| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Sypware Befall gemeldet durch AntivirWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.01.2016, 17:23
| #1 |
 |  Windows 8.1: Sypware Befall gemeldet durch Antivir Ich selbst habe nicht direkt etwas von der Sypware bemerkt aber meine Routine-Untersuchung mit Antivir durchgeführt. Dabei wurden mir 6 Funden gemeldet und da ich das zweimal hinter einander hatte, wollte ich lieber nochmal hier im Forum nachschauen lassen. Nicht das jetzt irgendwie alle meine Passwörter unbemerkt einfach benützt werden ohne das ich das mitbekomme. Vielen dank für eure Hilfe im voraus, ich weiß sonst echt nicht was ich machen soll. FRST-Log Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Josef (Administrator) auf JOSEF-PC (16-01-2016 17:11:45)
Gestartet von C:\Users\User\Downloads
Geladene Profile: Josef (Verfügbare Profile: Josef)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(DVDVideoSoft Ltd.) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\bin\gimp-2.8.exe
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-10-25] (Hewlett-Packard )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-25] (IDT, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218144 2015-08-18] (Geek Software GmbH)
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1010 series.lnk [2016-01-10]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1010 series.lnk [2016-01-10]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1010 series.lnk -> C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{06B874F6-5C10-4CC5-B3AB-2DF70FF78468}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3F89C5F3-8625-4118-9C0C-8F35C501C356}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {26A83292-E79E-441F-B347-28E40CB3468D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {26A83292-E79E-441F-B347-28E40CB3468D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3441488294-490295330-2377242766-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3441488294-490295330-2377242766-1001 -> {26A83292-E79E-441F-B347-28E40CB3468D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3441488294-490295330-2377242766-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3441488294-490295330-2377242766-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-08] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3441488294-490295330-2377242766-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3441488294-490295330-2377242766-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-23] ()
FF Extension: Amazon-Icon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\extensions\amazon-icon@giga.de [2014-06-14] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\abs@avira.com [2015-12-30]
FF Extension: anonymoX - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\client@anonymox.net.xpi [2015-09-29]
FF Extension: Deutsch (DE) Language Pack - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-12-05]
FF Extension: YouTube Unblocker - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-02]
FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08]
FF Extension: QuickTimeManagerFree - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\{95c38ec9-f0d0-479b-87d2-642feda66b64}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: PDF Shield Light - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\{ac822cb9-a911-4e22-bff4-6a47e5bd9aa2}.xpi [2015-12-20] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9c074num.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\User\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-06-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-21] (BitRaider, LLC)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2015-12-12] (BioWare)
S2 Ds3Service; C:\Controller PS3\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-05-29] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-16] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-12-28] ()
S2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [103736 2015-12-28] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-25] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 GPU-Z; \??\C:\Users\User\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-16 15:47 - 2016-01-16 15:47 - 00011965 _____ C:\Users\User\AppData\Local\recently-used.xbel
2016-01-16 15:44 - 2016-01-16 15:44 - 00016428 _____ C:\Users\User\Documents\Badge.tga
2016-01-16 14:24 - 2016-01-16 14:24 - 00000220 _____ C:\Users\User\Desktop\Warhammer 40,000 Dawn of War Soulstorm.url
2016-01-16 13:40 - 2016-01-16 13:56 - 00000093 ____H C:\Users\User\Desktop\.~lock.Tau Bericht.odt#
2016-01-16 13:38 - 2016-01-16 13:56 - 00015219 _____ C:\Users\User\Desktop\Tau Bericht.odt
2016-01-16 10:26 - 2016-01-16 10:26 - 00000000 ____D C:\Users\User\Documents\RPG Maker 2003
