {BFB3FC34-A6EF-4D7D-BE51-2549303040CC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {C29E6FD6-AA15-4FC3-A389-92C9C210D2E3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C3E5BE91-4245-44D7-B726-2BBB24831937} - System32\Tasks\{D2C93145-3150-47F4-BBEB-E035B32A3287} => pcalua.exe -a C:\Users\Marc\Downloads\setup.exe -d C:\Users\Marc\Downloads
Task: {C3E7BE52-FB1A-41A0-A266-E84E38BE1D40} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C5B79861-D633-4E14-8C63-090D9563980F} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {CA6A2D79-2642-461F-A0DF-2985909B55E0} - System32\Tasks\{1BC349F9-1642-43F5-96B5-52F35A67756A} => pcalua.exe -a "C:\Users\Marc\Downloads\dotNetFx35setup (1).exe" -d C:\Users\Marc\Downloads
Task: {CFD1656A-372E-4AE6-BD3F-28CBED98F792} - System32\Tasks\{0FB93C61-AAE5-4F6E-B5CA-426A54D6A05A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {D123BDD5-8B49-4285-9963-F9F03D2BBAD1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D1C24ACA-BB67-4059-B661-F8ECFF345763} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DC0002C3-CA7B-4051-A608-30CCD94B7A18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DCD02564-5292-42DD-A908-5FB8F1777255} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {E1C6CAEA-701A-45F1-9AAB-B185A9D0A9FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {E4717A70-3C41-4A0C-BE65-EBEF45FA780E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E79DEF92-E074-47B0-9BFB-874F7698D020} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {EBA600B8-7CB7-46AF-A681-59556E0C47D0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {EC9EBE42-36E6-46A6-933F-A8CC1E7EFA28} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {EED73BAD-10E3-4E78-B9C0-130D82001890} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F12749B1-7EF7-4D07-B6FF-1F0379E6AC0D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {F34F533A-D0ED-47D5-BD80-7E15B102B357} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F6767A6C-B6BD-4C06-AAFA-0DFB391136D2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {F7BB9C69-FE75-494A-BD8D-A4AB6E917615} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FAE074BD-F449-4845-A7F3-1D4482EEBA5A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {FD360E83-F3DB-454D-AF25-0FDA6012183A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {FDC01966-C690-490E-ACE1-B02607BBF85E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d23c064f2afa22 => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core1d23c064f2afa22.job => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA1d23c064f5de62a.job => C:\Users\Marc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000Core.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1132746113-184105214-789198808-1000UA.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CloneSpy\Website.lnk -> hxxp://www.clonespy.com

ShortcutWithArgument: C:\Users\Marc\Desktop\Profil 1 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Marc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\202e0fa5ad94ba62\Profil 2 - Chrome.lnk -> C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-06 16:13 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-19 13:59 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-10 18:29 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-01 15:17 - 2016-10-01 15:17 - 00959168 _____ () C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-10-01 15:06 - 2016-10-01 15:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 00:20 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 00:18 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 18:29 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 18:29 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2017-03-15 00:18 - 2017-03-04 08:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-03-15 00:18 - 2017-03-04 08:04 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2017-03-15 00:18 - 2017-03-04 08:04 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2017-05-25 22:00 - 2017-05-25 22:01 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-25 22:00 - 2017-05-25 22:01 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-25 22:00 - 2017-05-25 22:01 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-25 22:00 - 2017-05-25 22:01 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-08 11:16 - 2017-04-08 11:16 - 02567168 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2017-04-08 11:16 - 2017-04-08 11:16 - 00138752 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2013-12-12 18:37 - 2013-12-12 18:37 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-13 00:53 - 2015-10-29 19:10 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-01-14 12:39 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-10-06 16:13 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-10-23 18:27 - 2014-10-23 12:27 - 00119822 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libgcc_s_dw2-1.dll
2014-10-23 18:27 - 2015-12-29 00:25 - 01540622 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libstdc++-6.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 53018112 _____ () C:\Program Files (x86)\GOG Galaxy\libcef.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00507968 _____ () C:\Program Files (x86)\GOG Galaxy\PocoUtil.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 01076800 _____ () C:\Program Files (x86)\GOG Galaxy\PocoNet.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 01854528 _____ () C:\Program Files (x86)\GOG Galaxy\PocoData.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00393280 _____ () C:\Program Files (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 01589312 _____ () C:\Program Files (x86)\GOG Galaxy\PocoFoundation.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00307776 _____ () C:\Program Files (x86)\GOG Galaxy\PocoNetSSL.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00330816 _____ () C:\Program Files (x86)\GOG Galaxy\PocoJSON.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00104000 _____ () C:\Program Files (x86)\GOG Galaxy\zlib.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00520768 _____ () C:\Program Files (x86)\GOG Galaxy\PocoXML.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00272448 _____ () C:\Program Files (x86)\GOG Galaxy\PocoZip.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00680000 _____ () C:\Program Files (x86)\GOG Galaxy\sqlite.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00157760 _____ () C:\Program Files (x86)\GOG Galaxy\PocoCrypto.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00425536 _____ () C:\Program Files (x86)\GOG Galaxy\pcre.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00152128 _____ () C:\Program Files (x86)\GOG Galaxy\expat.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 01738752 _____ () C:\Program Files (x86)\GOG Galaxy\libglesv2.dll
2017-05-26 14:55 - 2017-05-24 11:41 - 00078848 _____ () C:\Program Files (x86)\GOG Galaxy\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Marc\.DS_Store:AFP_AfpInfo [122]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7752 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-11-09 19:42 - 00442922 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        www.100888290cs.com
127.0.0.1        100888290cs.com
127.0.0.1        100sexlinks.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        www.10sek.com
127.0.0.1        10sek.com
127.0.0.1        1-2005-search.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        www.123fporn.info
127.0.0.1        123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123moviedownload.com
127.0.0.1        123moviedownload.com

Da befinden sich 15207 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1132746113-184105214-789198808-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc\Pictures\Raptr Screenshots\junko_enoshima_wallpaper_by_ishockwavei-d7j73hz.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