2016-01-16 10:26 - 2016-01-16 10:26 - 00000000 ____D C:\Users\User\AppData\Roaming\KADOKAWA
2016-01-15 15:38 - 2016-01-15 15:52 - 1226964992 ____R C:\Users\User\Desktop\ubuntu-15.10-desktop-i386.iso
2016-01-15 15:04 - 2016-01-15 17:43 - 00000000 ____D C:\Users\User\VirtualBox VMs
2016-01-15 15:00 - 2016-01-16 12:21 - 00000000 ____D C:\Users\User\.VirtualBox
2016-01-15 15:00 - 2016-01-15 15:00 - 00001094 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-01-15 15:00 - 2016-01-15 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-15 15:00 - 2016-01-15 15:00 - 00000000 ____D C:\Program Files\Oracle
2016-01-15 15:00 - 2015-12-18 17:08 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-01-15 15:00 - 2015-12-18 17:08 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-01-15 14:08 - 2016-01-15 14:09 - 117163720 _____ (Oracle Corporation) C:\Users\User\Downloads\VirtualBox-5.0.12-104815-Win.exe
2016-01-14 23:39 - 2016-01-15 12:38 - 00009708 _____ C:\Users\User\Desktop\erinnerungsnotiz.odt
2016-01-14 18:49 - 2016-01-14 18:49 - 00000222 _____ C:\Users\User\Desktop\RPG Maker 2003.url
2016-01-12 16:36 - 2016-01-12 16:37 - 00000000 ____D C:\Users\User\Desktop\Nightwish - Endless Forms Most Beautiful [Deluxe Edition]
2016-01-02 12:04 - 2013-05-19 08:02 - 00039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
2016-01-02 12:04 - 2013-01-07 15:56 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-01-02 12:04 - 2013-01-07 15:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2016-01-02 12:03 - 2016-01-02 12:04 - 00000000 ____D C:\Controller PS3
2016-01-02 12:03 - 2016-01-02 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-01-02 12:03 - 2016-01-02 12:03 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-01-02 12:02 - 2016-01-02 12:02 - 07886712 _____ (Microsoft Corporation) C:\Users\User\Downloads\Xbox360_64Deu.exe
2016-01-02 11:46 - 2016-01-02 11:46 - 04117346 _____ C:\Users\User\Downloads\MotioninJoy_071001_signed.zip
2016-01-01 17:48 - 2016-01-01 17:48 - 00000000 ____D C:\Users\User\AppData\Local\BANDAI NAMCO Games
2016-01-01 17:26 - 2016-01-01 17:26 - 00000222 _____ C:\Users\User\Desktop\DRAGON BALL XENOVERSE.url
2015-12-31 21:30 - 2016-01-15 21:30 - 00003164 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJosef
2015-12-31 21:30 - 2016-01-15 21:30 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJosef.job
2015-12-31 18:07 - 2015-12-31 18:07 - 00000222 _____ C:\Users\User\Desktop\MechWarrior Online.url
2015-12-29 12:27 - 2015-12-29 12:36 - 02212343 _____ C:\Users\User\Downloads\Austrian Mod_0001(1).zip
2015-12-28 21:33 - 2015-12-28 21:33 - 00000000 __RHD C:\Users\User\AppData\Roaming\SecuROM
2015-12-28 19:51 - 2015-12-28 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2015-12-28 19:46 - 2015-12-28 19:46 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-12-28 00:12 - 2016-01-11 15:14 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2015-12-27 23:43 - 2015-12-27 23:54 - 00000000 ____D C:\Users\User\Documents\Windward
2015-12-22 19:00 - 2015-12-16 15:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-22 18:59 - 2015-12-22 19:00 - 00000000 ____D C:\WINDOWS\LastGood
2015-12-22 18:59 - 2015-12-16 18:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-22 18:59 - 2015-12-16 18:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00469144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00388560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-22 18:59 - 2015-12-16 18:34 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-20 00:43 - 2015-12-20 00:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-20 00:43 - 2015-12-20 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-18 17:08 - 2015-12-18 17:08 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2015-12-18 17:08 - 2015-12-18 17:08 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-16 17:11 - 2015-08-01 20:02 - 00022135 _____ C:\Users\User\Downloads\FRST.txt
2016-01-16 17:10 - 2015-08-04 20:08 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2016-01-16 17:10 - 2015-08-01 20:01 - 02370560 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2016-01-16 17:10 - 2015-08-01 20:01 - 00000000 ____D C:\FRST
2016-01-16 17:02 - 2014-01-25 17:40 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-01-16 16:50 - 2014-01-25 11:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-16 16:27 - 2014-01-25 11:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-01-16 15:47 - 2014-01-25 16:40 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0
2016-01-16 15:41 - 2014-01-25 16:39 - 00000000 ____D C:\Users\User\.gimp-2.8
2016-01-16 15:39 - 2014-01-21 15:03 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3441488294-490295330-2377242766-1001