eMKaWe 27.05.2017 04:00
Addition.txt teil 2:
Code:
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FILSHtray.lnk => C:\Windows\pss\FILSHtray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk => C:\Windows\pss\ZooskMessenger.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                     
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\StartupFolder: => "Sidebar743.lnk"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{76A8BFF2-29B1-4EFF-809E-62F495ED414D}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{74277C60-1B9B-48B4-BD5F-C9CEE99661B0}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{D3098AB1-3258-4786-A7D3-7952F682EE12}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{097C0B7A-B28E-45E9-98A1-088E430B431B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{C3EC4996-91D4-44AF-927E-F97258D10949}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{271D86D2-76BC-43AC-B719-44FB5F5A163A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{BD5B6C15-2FC3-4C3B-9D77-E8BEAC140E1B}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{77CC69D0-43B6-4A62-9400-A66A4D002522}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{E7D4D5E0-93F1-4ACA-9BC9-22D5355DEF5E}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{1E7D72BD-9096-4D28-8C2D-448BCB0E1C66}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{62FB549E-DC96-4E77-AB6D-E56DBC2855D2}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{98A037E6-1000-4A99-BAD8-AB9C3748FE60}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{97730673-1C1F-4766-92B7-4DCA79E82840}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{66D3772D-3634-41E4-B0F2-33A477439ACF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{56F8E7A4-8E2D-4C71-8DF5-330DD6CD399A}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{0D278BE4-16B1-4A58-9150-AA0B213069E6}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{F81A14B1-CB99-4602-812F-AF9CDF5106F9}] => (Allow) C:\Users\Marc\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{7BD73BCA-42D8-4DCF-9EA8-8B78442CCA03}] => (Allow) C:\Users\Marc\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{CD93F975-3CCF-46EC-85FC-2A359D5BEE9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{9890AFF1-A555-442F-AF3D-00BAA034B1AD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{5A8F706A-40D4-4E0F-B6D4-3D3120EA4E61}] => (Allow) J:\SteamLibrary\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{745A146C-8181-4A21-B195-1DB9169CC20F}] => (Allow) J:\SteamLibrary\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A5FE26F9-98A6-4526-A0ED-EDD7BE151F53}] => (Block) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [{CD0AD7A7-9EA7-4DD6-9523-CD94085E8835}] => (Block) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [UDP Query User{A6018128-430B-47B2-87D9-4AC292AA4DED}D:\origin games\command and conquer tiberian sun\game.exe] => (Allow) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [TCP Query User{D506FB30-EBAD-488A-A2C8-DAA3DBAA02FB}D:\origin games\command and conquer tiberian sun\game.exe] => (Allow) D:\origin games\command and conquer tiberian sun\game.exe
FirewallRules: [UDP Query User{1BC818B7-2B86-4556-AB44-9AB3ABFF62D1}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{6DEEBF8A-2C14-4FB7-8E7C-F3020F1B8130}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7EA9045E-BCA0-402B-94C3-7402EB4135FA}] => (Allow) J:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{48384B79-3287-4659-938D-A2A7C81BFCC9}] => (Allow) J:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{20A889CC-14DD-453E-9B78-459854E4F46E}] => (Allow) J:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9958C4C2-D483-4A12-8C7D-22D7C1619C37}] => (Allow) J:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EFBD40BC-31FE-4A86-A0E9-FF5E8A50DD12}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3D47D322-C0AE-4B6E-873D-ED8BEE22F5D1}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{99EE5768-EA20-43AA-8F29-04E992AA0148}] => (Allow) J:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{0CC3D5BD-1560-4133-9659-EE534FD47A4A}] => (Allow) J:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{F3F3F7E1-4A83-46A5-A44D-FBAAC1FBA9CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4D3248B2-BA22-4E91-81C5-18FC679176A4}] => (Allow) D:\Games\Watch Dogs\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{7FD664A7-BEBF-40A5-9528-AC62FE76D6AB}] => (Allow) D:\Games\Watch Dogs\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{36AEBEF8-7319-48F8-B840-AECF0AF391C0}] => (Allow) J:\SteamLibrary\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{FB4FE2D1-1673-47EC-B283-4DD15E60D3BC}] => (Allow) J:\SteamLibrary\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [UDP Query User{5C836680-F0FE-4F18-9EB4-77DCBFE01FF3}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [TCP Query User{E49163AF-721B-4280-9E58-C0AC3138A2B5}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [{8DBFD679-B5DB-4862-AE98-A0608BC0F487}] => (Block) C:\games\minetest\bin\minetest.exe
FirewallRules: [{D7D49E94-A5DF-4C92-BE67-E91F58C848CF}] => (Block) C:\games\minetest\bin\minetest.exe
FirewallRules: [UDP Query User{F75B24EF-991C-4D2E-A309-2B93E94D0B83}C:\games\minetest\bin\minetest.exe] => (Allow) C:\games\minetest\bin\minetest.exe
FirewallRules: [TCP Query User{4DE1640F-88F3-4115-ABEC-E7D480A53902}C:\games\minetest\bin\minetest.exe] => (Allow) C:\games\minetest\bin\minetest.exe
FirewallRules: [{D1F221E4-9C68-4FC7-92FF-20F2E90FF91E}] => (Block) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [{C77CC189-5A5C-4BE6-A217-B60E4A16F9DE}] => (Block) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EE8FDA1F-C160-4C38-A108-27CF60C5854B}D:\games\world of warcraft\overwatch\overwatch.exe] => (Allow) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [TCP Query User{965DA77C-5287-4B45-BBCF-C12BF48ECECF}D:\games\world of warcraft\overwatch\overwatch.exe] => (Allow) D:\games\world of warcraft\overwatch\overwatch.exe
FirewallRules: [{5672D4AC-042D-4E7A-970C-19F85135073B}] => (Block) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [{4BDBB034-BF0C-4585-BBA8-D44EE5649DA3}] => (Block) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [UDP Query User{3F1C0133-581C-4C0D-839B-E5ACE294C8F6}J:\steamlibrary\steamapps\common\this war of mine\modtools.exe] => (Allow) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [TCP Query User{1D1FEC44-4470-42AA-B080-B973DED9075F}J:\steamlibrary\steamapps\common\this war of mine\modtools.exe] => (Allow) J:\steamlibrary\steamapps\common\this war of mine\modtools.exe
FirewallRules: [{09BFEE62-7BF6-49D6-95F6-A8BC6D3AD975}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{5D743520-5F29-41F1-AEF0-FD41EF265796}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{10092AA4-2177-4509-803A-9AE8479ACE62}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EF55CB3E-83AD-4A91-A6C1-9B85E4F223BD}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CFCA9EF9-0C5F-4C1B-AC83-A85AA4EC57A3}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{DE07F763-BBBF-49FE-983B-5B11DEDC924F}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{371E8988-7AA8-4187-B00F-3C85378A7ED9}] => (Allow) J:\PRO64_94.exe
FirewallRules: [UDP Query User{A52F3BA7-1BBC-41A8-A02E-E72139D30228}C:\users\marc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{9E87EA97-602A-4334-B73E-DD3AE7A7FCB3}C:\users\marc\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marc\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{A49611B2-D39A-4CD0-BAC1-E52411CCCD5E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{7BC34057-566C-4B7C-A131-4E5E8403ED7A}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{50D0BA35-694C-47BF-8B97-4AE7C902441F}] => (Allow) J:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{ABEDFE69-550F-4065-9BD0-CE402597597A}] => (Allow) J:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{02289619-5C32-4E81-B77C-25D9E0462ECF}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B6278655-3CD6-4970-9986-1761E34EF530}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{ED2AF035-5D79-47B9-BE24-0C02D8AF4ADC}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{5E94B6C0-51F9-43C2-AA09-8B6EB068391B}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [UDP Query User{28067909-69DF-4150-9B5F-470F071FB9D7}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{A1E9EEC2-6482-4CE8-85DA-5EC9BB74212A}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{28649F8D-7DCE-4FAC-B63F-386D86858567}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{40F02E56-2BE7-4677-8664-CDF9C6F77AB9}] => (Allow) J:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{E192A8E1-7865-43E5-96E1-F71CBEACDE36}] => (Allow) J:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{FE4AB27D-E4BF-4CC9-9E67-C6EEC24714FB}] => (Allow) J:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [UDP Query User{438C7422-2777-4588-B287-FF711012E498}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{96C54A2F-7D19-4070-A98A-51CED99EC13E}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{90A4F812-36C8-4377-8E1C-5EF0988E0954}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Block) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{C5B547F8-1A6A-422E-BEA8-F727A3D17F5F}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Block) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{34BBAEB0-B67A-4F15-9000-545F6D617508}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [TCP Query User{154985FE-9406-45CA-AA9B-0144B612DBBE}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [UDP Query User{EB544F23-0FF1-4EFB-BC44-2741F1C416C7}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Allow) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{4E232423-44D4-4050-BA83-DD07531AD135}J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe] => (Allow) J:\bf3\videos\xco435migos\xcom.2.digital.deluxe.edition.multi11-elamigos\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{A978A03B-91F6-405C-BD9F-1589C78F336F}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{98AF30EB-57E9-4EC8-AC8F-66B9E4B4F3A0}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{5C1A6BA3-2E99-4CCB-B8F0-059146027645}] => (Allow) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8035F415-7AED-4EAD-9107-474C044B479B}] => (Allow) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{0BFC3443-D505-42E1-A7D3-5EC13C40C6F5}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4B84FEFA-C40B-4E82-A9E7-58E2E33B4D03}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{24263DEE-4051-4BB6-BF5C-C8D8BA46308A}D:\games\nfs mw\speed.exe] => (Allow) D:\games\nfs mw\speed.exe