2016-01-16 15:34 - 2014-02-08 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-01-16 14:24 - 2014-01-25 11:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-16 13:25 - 2014-01-25 18:15 - 00000000 ____D C:\ProgramData\Origin
2016-01-16 13:25 - 2014-01-25 18:15 - 00000000 ____D C:\Program Files (x86)\Origin
2016-01-16 10:24 - 2014-01-25 15:12 - 00000000 ____D C:\Users\User\AppData\Local\Warframe
2016-01-15 17:51 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-15 16:21 - 2015-04-17 23:44 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 16:20 - 2015-04-17 23:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 09:24 - 2014-08-27 21:04 - 00000000 ____D C:\Users\User\AppData\Roaming\.purple
2016-01-14 21:49 - 2015-01-30 07:56 - 00000000 ____D C:\Users\User\AppData\Roaming\HP Support Assistant
2016-01-14 21:49 - 2015-01-27 09:26 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2016-01-14 14:44 - 2015-10-01 14:39 - 00003868 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1398949701
2016-01-14 14:44 - 2014-05-01 14:08 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-14 14:44 - 2014-05-01 14:08 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-12 16:38 - 2015-09-27 10:12 - 00000000 ____D C:\Users\User\Desktop\Gesamtordner
2016-01-04 16:50 - 2014-03-18 11:03 - 01657012 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 16:50 - 2014-03-18 10:25 - 00695454 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-04 16:50 - 2014-03-18 10:25 - 00149620 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-02 22:56 - 2014-01-25 13:45 - 00000000 ____D C:\Users\User\Documents\my games
2015-12-29 01:12 - 2014-02-04 00:32 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2015-12-28 19:52 - 2015-04-23 20:15 - 00103736 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-12-28 19:51 - 2015-04-23 20:15 - 00066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-28 19:51 - 2014-07-05 22:52 - 00669184 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2015-12-28 14:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-28 10:53 - 2014-01-25 17:41 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-12-28 10:49 - 2014-05-28 19:38 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-12-28 10:38 - 2014-12-12 14:31 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-12-28 10:38 - 2014-02-09 19:50 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-12-28 10:38 - 2014-02-04 00:32 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-28 10:36 - 2014-03-25 22:53 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-22 19:00 - 2014-06-30 17:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-22 19:00 - 2014-06-30 17:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-22 18:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-21 18:24 - 2014-01-21 14:56 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2015-12-20 18:05 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-20 18:04 - 2015-07-29 14:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 18:04 - 2014-01-25 11:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-20 18:03 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-20 00:43 - 2014-01-25 11:42 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2015-12-20 00:43 - 2014-01-25 11:42 - 00000000 ____D C:\ProgramData\Skype
2015-12-19 19:00 - 2014-01-25 15:04 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2015-12-19 18:59 - 2015-02-25 18:39 - 00000000 ____D C:\Program Files (x86)\Minecraft
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-16 15:47 - 2016-01-16 15:47 - 0011965 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2015-01-27 09:25 - 2015-01-27 09:25 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-21 14:59 - 2014-01-21 14:59 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\drm_dialogs.dll
C:\Users\User\AppData\Local\Temp\drm_dyndata_7340014.dll
C:\Users\User\AppData\Local\Temp\EBUAFC4.EXE
C:\Users\User\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\User\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\User\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-12 15:22
==================== Ende von FRST.txt ============================
|
|
16.01.2016, 17:24
| #2 |
| | Windows 8.1: Sypware Befall gemeldet durch Antivir Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-07-2015
durchgeführt von Josef (2015-08-01 21:04:58)
Gestartet von C:\Users\User\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3441488294-490295330-2377242766-500 - Administrator - Disabled)
Gast (S-1-5-21-3441488294-490295330-2377242766-501 - Limited - Disabled)
Josef (S-1-5-21-3441488294-490295330-2377242766-1001 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4605 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Dark Crusade Mod Tools 1.20 (HKLM-x32\...\Dawn of War - Dark Crusade Mod Tools_is1) (Version: - Relic Entertainment / THQ Canada Inc.)
Dawn of War - Tyranid Mod v0.45DC (HKLM-x32\...\Tyranid_Mod_v04) (Version: "0.45DC" - "Team Super Ninja")
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
Dawn of War II - Destroyer 40k 2.0 (HKLM-x32\...\Dawn of War II - Destroyer 40k 2.0) (Version: - )
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Depth (HKLM-x32\...\Steam App 274940) (Version: - Digital Confectioners)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version: - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
DOW RDN Tools (HKLM-x32\...\DOW RDN Tools_is1) (Version: - Relic Entertainment, Inc.)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 2.0.1315.20 - Infernum Productions AG)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version: - Streum On Studio)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
GameMaker: Studio (HKLM-x32\...\Steam App 214850) (Version: - YoYo Games Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Deskjet 1010 series - Grundlegende Software für das Gerät (HKLM\...\{0DE81A9F-2182-4DCB-93E7-05255CFF6937}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1010 series Hilfe (HKLM-x32\...\{307E9E87-616E-4DC5-B509-6AB3BD2BBF87}) (Version: 30.0.0 - Hewlett Packard)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICQ7.1 (HKLM-x32\...\{71BFC818-0CED-42D6-9C87-5142918957EE}) (Version: 7.1 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6429.0 - IDT)
Inquisition Daemonhunt (HKLM-x32\...\Inquisition Daemonhunt) (Version: - )
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version: - )
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (Partnernet) (HKLM-x32\...\{57672BEC-E777-4D4B-944A-719414E84D3F}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MyFreeCodec (HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\MyFreeCodec) (Version: - )
MySQL Connector Net 6.3.7 (HKLM-x32\...\{5FD88490-011C-4DF1-B886-F298D955171B}) (Version: 6.3.7 - Oracle)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
pyfa version 1.2.1 (Kronos 1.0) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.2.1 (Kronos 1.0) - pyfa)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment)
Resident Evil 5 / Biohazard 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom)
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version: - )
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Space Hulk Ascension (HKLM-x32\...\Steam App 317620) (Version: - Full Control Studios)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version: - )
Ultima Online: Mondain's Legacy (HKLM-x32\...\{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}) (Version: 1.00.0000 - EA Games)
Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\Ultimate Apocalypse mod 1.73) (Version: - )
Unity Web Player (HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version: - Ubisoft Montpellier)
VASSAL (3.2.11) (HKLM\...\VASSAL (3.2.11)) (Version: 3.2.11 - vassalengine.org)
Verdun (HKLM-x32\...\Steam App 242860) (Version: - M2H)
Victoria II (HKLM-x32\...\Steam App 42960) (Version: - Paradox Development Studio)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
Warframe (HKLM-x32\...\{49A5AEA6-92E1-46A8-8371-114F1CE2C2A6}) (Version: 1.0.0 - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Witch Hunters Mod for Dawn of War Dark Crusade -Patch 1.2 ONLY- (HKLM-x32\...\Witch Hunters Mod for Dawn of War Dark Crusade -Patch 1.2 ONLY-) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 3.3.5.12340 - Blizzard Entertainment)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3441488294-490295330-2377242766-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
29-07-2015 15:32:26 Windows Update
01-08-2015 16:25:00 NVIDIA PhysX wird entfernt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {290AECB8-89EB-4DEF-8D68-2D3063EE7FF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN46G1843X05S8 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-21] (Hewlett-Packard)
Task: {307BC619-7AC3-4856-97C8-7D9646899985} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {3238AD63-6CE5-427C-AFE6-CC8078281057} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {3C05317C-400E-4452-A0BA-AB58280BD160} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {814CD333-5294-4E5F-AA12-1592012FBCB5} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {96931885-7A2A-41F5-A294-E99B17431352} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {970FB959-6C61-4A22-83E1-4483A8CE172B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-21] (Hewlett-Packard)
Task: {B052FD16-E99E-49A1-B317-9310D1922C6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {FC1464C3-DAEA-43C4-9637-0EC6BFA3D4B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-06-30 18:09 - 2015-07-23 03:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-23 21:15 - 2015-04-23 21:15 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-10-12 19:22 - 2012-10-12 19:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 19:22 - 2012-10-12 19:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 19:22 - 2012-10-12 19:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-06-30 18:46 - 2014-06-30 18:46 - 00120224 _____ () C:\Users\User\AppData\Local\assembly\dl3\JCYBEDLW.AAB\WZ8EMY0Y.VNT\83336c3f\00b31c1a_9ea8cd01\HPItunesModule.DLL