FirewallRules: [TCP Query User{B7573C1C-5F77-4BB6-99A9-DBA912C2E447}D:\games\nfs mw\speed.exe] => (Allow) D:\games\nfs mw\speed.exe
FirewallRules: [UDP Query User{C6CF5B9F-B9C6-464D-892F-9BE818F4E5C5}D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe
FirewallRules: [TCP Query User{0FE32065-EA01-496D-9A93-859E4D1F99B9}D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm.exe
FirewallRules: [UDP Query User{6002963D-688C-4202-A52D-22222844CCF2}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{333F08A6-D5B2-469B-8AB4-1FE6EAFE733A}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{7E0C848C-4975-4AB2-98C3-2ABDFF53A2F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{039EA803-1EDC-4D05-8D8D-5EACC48A812F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{138AA5D1-0A58-46E5-8A92-CD5F94C2B7F8}] => (Allow) D:\Games\Steam Games\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2189FAB6-2050-46BF-B7F3-6FD4B8016506}] => (Allow) D:\Games\Steam Games\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D0A285A-2D5B-495D-8E72-3010350D2682}] => (Allow) D:\Games\Steam Games\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{6E1F5CE1-BE8F-4E4E-B1DD-1DA7A1523B55}] => (Allow) D:\Games\Steam Games\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{6432BA1D-493F-41E0-8A0A-2C8D0E1569FD}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{8A001CF3-545A-46B3-9178-F387954F57DD}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{C8CDD98D-534F-4B93-8780-7D0F2265D6AD}] => (Allow) D:\Games\Steam Games\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C0D68CFA-9038-4127-B334-98019501A68F}] => (Allow) D:\Games\Steam Games\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{F9934AAD-2BE7-4384-B440-7532B1D34675}] => (Allow) D:\Games\Steam Games\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5D2B2C2C-525F-4252-9698-5D733DFA4B32}] => (Allow) D:\Games\Steam Games\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0668515C-9B95-4084-A6ED-8CA66AAFD29A}] => (Allow) D:\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{BCFC0D19-7FA0-4309-8F14-BA67DC9B0171}] => (Allow) D:\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{1FF38040-0745-4EC3-808C-8F1CBC94666B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{01877E58-6803-46E4-BEF1-C8312FE5623A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{BABAD951-C5F2-4873-B784-8909DFCBFD73}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{367B8B80-9BF3-46FC-B1D9-D020D42A8A7A}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{F2B7FE75-0417-4FC0-A182-11C6290DAC21}D:\games\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) D:\games\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{5BA9EC58-778F-4074-9B67-8A87E133D4E5}D:\games\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) D:\games\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{27C5C372-42DA-4D9F-9C9F-6E18EC120C9C}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{DDE24F9E-6E48-44B8-93B3-B94DBDFE6966}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{896E23AD-DADE-4095-A645-9127BA5625BB}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [{D35C0BD1-982D-468F-A0FF-7E45DCC75CAA}] => (Allow) D:\Neuer Ordner\MotioninJoy_071001_signed.exe
FirewallRules: [UDP Query User{0FCDB20C-81BC-4D5B-8878-1D31FD6B6539}D:\games\guild wars 2\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{6BFBC84A-CC9D-4AB5-BFC2-F91164309249}D:\games\guild wars 2\guild wars 2\gw2.exe] => (Allow) D:\games\guild wars 2\guild wars 2\gw2.exe
FirewallRules: [{702AE8AF-FDEA-4A9D-AFB5-3875CAA7EB4B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{6942882F-EC92-4D93-B4DF-9493B34782DC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{AF0A4415-F016-4D79-8811-7D8A04F0FF93}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{8AD75573-B8EA-488E-9E85-4664608C57DC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6A1A967A-7C12-4B3E-97D0-438D7B9D7EC3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{06CEC8E2-5FFD-4F27-B3B3-DA924DE2E5E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{34A1943F-1C5C-404D-9270-656518F04F46}] => (Allow) D:\Games\Steam Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{EC3ADE35-F6E9-41F4-BFBB-D90DA969F81D}] => (Allow) D:\Games\Steam Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{51EB8C2D-A854-4003-ABE0-4A46822A4616}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4C20F46C-258A-4F28-9B95-462F071229E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{93D65393-DEBB-47DE-B70D-D44A1F9DA979}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CE4C8FBB-8A08-4E67-B7FE-70020389DD65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3436E838-7B00-43A6-8E4F-9A84C4D62BFA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3119CD95-1C27-4D9D-8CBB-E3E2FE9320DA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EBF0A9C1-6E59-4919-8D01-EC44840ACE80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{08887436-F54C-4005-B2D6-6D520BECF65B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1AB89C23-0A65-4154-B816-F4C6DAD3AAAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EB21F3EB-70DA-408F-B343-48E32B297C64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{66A266DC-49E7-4C30-BBF8-D5AB9ABB5403}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0BB11670-E146-4F8C-8E0E-AC843AD17BA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8F08086A-DAA2-49B7-B6EE-B21AB9A82E84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{46A7A48B-CC2C-4CF8-A7B0-D1FAF7209859}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{26793E67-2BD7-4893-8254-F53ED62B58A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8D6E4C95-CF6D-4C13-8D8C-A6256A4947DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{343481F1-BC2E-4028-A607-0C3CE773AD91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{48712EC0-088C-4290-AB6A-6B47C5965922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{833ABD6F-A892-4A17-BAFE-A8ACF621B24F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7154B88D-F0F4-474B-A845-F61BBDA682FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{80C9CCE8-2D18-46E7-91C2-FFAB0B9A47A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EC205117-02E4-4103-BD49-274EA0B497CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0E78A796-82AB-4423-9C77-4F5AF7149983}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5A2ED19F-EE80-49AF-92AF-01D06D708BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{753C097A-DE9D-4463-A87A-AD11A4C23977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8CB92063-8557-417F-8BC0-CB407635A926}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D882D7F0-BC94-45DE-8944-880F522EDBFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CC4E8E0E-31D1-490B-B703-F00BF6A37E88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AD333F1D-5B5D-4409-BF1D-E1AFDC154310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{448A5F2D-C8FB-4A8F-97C5-1C9D127B8A66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BF98D179-44A6-4534-8968-FDA2878B880C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B1A17AB1-CF8E-4547-BEEE-9FA1E90C0732}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E2E21EF3-2C59-4184-88CB-A3D1BCB74A72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C8F6553B-4466-44B1-9AB9-64968CC7290E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1BBA3CE8-097A-4FFB-B15B-31543733F4A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4671F075-7548-424D-AA4A-4B05A4CB2A4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FAD57914-F15D-4838-95D8-2D38A108567E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4D38AA99-F3FB-4672-8EED-A3EBC3FC7560}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E3B3ED98-2208-42CB-9E53-BEAA44752587}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{27DDF419-5EA1-42D6-9969-186ED5E2EB9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A80840E6-2FEF-4A17-8723-9BB012D7AC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E5B6095-2896-49A8-861E-00624EA3E5FA}] => (Allow) D:\Games\Steam Games\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{C042BBBE-7FED-4859-A84C-C3EECB2915C0}] => (Allow) D:\Games\Steam Games\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{224F2360-716B-4851-AA8A-8420515A20F9}] => (Allow) D:\Games\Steam Games\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7B449A2F-8490-455A-9731-1EA10E399A61}] => (Allow) D:\Games\Steam Games\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3CD70090-A424-4BE1-A3B4-0B29DF7C61BA}] => (Allow) D:\Games\Steam Games\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C32C27E7-09F5-41DC-BB97-497F7AAE164A}] => (Allow) D:\Games\Steam Games\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E97B19D4-B0A5-4EB9-AB4B-8050DAAF1E6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5CFE296-47FA-4E00-984D-64CCE3789D94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4535175F-C208-4B17-9FEC-60186A441E91}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EDD77C88-02BD-41CF-A72C-0EB37DD88F92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14C8D592-3F3B-4529-954E-C7EAD1C9D4E0}] => (Allow) D:\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{D6B37DBD-77C4-41F6-B2EA-7A6E5A98C02E}] => (Allow) D:\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [UDP Query User{84542289-54E7-4DBB-904E-EF66B37C10D2}D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{F9467EC3-86C8-4576-91A5-ABA5228F9918}D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\games\steam games\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{0C9EE5A7-65E8-412E-B49A-E7345F4E0C03}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [TCP Query User{E2D9CDDF-675D-44C1-A962-7815CBDDC2FA}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{CA8F3B2B-8215-46C3-B608-37700D3EAEDC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A8BAECC8-6DC9-4B9E-B9B7-7091D9CE03A0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9E60FB78-186F-4D00-B50A-36581F191A36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{42955C50-F5B3-49FE-9E11-65739867082B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{7937471B-ADAD-494C-8973-7BE4FEC44CD7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fortix\Fortix.exe