2014-03-15 20:54 - 2014-03-15 20:54 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 20:54 - 2014-03-15 20:54 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 20:54 - 2014-03-15 20:54 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-08-09 11:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-08-09 11:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-15 20:54 - 2014-03-15 20:54 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 20:54 - 2014-03-15 20:54 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-08-09 11:43 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-08-09 11:43 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 20:54 - 2014-03-15 20:54 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-07-29 15:55 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-01-25 12:46 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:40 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 21:29 - 2015-07-24 01:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 16:40 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:40 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 10:01 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 10:01 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 10:01 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 10:01 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 10:01 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-01-25 12:46 - 2015-07-24 01:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-29 14:32 - 2015-07-07 22:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-01-25 12:46 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-02-19 03:22 - 2012-06-08 05:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-02-19 03:15 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\User\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\205125_md-Adeptus%20Sororitas,%20Artwork,%20Digital%20Painting,%20Sisters%20Of%20Battle.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3441488294-490295330-2377242766-1001\...\StartupApproved\Run: => "Overwolf"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0966FE6A-250F-46A0-8E7D-E7A0410409BD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8C11072F-2CD5-45D1-9D01-BA99CDC3D401}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{6B5CFF78-1684-4F67-83FB-C5BE2BE86428}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{95AFA8AB-7327-481E-A9D8-5110D6D50A7B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{7006021B-C2F8-4161-B695-9447E41340F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{28536619-A621-4EBA-ACA5-0A1772DF4218}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{E1F7BF12-02DC-478D-BF80-ECB8A75B6A26}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04EF3EB8-0BFA-460F-9673-F8A7869B70AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{09BC8144-AD7C-4FE9-B513-6F2BD01FA72E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{140760D8-ADFF-4B48-8B3C-605F1E4C1685}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70BEA216-45B9-4F40-AA08-D6D066E33680}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{7283E9D0-0F3E-468B-AB75-CBCDBF1B97F9}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{CDB1064E-226D-4962-9D99-A10203A41A1A}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{32C45129-496E-4189-8B91-AC14203EE7D4}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{CF99A747-2375-4245-BA37-5B525DBA860C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{6E8AFBB1-A2B8-4D11-BE0F-580D4E6098E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{1302CC29-7E5F-4FEC-80EA-30F91B026500}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{8E075F7A-3A68-4526-A6A9-87E1E87BAFED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{33C1CDD0-32EA-4746-84A0-C8F420D00A0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{9A39561C-A572-4D3C-9C90-0EF1690C851D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F8796B3B-1664-46C3-A26A-BE8329341B20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\loader.exe
FirewallRules: [{6EC37702-A491-4567-B04A-4C1291EDC59E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\loader.exe
FirewallRules: [{13815842-40BC-40DC-B2A8-B10F01ACE345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\wotr.exe
FirewallRules: [{25FE0F79-C9E3-4ECD-BB97-F8516E75AA76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\wotr.exe
FirewallRules: [{ABDECFF2-FF2E-4967-9D83-ABDF987B91D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{8F12F0FE-038D-4ECA-A724-30BCC50F64C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{DE2A0156-0927-4159-8B82-13D835096343}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{05BB0009-2765-4126-825D-233EB25300D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{C8F2E528-A64F-477E-9A4B-CDB859AC0216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6EEAB07D-F535-4C56-863B-4D0F25344BB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{CBE6C757-7C3F-44B1-80F3-D1D9B8EB0CFD}] => (Block) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{956BDCAE-B4C3-4CA8-9F9E-4B639C394105}] => (Block) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{1E5B416B-8D29-4507-9FB1-1ECB47B24329}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{E98D4AEA-7998-4D4E-AFB0-FA5CD748247F}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{E6ED68A7-9054-4E12-8184-6EE5C75D98A0}] => (Allow) C:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{8AB868D5-F90A-4874-8AC1-DA09BE181360}] => (Allow) C:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [UDP Query User{BCCB471F-E7CF-4532-821A-66DB63FBC4E3}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [TCP Query User{9ED3FE3B-BAF1-479C-84AD-034BD5C417D8}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [UDP Query