FirewallRules: [{CFE5EB5F-45A9-4CF7-9448-92E38603D501}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\fortix\Fortix.exe
FirewallRules: [UDP Query User{C26336EB-5DFF-4520-B956-B9346CB76DD1}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{E018D0DC-5A80-4A30-9279-30849251A51B}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{74BB8E19-C098-492C-9154-11EB86F99F14}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{467B1039-FD96-4BAD-BFAB-7374DA9E68B9}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [UDP Query User{20271E7B-C0CE-40E5-A80B-748975347EEE}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{083F750E-B168-4160-B8F9-9008BF2CA048}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{B0DB93FA-464C-4EC0-8052-0BC14E190206}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E005AE06-F34A-40F7-9E49-40099BA4A449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{37EE1367-2219-4160-8F52-70153BB8B218}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{620DD70B-29A6-4ECE-8394-B10831D34BA1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8118C1FB-2431-4404-8270-84E9DF51FBCB}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{76201678-1F3F-4038-AB3F-2857DFA96337}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [UDP Query User{ADCAE2CE-63CB-4CA4-BA0D-AED224471C0A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3845D14E-E58E-4108-9542-9F8CD9605396}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{E79854CC-4A44-4B0B-91D7-8EE7E66D0987}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{990567DB-15A2-4165-B3F4-6DBF62C23E9C}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe
FirewallRules: [{973DFF8A-FE77-40E0-B660-52E18685A82E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{656FB8A1-FB21-406D-892F-850D0735E179}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{88528A13-7082-4DB2-BC81-F4805DEC8718}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{73663C19-9F69-4D20-BA28-049416DE0255}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{8AB1C26C-3F5D-441F-BCA3-8292E2FB88B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F8622482-6F36-4B23-85E6-20D33ADE8A2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{E1E330B5-7210-420C-96DA-0C7642656E52}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{82112054-A46B-4567-BC4A-D37AF0917799}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B406FE0C-9B2F-4B89-BB26-9133281C6029}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{303B4D26-B6F0-4E13-9D42-BDC9F35444B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4DB783EB-4EFB-42B0-AD68-47F06B6D04AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{693E1FFD-A985-4047-9837-79046D9BB363}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{E8DCA318-823F-4169-83E4-31B4CA0F97FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{B7DAE0E2-ABCF-41C3-8D33-421BBEAC9D07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{01F8DB83-1C63-4C91-838D-FCB81CB60A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{C04C991A-9BDD-4EFC-A715-FF73FA065B06}F:\games\wow\world of warcraft\backgrounddownloader.exe] => (Allow) F:\games\wow\world of warcraft\backgrounddownloader.exe
FirewallRules: [TCP Query User{582DD15D-7131-442D-B9ED-4D7B3FE5B8CA}F:\games\wow\world of warcraft\backgrounddownloader.exe] => (Allow) F:\games\wow\world of warcraft\backgrounddownloader.exe
FirewallRules: [{0829F564-F4DA-4098-8812-6517B1088083}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.patch.exe
FirewallRules: [{5305DC19-C406-4709-8B46-030E6CF1D580}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.patch.exe
FirewallRules: [{D7109215-6480-4220-8C43-CF765253CEDB}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.exe
FirewallRules: [{CAE91AA7-903D-4A8F-88A8-D8C3AB2A5009}] => (Allow) F:\Games\WoW\world of warcraft\Launcher.exe
FirewallRules: [UDP Query User{33551634-5DEF-4EAD-9BC8-1566177913D4}F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe] => (Allow) F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe
FirewallRules: [TCP Query User{D4AC2DEF-3E38-4FE8-8B7D-56664B61C1B6}F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe] => (Allow) F:\games\wow\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe
FirewallRules: [UDP Query User{9CC93BF8-CD2A-4D4B-AD50-28FC35D278F7}F:\starcraft ii\support\blizzarddownloader.exe] => (Allow) F:\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{B830836F-EC77-4035-8DA0-E65802F6D647}F:\starcraft ii\support\blizzarddownloader.exe] => (Allow) F:\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{77FFB291-6762-4B3F-AC71-B0F318D2AA38}F:\starcraft ii\starcraft ii.exe] => (Allow) F:\starcraft ii\starcraft ii.exe
FirewallRules: [TCP Query User{FB56325E-49A6-435B-9ADB-800C888B6349}F:\starcraft ii\starcraft ii.exe] => (Allow) F:\starcraft ii\starcraft ii.exe
FirewallRules: [{05969B54-624C-4850-BA51-222096B0293E}] => (Allow) LPort=1900
FirewallRules: [{4934F939-C2AD-4599-90D9-3F0BC9098E27}] => (Allow) LPort=2869
FirewallRules: [{62C79E59-6AB9-48F4-8E5C-F0DF79F925D4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7EAB9A0-1C3E-4383-B42C-74FCD5B59ABD}] => (Allow) LPort=5000
FirewallRules: [{24202314-606F-4D11-9D27-CFB693AEA581}] => (Allow) LPort=49217
FirewallRules: [UDP Query User{F04B13DB-DEE4-444B-9764-2DEF1FB1F630}F:\games\rsv2\binaries\r6vegas2_game.exe] => (Allow) F:\games\rsv2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{9BB651CC-B924-4D77-9FB6-D84159A3E001}F:\games\rsv2\binaries\r6vegas2_game.exe] => (Allow) F:\games\rsv2\binaries\r6vegas2_game.exe
FirewallRules: [{1DBA39FF-43BD-4B92-AC48-07C820DA345F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0C59A854-D68A-4FC3-B48E-6BB39149117D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1D77DB98-E734-4F7C-B6C4-737B581BCEBD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0E28345F-EA93-49B5-83A5-9066FED064EE}F:\starcraft ii\versions\base19132\sc2.exe] => (Allow) F:\starcraft ii\versions\base19132\sc2.exe
FirewallRules: [TCP Query User{BDDDFBD3-80FB-4810-9F22-9FB6A749D8C7}F:\starcraft ii\versions\base19132\sc2.exe] => (Allow) F:\starcraft ii\versions\base19132\sc2.exe
FirewallRules: [{332D4998-FCB9-4A3D-9BC2-93CA41F379A6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{20FDB8B7-B533-432C-BBAD-BE3EB3B1EF83}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{917110D0-E171-4EB6-B53F-3C6B1B1C5CF6}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F4B8C2C4-7708-47F2-A971-04D3C9F2B611}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{EE9BE810-CECD-4062-9E58-169DFBBB7766}D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{04BA119D-1AFB-490B-A02D-5988549D7A21}D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{A9D1CBB4-6C27-4F86-8706-2545908FCDED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{22901EDB-883C-4E73-BD95-17694B35AF75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{C0A202DC-110F-49DA-A052-E7808EC07A2A}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{EAC31E6A-5FDC-4C8C-B55D-BF1208F5651C}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{B1E99389-095F-4312-B017-06D250767B31}D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A2DC6DF3-CCD2-4350-8E88-8FD972A54086}D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [{F9E624F2-09B6-48BD-8AD0-AC6C31F8B5C1}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{CE0C4829-9FF5-43C3-A2FC-995CBE1DACB1}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{C6956E58-5156-4270-B8BE-773801D459BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{34B309DF-164A-448A-A52E-6CA74076E351}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AA895A-7F95-429D-83BE-649C7A7F8093}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{D99E0292-3970-49C0-AC1E-F6E42592FD11}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{80F65E66-71F0-436C-95F3-356F83F566B7}D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C3ED3C1E-052D-45CB-B958-B6D2EE29D4D5}D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{80DC3684-5316-4D9E-B579-3E98E4D37415}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B7B42A78-A402-4CD9-8DEA-9BE8D3985037}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{A1C98125-B227-4083-AE62-713353F132B4}D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F9E1975E-0336-4BDE-ADE4-192121089176}D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe
FirewallRules: [{58D1F939-7EEF-4DC9-B163-15C956011CCF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DEE5544F-F186-45FD-925D-F8270340C78E}] => (Allow) D:\Games\Steam Games\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{13904848-2D01-4EBB-938B-D631B7079EE2}D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{21D078AA-5FFB-4185-9AEE-21A92FB83864}D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{8B50C102-A873-4B99-A002-4CFEBCF71AAE}C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{5474DF04-179B-4424-ACB4-B71C60DE1B70}C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex25.232\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{102825DB-27B5-45FF-9EF9-5FC84ED5A52D}C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{FCBA1ACF-F2A4-4097-AA16-7119AA466963}C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\marc\appdata\local\temp\rar$ex36.640\unrealkart\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{357BB791-1780-4DFB-A5E0-569742D88307}D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{39B7269C-1716-49B8-A4D3-84BC296BAE5E}D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C917E059-82B3-4710-A440-DFE85A51BD9A}D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CE91676B-9455-48C3-9E10-484C9C5546C4}D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [{C1707E56-E1B3-4A05-9AC4-64660433BCEF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{9A613755-F51B-4CAD-A2FF-FB50B2D645FF}] => (Allow) D:\Games\Steam Games\SteamApps\common\Sakura Clicker\Sakura Clicker.exe
FirewallRules: [{A8168B82-D907-4853-8C13-D29640A0F0CB}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{3B34BFD7-16BA-47C0-839D-3447098DF74C}] => (Allow) D:\Games\Steam Games\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{126D1813-819E-4F31-AD38-A151402406F2}] => (Allow) D:\Games\Steam Games\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CED359D7-526C-44EA-B739-E27B957D1B43}] => (Allow) D:\Games\Steam Games\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{982280D4-0F2D-4921-953D-5F0AFBED7164}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{58EBE510-76B5-44E1-8B95-91C4F6410FBD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{569506EB-E1DC-4FF1-96AD-1B67A1DD5072}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{71AB22C8-F953-47D0-BB3C-C6FEBF699021}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8F70CEB7-B907-44F6-95A7-E31CC616A078}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{AC22E999-8A03-4924-8F28-3B6F14D70C5E}] => (Allow) D:\Games\Steam Games\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F8E22D28-3BC1-4138-9C3B-7186DAF57903}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{946988B9-E888-4E90-8868-9C041AD59B91}] => (Allow) D:\Games\Steam Games\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{B7221F94-732D-4EB3-B4F8-9DBDC1EC6366}] => (Allow) C:\Users\Marc\Desktop\Steam.exe
FirewallRules: [{6F0470D5-BC42-4C30-816B-581EC6805761}] => (Allow) C:\Users\Marc\Desktop\Steam.exe
FirewallRules: [{72F737E3-1D0F-4B6E-BD8F-85E748025E80}] => (Allow) C:\Users\Marc\Desktop\bin\steamwebhelper.exe
FirewallRules: [{189B4C3B-FB93-4AA3-89EA-26EDC809B045}] => (Allow) C:\Users\Marc\Desktop\bin\steamwebhelper.exe
FirewallRules: [{976F9351-905A-4AC4-9B20-5F669828459C}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\Steam.exe
FirewallRules: [{593C982F-2045-486B-B8DA-8EE92A0A04FA}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\Steam.exe
FirewallRules: [{70DE215E-B8D6-450C-AC1D-3ECDA1980880}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\bin\steamwebhelper.exe
FirewallRules: [{CA455E4E-54ED-4CD5-9F50-FD138FBA83AB}] => (Allow) C:\Users\Marc\Desktop\Neuer Ordner\bin\steamwebhelper.exe
FirewallRules: [{520BCA97-9F10-4126-BAC3-C1676499449C}] => (Allow) D:\Games\Steam Games\SteamApps\Steam.exe
FirewallRules: [{E94144BB-4529-4EF2-9392-55245B6731B2}] => (Allow) D:\Games\Steam Games\SteamApps\Steam.exe
FirewallRules: [{4B26B5BC-69DC-46AB-A6FE-9FEB34290E4E}] => (Allow) D:\Games\Steam Games\SteamApps\bin\steamwebhelper.exe
FirewallRules: [{1255D479-8B31-4B8D-98A4-607C148E4002}] => (Allow) D:\Games\Steam Games\SteamApps\bin\steamwebhelper.exe
FirewallRules: [{F123EBEF-7BA7-476F-A279-2FDDCB2373F5}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{3D2C98C1-A7C4-4D24-B1AD-81681747C831}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{48301286-85DE-4A21-9F5F-0763A15A3C7D}] => (Allow) E:\FSetup.exe
FirewallRules: [{086D5E9A-7FF3-4B47-84CF-F140A39A5DEE}] => (Allow) E:\FSetup.exe
FirewallRules: [{D240D550-6D04-40E8-B579-C2B669BD799C}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{20B14C70-6121-49B7-9E6A-386425310CBD}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B7319684-0B12-4FBB-B9DD-E52226A069DB}] => (Allow) E:\FSetup.exe
FirewallRules: [{FEDE8C62-54D7-469B-B97E-B68A6AC17A70}] => (Allow) E:\FSetup.exe
FirewallRules: [TCP Query User{8CF818DD-FD1D-465C-8813-F2430831A7DF}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4DB1B0BF-CF9D-4C55-8C3D-15B43682ABD3}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0042442E-086C-41AB-B812-046B28677F5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2AF0B8E3-715F-4F08-9C12-738F72E06458}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BE93C36-A21D-4726-B01B-D0A5FB4E336C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6EC7B453-BDBC-48A1-9D7D-29BC9BB52E32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{313CD83B-7983-44AF-A3B7-8A9435310AAA}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [UDP Query User{2D323E1D-9D2E-4E7B-A954-D6667A8FFE7C}J:\lolskinview.exe] => (Allow) J:\lolskinview.exe
FirewallRules: [TCP Query User{0C35AAFF-7D0E-4850-ADD5-16A2AA4E2A3D}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F5ECAAEC-3986-49F1-985A-B2725A392556}C:\users\marc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{56501670-530E-4BF8-A661-F2553A7A4A7F}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{130131AC-CA2C-4A21-B8E0-D08EF7DE18F6}J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CC91A8FD-453A-48B4-B060-8FF667474FE6}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{4FFFF602-3A29-4C99-AED2-1663FCBFF49D}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D53FB64F-B228-450B-A209-2948676B7DF8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5F79E6F9-C9EE-47AB-ACF6-F3FA4798C4C1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{887D55A0-8B3D-4403-9C27-C7761B6CD40E}] => (Allow) J:\SteamLibrary\steamapps\common\Kalonline\KalOnline.exe
FirewallRules: [{D8008F75-90A3-444F-BF6B-78EAED310CCD}] => (Allow) J:\SteamLibrary\steamapps\common\Kalonline\KalOnline.exe
FirewallRules: [{7585C05C-2AA6-4382-AFEA-9E60F22EC5F2}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{312C933A-DDDE-4D97-8355-F3CAE8C88164}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{D11E9614-6553-4F7C-B333-A7ED5B04EB01}] => (Allow) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B59BB8F7-7E0F-4084-8EF5-0157FB374535}] => (Allow) D:\Games\Steam Games\SteamApps\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7EDECDFE-3F94-4343-8F42-0BEB60848F90}] => (Allow) J:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{D11A675D-AAA1-4475-8EDB-808161E34142}] => (Allow) J:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{8A61EEF3-0E1F-4D21-9C2C-D15FDE3E9A65}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{85C6F45B-6EF0-41B1-BAB2-3F1FE7C08179}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{3088397E-786A-4ACD-9EF9-5A21D99E9A68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AE287F07-9893-4632-BF18-5EFD1C393CA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{71A3205B-6D9C-4A69-BF53-2A84AE8ECE61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{56AF01A2-9B7F-46E4-A61E-352153A5B449}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3500C11F-0D79-409E-81BE-DA28A126CF3A}] => (Allow) J:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F934B2A6-D6E1-493D-8043-F4F1FF5F6633}] => (Allow) J:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [TCP Query User{5C1DB4CF-FA76-46F4-A5A7-F41E5CC059FB}J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{FF3FBC76-7210-4297-A10A-EC1B0D1E7063}J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Allow) J:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{7C081012-2A54-4E97-8F21-7E14006F70B1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{7ACD3270-70CB-4864-92ED-A247ABD9CF2F}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{79DE9B62-B709-430D-B197-989DE96BA055}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{503D065F-6264-451F-8E8F-0E336B91EFE4}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{27675987-CE56-48AF-9BC3-5CA0A9F5567B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{71F44419-D13C-4873-9103-4CB130799429}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AC8F91CD-362C-4145-826C-212208ED3856}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{41B5E56F-4D67-4C36-A700-894F7072FF08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{11EC0E31-C8BF-46D0-95DB-0E1105155CB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CB62EAB5-22B7-4FFD-8178-3C7C402E1F5E}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{B4F1B7F1-68DF-4BDC-8331-9A10673713DA}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\marc\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{86C09935-2D58-412F-9259-5626D112A1BD}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9489DE11-E330-414B-B7B3-D0C62B73BA91}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{40E8A9C9-BF8A-44EA-9B8B-F3B61FD4FE8D}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{B2C596FC-FCA0-43AC-95C3-4AB65E7014FC}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{64331623-B118-484A-ABFA-CF9339A9ABBC}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{2CE72A29-5483-49C6-B1C1-FAA9D61CA55A}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{5E680042-94FD-499A-AACE-5D778D548970}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{800D862A-7088-4360-AE9A-0094326FBFE8}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{0C244A73-BE19-4262-BE72-DE97FAE91785}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{9C4C18A0-324E-45B8-B4AA-3006C68563A8}] => (Allow) J:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{211420AE-24AE-4F99-BA95-A598024C1C89}] => (Allow) J:\SteamLibrary\steamapps\common\Commander Jack\CommandoJackWindows64.exe
FirewallRules: [{B25959C8-B4DE-41F7-8C7F-8C0447C26BD0}] => (Allow) J:\SteamLibrary\steamapps\common\Commander Jack\CommandoJackWindows64.exe
FirewallRules: [{73D413AE-BA22-4282-A533-BA905CF66589}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5CA6C438-A254-4861-B951-D9ACE9D0891B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D4696DDB-9418-4057-8737-28464CD90BF5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{31B27187-3E7F-498E-B408-219B3B3D2A21}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{38B2ACD3-6D7F-4C7F-8BF9-AB90F4E67F30}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E4FB15A9-1D5A-47C3-A982-26995ADA1566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6FD7C805-9897-4F10-9B3E-4EFAEA95BECD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D8C91083-37B0-48A9-9862-9248EEE4C9DD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F19D7DA8-2875-4E5B-9863-7F42B6BC6052}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90589E93-9F76-44A7-A02A-311507618A8B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F49CDBC0-54B1-4246-9C7D-5E70DC3FA500}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D66F6379-1B57-46FD-BBE6-2F460CE39793}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{BAD8C1A0-9BB7-4C52-975D-792A434F8300}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D920B866-E77C-4B95-8FAE-A92354B42C9E}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{28057A10-ACA6-4409-89DD-9077E71032C8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{76325073-1561-42F9-ACAB-5C8F1E6F0701}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{422BDE56-22A1-44A2-BE25-57DBC4E62D4A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{902D65C4-9E02-432E-923A-9317DBBBE3B1}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{4922C401-57B1-4E60-9773-D26C4DBE1F1F}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{68ACF740-4384-43C3-8E1B-F04C78C7C010}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D7FE27EE-4D97-4661-962D-B2E5543DED53}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{E0EC5173-0C19-4667-9968-FC8845FE9788}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{9B673831-4B30-4A71-B0CD-0FCF100F4E71}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{930AD148-089F-46DC-9390-22FF47DB7874}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{D6172641-85F1-4650-934E-7AA694D3124B}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{A23F0DE4-BD8B-4B96-AB46-515AAD4D3CB2}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{72E4B23E-0D6B-4B87-B0F6-041829944063}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{5C9C1E98-55F1-4707-95C1-504D3138B3E5}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{240FBB72-5EF0-459B-B6B6-08A363E64AF3}] => (Allow) J:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{153FF3C2-5D27-444F-94F2-4AAFC29201B1}] => (Allow) J:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [TCP Query User{DACD5314-1048-48B7-B52B-F2C0DBDD6644}D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{DAD8C216-0E97-4E70-A041-EB1A79159802}D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\games\steam games\steamapps\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{CF7882A4-F127-4370-9498-2F4F62A53F3E}] => (Allow) J:\SteamLibrary\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{E5E42C75-C6CB-44F0-BF52-8F9092214BE8}] => (Allow) J:\SteamLibrary\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{B511F635-7BEC-4BB5-A4DC-EEE841ED1C7A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D8963103-C1E4-4B30-B0DD-BF7551ECC322}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D2F1295D-087C-49F0-898E-16AC466E28C4}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5D333E7C-1C24-4273-9B2E-B81F5FFC93C7}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F1445A6D-251A-44DA-8008-3E14F317B405}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E32C5EDB-97FD-4CFD-AE8C-53C0C2AA3286}] => (Allow) J:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7CF72A81-F03B-4B37-8FBE-1698548471C3}] => (Allow) J:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{30A21C37-BAD2-4A3A-A891-C782ABE67838}] => (Allow) J:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{4409964C-F56F-4C2C-854B-DDF6317DAFCE}] => (Allow) J:\SteamLibrary\steamapps\common\Half Minute Hero\HMH.exe
FirewallRules: [{A91D7F72-2274-4742-93B5-7BD4A32F270F}] => (Allow) J:\SteamLibrary\steamapps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8B6BC9D0-2602-46FA-AF9F-43231866D14A}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90C98D15-38C3-4230-8D6B-5B0C9370A296}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F5CAAC62-18CA-4560-964B-F8473C55F8CE}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{ED9E9837-B96C-4EFC-9DC2-FF8FCEAE8372}] => (Allow) J:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{06371956-5399-49B2-89EF-F7E6FEDEE514}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B399E02D-2919-4DFD-BAF9-966394D5A6DA}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{7FE0E10C-49BA-4DF3-B190-0E67764C8DBE}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{59A6657B-F71B-439A-9A46-31B340072542}] => (Allow) J:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{9F94F783-1DEC-4086-B0EC-583BC0BC436F}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{7B47FB8C-F252-4252-92B2-4E7FEC4AE695}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{75FC9E72-B4FF-4AAD-86FB-4F30D93CEA27}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{D324BB3C-2EB2-4708-937E-B802AD0F2229}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{DD67B990-36B5-4ED2-85D5-9E98991E6F83}D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{C437F1B0-F437-4067-976B-68E2069DC3A5}D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\world of warcraft\diablo iii\x64\diablo iii64.exe
FirewallRules: [{EAD68C1B-B064-45DD-B408-E0293D6A50C9}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{C2DA7D90-94C7-4365-AB44-BB68C5610EF8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{F3E8D6A2-2552-46B5-99A2-5744DA933BCB}J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe] => (Allow) J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe
FirewallRules: [UDP Query User{BFCC9BB0-6CE2-4451-837E-AFBDDB092BA3}J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe] => (Allow) J:\steamlibrary\steamapps\common\stardew valley\stardewmoddingapi.exe
FirewallRules: [TCP Query User{62356686-77EE-4334-8BF7-E9DAB50143E2}D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6DD3465A-ADE5-4CFC-82FB-B3541DE0F4B7}D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [{82DA93B1-DA33-40E5-9501-85B0CBD16A4C}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{5264BAC5-0AAA-40CD-A45E-FC2156519126}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{82F26B2E-5266-4D47-BE89-15949C26AFA8}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{961F54B9-0BBE-4AF5-B90A-9AA2B12798CC}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{EDEE093F-0C48-47D4-B2E0-021ED7E177CD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{90BA0AD7-88D8-4660-AD49-5115C0054CEE}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{72176C15-45D9-4590-A691-6A7EAEC623AD}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{AE56CAC2-1DAE-4031-8D6A-BBB938C29866}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{B5E49B04-E2D8-48C2-AB89-1C5FF0AFD322}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{8DD8FAA8-A2A0-4149-97E9-0B107FB18932}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [TCP Query User{248EF257-D964-4842-96F8-D997D8DA630E}D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7BBC0367-2003-4B2A-876B-F651D8CE340A}D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{7D0799F7-A615-4AD2-A269-E0985B056624}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F14E3DB1-EA2C-4F0A-8EB6-A44169FE8993}] => (Allow) D:\Games\Steam Games\SteamApps\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{14F653AC-067A-454A-BA67-43A620342BE6}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{6B03AFB4-233F-42B2-882E-01FCDB7FF876}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{51255789-2A1A-4144-A937-C9B41FADB183}] => (Allow) J:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{2C830C30-B43D-4FE5-980E-306CA8B3C446}] => (Allow) J:\SteamLibrary\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{9FD7E615-4B6C-4B92-AAED-80372519BEEE}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{FD771DD5-A179-436D-8096-C883A9399B53}] => (Allow) D:\Replay\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{F22E5EF2-15D0-49B6-81D8-FF5C41D01FDD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8C4807BE-A74E-48ED-9C03-6F406A651D69}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{161126B3-FF36-4496-8417-9F32C23B22B2}] => (Allow) J:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{0A98CF84-0188-45A7-93EF-D1C222D3EB89}] => (Allow) J:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe

==================== Wiederherstellungspunkte =========================

24-05-2017 21:35:17 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ATA Channel 0
Description: IDE-Kanal
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: ATA Channel 1
Description: IDE-Kanal
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 03:01:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/26/2017 02:56:37 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/26/2017 01:25:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/26/2017 03:55:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARC-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/25/2017 04:00:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/25/2017 04:00:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (05/27/2017 04:42:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 04:41:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/27/2017 04:41:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.

Error: (05/27/2017 04:41:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Hamachi2Svc" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/27/2017 04:41:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Hamachi2Svc erreicht.

Error: (05/27/2017 04:41:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/27/2017 04:41:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetTcpPortSharing" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/27/2017 04:41:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetTcpPortSharing erreicht.

Error: (05/27/2017 04:41:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/27/2017 04:41:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.


CodeIntegrity:
===================================
  Date: 2017-04-27 17:19:19.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-24 02:24:20.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-06 01:43:43.992
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 20:55:40.349
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-25 23:20:14.322
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 18:07:44.468
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 18:07:10.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-22 12:48:36.392
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-22 12:48:35.343
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-16 14:32:33.082
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 15522.18 MB
Verfügbarer physikalischer RAM: 12641.08 MB
Summe virtueller Speicher: 31394.18 MB
Verfügbarer virtueller Speicher: 28283.43 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:145.95 GB) (Free:32.19 GB) NTFS
Drive d: () (Fixed) (Total:319.28 GB) (Free:73.95 GB) NTFS
Drive j: (Volume) (Fixed) (Total:465.56 GB) (Free:102.28 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3E10DDB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
Alles so gemacht wie beschrieben.

burningice 28.05.2017 11:52
Downloade Dir HitmanProhttp://deeprybka.trojaner-board.de/b.../hitmanpro.pngauf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version

eMKaWe 28.05.2017 13:41
Code:
HitmanPro 3.7.20.286
www.hitmanpro.com

  Computer name . . . . : MARC-PC
  Windows . . . . . . . : 10.0.0.14393.X64/4
  User name . . . . . . : MARC-PC\Marc
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2017-05-28 14:22:16
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 13m 50s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 1
  Traces  . . . . . . . : 67

  Objects scanned . . . : 3.125.764
  Files scanned . . . . : 104.173
  Remnants scanned  . . : 795.790 files / 2.225.801 keys

Malware _____________________________________________________________________

  C:\Users\Marc\Downloads\Vegas Movie Studio Platinum - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 22.5 days (2017-05-06 01:54:40)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 73D4DFC5F7C08D8AED336663E9E885D70BD346360D815B3089D1E990CE97408E
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 103.0
      Forensic Cluster
          0.0s C:\Users\Marc\Downloads\Vegas Movie Studio Platinum - CHIP-Installer.exe
          0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\57\9C272640C6F8C5C5.dat


Suspicious files ____________________________________________________________

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002286.dll
      Size . . . . . . . : 942.907 bytes
      Age  . . . . . . . : 1969.6 days (2012-01-05 23:13:56)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002287.dll
      Size . . . . . . . : 948.113 bytes
      Age  . . . . . . . : 1950.7 days (2012-01-24 21:31:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 1BE27031845D80D6803C15BCE2EBE1276C0CA17F3BD47FDA8EAD97DBF5A517AF
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002288.dll
      Size . . . . . . . : 948.118 bytes
      Age  . . . . . . . : 1945.8 days (2012-01-29 18:13:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3192353354FE593051B33886088D4C312ACB9A653D874281B2EBF131B80415CB
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002292.dll
      Size . . . . . . . : 956.681 bytes
      Age  . . . . . . . : 1875.5 days (2012-04-09 02:36:01)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 7218A15A9890CE82EB25F7AB5AC7AA60B4E3055C5574B70A6CABA4274D6DE493
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
      Size . . . . . . . : 949.613 bytes
      Age  . . . . . . . : 1708.5 days (2012-09-23 01:46:22)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 1530.7 days (2013-03-19 22:16:02)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 1390.8 days (2013-08-06 20:12:23)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002342.dll
      Size . . . . . . . : 969.032 bytes
      Age  . . . . . . . : 1010.6 days (2014-08-22 00:04:01)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : FC5702BFEF687EDAF89499C7849E4FDA0AF9D72A5A632C5B4E20F2562468596C
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\dll\wc002344.dll
      Size . . . . . . . : 1.014.616 bytes
      Age  . . . . . . . : 845.7 days (2015-02-02 22:19:10)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 64D8D164CC4FF898DDCCBD5D588E88AF2C1F7EA464C2B7519C78BF0D30CC6F24
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 1.014.616 bytes
      Age  . . . . . . . : 845.7 days (2015-02-02 22:20:10)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 64D8D164CC4FF898DDCCBD5D588E88AF2C1F7EA464C2B7519C78BF0D30CC6F24
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 1.014.616 bytes
      Age  . . . . . . . : 2036.8 days (2011-10-30 18:49:03)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 64D8D164CC4FF898DDCCBD5D588E88AF2C1F7EA464C2B7519C78BF0D30CC6F24
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 139.944 bytes
      Age  . . . . . . . : 2036.8 days (2011-10-30 18:49:14)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : E0AB414DBD7AA5888B861AE64B0F9674CED054C755502DDE124A91D6CD6CE97A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
      Size . . . . . . . : 956.558 bytes
      Age  . . . . . . . : 1996.4 days (2011-12-10 04:49:25)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 567AB086A18F5447AB036192A40837C4FB9679BDB54BE2DCF99F90F4BA83BCC9
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\COD4\pb\PnkBstrK.sys
      Size . . . . . . . : 138.160 bytes
      Age  . . . . . . . : 1996.4 days (2011-12-10 04:49:51)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 171C32702C73ECD6EAD6A120C5E0BCE649444BE4068C4ECA4C548644DF151A5E
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 1640.9 days (2012-11-29 17:26:53)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 1640.9 days (2012-11-29 17:26:53)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marc\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 1640.9 days (2012-11-29 17:27:07)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marc\Downloads\FRST64.exe
      Size . . . . . . . : 2.429.952 bytes
      Age  . . . . . . . : 2.6 days (2017-05-26 00:43:42)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 2B4DE3E0A23A0E4A8C83875C0BA9A3FDC4B332D90777DC0D9624DB4876BCD630
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.

  C:\WINDOWS\SysWOW64\GameMon.des
      Size . . . . . . . : 3.916.368 bytes
      Age  . . . . . . . : 494.9 days (2016-01-19 17:38:23)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : C2FA0CBBF038F74F8A30F86E289C09D488A36285BF6BBD45CD44C855F6696B1B
      Product  . . . . . : nProtect Game Monitor
      Publisher  . . . . : INCA Internet Co., Ltd.
      Description  . . . : nProtect Game Monitor Rev 2368
      Version  . . . . . : 2016.1.10.1
      RSA Key Size . . . : 2048
      Service  . . . . . : npggsvc
      LanguageID . . . . : 1042
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 25.0
        The file name extension of this program is not common.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
        Starts automatically as a service during system bootup.
        Program is code signed with a valid Authenticode certificate.
      Startup
        HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\Classes\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}\ (Yontoo)
  HKLM\SOFTWARE\Classes\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}\ (Yontoo)
  HKLM\SOFTWARE\Classes\CShared.TB4Client\ (RebateInformer)
  HKLM\SOFTWARE\Classes\CShared.TB4Script\ (RebateInformer)
  HKLM\SOFTWARE\Classes\CShared.TB4Server2\ (RebateInformer)
  HKLM\SOFTWARE\Classes\CShared.TB4Server\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}\ (ReimageRepair)
  HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}\ (ReimageRepair)
  HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}\ (RebateInformer)
  HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}\ (YahooToolbar)
  HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}\ (Yontoo)
  HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}\ (Yontoo)
  HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF}\ (RebateInformer)
  HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
  HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar)
  HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ (CouponBar)
  HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}\ (YahooToolbar)
  HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player)

burningice 29.05.2017 03:03
Schritt: 1
FRST Fix
  • Kopiere den Inhalt der folgenden Code-Box vollständig:
    Code:
    Start::
    file: C:\Windows\system32\AmbRunE.dll
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [ASRockXTU] => [X]
    URLSearchHook: HKLM-x32 - (Kein Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
    Toolbar: HKLM-x32 - Kein Name - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
    FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-22] [ist nicht signiert]
    FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-04] [ist nicht signiert]
    StartMenuInternet: Google Chrome.P5EZDHZD2ZPCKP4ZQ4RTYX6CSY - C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1449333750&z=e4b63f1b1d7104b9a10373fgcz4z6tdceccm7o0q4o&from=cor&uid=ST500DM002-1BD142_Z2A8V6R5XXXXZ2A8V6R5
    Task: {40569694-256B-4BC9-A933-E0F04D602776} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {4630EB95-233C-4F20-B2DB-C3B99597B287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {C5B79861-D633-4E14-8C63-090D9563980F} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
    Task: {D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {DC0002C3-CA7B-4051-A608-30CCD94B7A18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {F34F533A-D0ED-47D5-BD80-7E15B102B357} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
    Task: {29252641-8BC1-4D0D-B7E3-9786B7CE37EC} - System32\Tasks\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => pcalua.exe -a C:\Westwood\C&amp;C95\CCSETUP.EXE -d C:\Westwood\C&amp;C95
    DeleteKey: HKLM\SOFTWARE\Classes\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}
    DeleteKey: HKLM\SOFTWARE\Classes\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}
    DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Client
    DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Script
    DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Server2
    DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Server
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
    DeleteKey: HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
    DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}
    DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}
    DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF}
    DeleteKey: HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
    DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
    DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
    DeleteKey: HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Emptytemp:
    End::
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte automatisch aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Schritt: Frage
Hast du den Starttyp dieser Dienste absichtlich verstellt?
Zitat:
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wlidsvc => 2
Hast du noch irgendwelche Probleme mit deinem Rechner?

eMKaWe 29.05.2017 10:05
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Marc (29-05-2017 10:55:07) Run:1
Gestartet von C:\Users\Marc\Downloads
Geladene Profile: Marc (Verfügbare Profile: Marc & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

file: C:\Windows\system32\AmbRunE.dll
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1132746113-184105214-789198808-1000\...\Run: [ASRockXTU] => [X]
URLSearchHook: HKLM-x32 - (Kein Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {62d40876-df18-411f-9d34-a9dd7a197bc5} - Keine Datei
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-22] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-04] [ist nicht signiert]
StartMenuInternet: Google Chrome.P5EZDHZD2ZPCKP4ZQ4RTYX6CSY - C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1449333750&z=e4b63f1b1d7104b9a10373fgcz4z6tdceccm7o0q4o&from=cor&uid=ST500DM002-1BD142_Z2A8V6R5XXXXZ2A8V6R5
Task: {40569694-256B-4BC9-A933-E0F04D602776} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4630EB95-233C-4F20-B2DB-C3B99597B287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C5B79861-D633-4E14-8C63-090D9563980F} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DC0002C3-CA7B-4051-A608-30CCD94B7A18} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F34F533A-D0ED-47D5-BD80-7E15B102B357} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {29252641-8BC1-4D0D-B7E3-9786B7CE37EC} - System32\Tasks\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => pcalua.exe -a C:\Westwood\C&amp;C95\CCSETUP.EXE -d C:\Westwood\C&amp;C95
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}
DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Client
DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Script
DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Server2
DeleteKey: HKLM\SOFTWARE\Classes\CShared.TB4Server
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
DeleteKey: HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{001fce23-84d0-4886-971c-050baeb0b99d}
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0}
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF}
DeleteKey: HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
DeleteKey: HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Emptytemp:

*****************


========================= file: C:\Windows\system32\AmbRunE.dll ========================

Datei ist nicht signiert
MD5: 8942FD2FC4FD4898F9BE5915F577FFF1
Erstellungs- und Änderungsdatum: 2011-08-31 20:24 - 2009-02-26 12:08
Größe: 0017920
Attribute: ----A
Firmenname: Creative Technology Ltd.
Interne Name: AmbRunE
Original Name: AmbRunE.dll
Produkt: AmbRun Endpoints Dynamic Link Library
Beschreibung: AmbRun Endpoints Dynamic Link Library
Datei Version: 1, 1, 2, 0
Produkt Version: 1, 1, 2, 0
Urheberrecht: Copyright (C) 2009

====== Ende von File: ======

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-1132746113-184105214-789198808-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => Wert erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{62d40876-df18-411f-9d34-a9dd7a197bc5} => Wert erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{62d40876-df18-411f-9d34-a9dd7a197bc5} => Wert erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{62d40876-df18-411f-9d34-a9dd7a197bc5} => Schlüssel nicht gefunden.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => erfolgreich verschoben
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => erfolgreich verschoben
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.P5EZDHZD2ZPCKP4ZQ4RTYX6CSY\shell\open\command\\Default => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40569694-256B-4BC9-A933-E0F04D602776} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40569694-256B-4BC9-A933-E0F04D602776} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4630EB95-233C-4F20-B2DB-C3B99597B287} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4630EB95-233C-4F20-B2DB-C3B99597B287} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5B79861-D633-4E14-8C63-090D9563980F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5B79861-D633-4E14-8C63-090D9563980F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6B7E9CB-D5AA-48A3-972B-C1CB34642D60} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC0002C3-CA7B-4051-A608-30CCD94B7A18} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC0002C3-CA7B-4051-A608-30CCD94B7A18} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34F533A-D0ED-47D5-BD80-7E15B102B357} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34F533A-D0ED-47D5-BD80-7E15B102B357} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29252641-8BC1-4D0D-B7E3-9786B7CE37EC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29252641-8BC1-4D0D-B7E3-9786B7CE37EC} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBBA4B29-33F6-49CB-8749-A21364CD0FF1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\AppID\{001fce23-84d0-4886-971c-050baeb0b99d} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\CShared.TB4Client => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\CShared.TB4Script => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\CShared.TB4Server2 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\CShared.TB4Server => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{001fce23-84d0-4886-971c-050baeb0b99d} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{515d609e-9243-4edc-9fe7-2e923ecc94b0} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{EFB46ED3-8FD8-4051-8FD6-DD9CE7E63BEF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46} => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1132746113-184105214-789198808-1000\SOFTWARE\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} => Schlüssel nicht gefunden.

=========== EmptyTemp: ==========

BITS transfer queue => 7993028 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 195484423 B
Java, Flash, Steam htmlcache => 617823518 B
Windows/system/drivers => 168797603 B
Edge => 5732103 B
Chrome => 1231264984 B
Firefox => 5339284 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 73932 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 477727 B
LocalService => 32998660 B
NetworkService => 50582 B
Marc => 648545003 B
DefaultAppPool => 33058 B

RecycleBin => 144214120 B
EmptyTemp: => 2.8 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:58:20 ====
Und nein ich habe an diesen Diensten nichts bewusst verstellt. Wüsste nicht einmal wo wie und warum.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:34 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131