User{AF8BA46B-E6AA-4876-B2C0-D96BD04D18F5}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [TCP Query User{55D2A043-04B1-437A-9FCA-3F263B1C2230}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{F6051F7E-8F74-47F0-8B9B-9828B9B43F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{44E7FA80-51BE-46E3-B8DB-1F50CA6986D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{4026E3DC-1036-4FC2-A487-A3010517D89E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{607BB634-78C1-440A-B3E7-64E281E0D5C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FF311827-01F9-4DE7-BD8F-CB26449F4A96}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{90885B03-2E12-451A-AC83-BA1203A8DFE3}] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{4E2C0DB3-B1C4-4C0B-92D5-D4803039322E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{23A72978-1F17-482F-940F-08B87645DF46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{E9F76618-A938-4D82-AA3E-125044918B08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{6DE901BE-CF5E-492B-9755-46B893AEBDE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{9636DC62-8B60-4D52-8BBC-CF27DE3D51AA}] => (Block) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{F9C21DAA-8683-44D6-80A3-FC0B5E98A29C}] => (Block) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{613B8A1A-3F15-4830-AFE8-B3764D66871D}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [TCP Query User{A9D1929D-8A8B-4D66-93B6-A35D97D1EC7C}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{9356923D-DEEE-4871-8093-1AF462C6A9D2}] => (Block) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [{23A4FFB9-BC2F-4F37-A900-7498C0565140}] => (Block) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{3EF75FA0-EFFC-422F-9F7B-FDA58A6D8272}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{7B59FB68-9652-4BF8-A13E-AE6989A6A42C}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [{4E6425B7-6B24-40DB-B98E-0CE3247819F5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7A249709-CD10-42FD-8BDA-74902EE41321}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7E53C48E-AC0D-4E85-BC46-FA62B1FADC46}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6ECD716A-0669-4410-83F0-E2621F703DE4}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{820CD2A1-D1DF-48CA-B76D-A7C86EE96F83}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\soulstorm.exe
FirewallRules: [{49E671AC-D0CA-4090-8AC4-5028DC633646}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\soulstorm.exe
FirewallRules: [{CD89BAD3-8737-4B11-8707-62D1BF5006F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{191F9A6A-F74B-44A2-BCBA-5ADCD6D32CF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5739F4C4-1B03-4A7F-91A0-DFA662308D4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{6E0D2865-ECBA-4C0F-935B-607722325BAD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{ABBC09EA-DF89-4C23-AE28-A61BD1FA3518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{598CE82B-A239-49B9-8F22-C4AD821D4C69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{89D2AFEB-9E97-4564-B93D-60AC686740FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{BA540372-D851-405F-8896-9697B2D0993A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{4C1735A8-BB5F-44BA-BD71-15936CE52493}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9750A8F1-3826-41D2-A29A-770F3A1AF695}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{17942D26-C32B-4560-8352-9C3346FCD6BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C52428FF-C48A-4A9C-B4AC-EB3772E9334A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{D43E6ADC-48B6-4259-A576-37EB4D9B9CD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{1F0016EC-59C6-47F1-8316-E8BD424D6C50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FED4E1BB-5EE3-48F3-BB18-E4FBBF3A1A7B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C8576BD3-6F2D-40D4-B233-189DFAA8EA1F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{5502FE89-00D3-437A-986B-15EE167ACD47}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{2FDBBE82-8E68-408D-932D-A565FC876F9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{5C80E1AF-6A23-4874-BED7-C5E0A960C86C}] => (Allow) LPort=1900
FirewallRules: [{A297F828-C3AF-4284-8022-79562E37EDB2}] => (Allow) LPort=2869
FirewallRules: [{02F293DC-F802-4FF2-8F2B-E283E39A47AE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A7697429-883B-4643-B3EF-42BC44D9C9F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{322B46EE-768D-4BC3-88B2-59027CAB47E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{38AF990F-DE38-424D-984C-16AEB320F52A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{61D7E78A-1BF4-49DE-A1FD-57CA427ACFC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{CB0EE5CF-03E1-4899-B2FE-199CA4EF1430}] => (Block) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{E350E46B-996D-48C4-9947-325B494C6FFD}] => (Block) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{217AA3CA-5CCE-4416-9D0B-A7F85FD59FC2}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{E5D11E00-5B9D-44B3-A791-C6EB271DF871}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{FC9710EB-5556-4C04-8C06-4C0A87B000FA}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{9F7FCEAE-CBEB-4ED5-868D-BB472FFBD97B}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1C1F6A77-0BA7-4339-836F-550335CCCBF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{D43C0453-30FB-4FF7-95B7-76EE7E9846A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{97391E08-D4EC-4F34-92EB-9A3143B8B21D}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{0CE35BDF-E2E8-4CC3-A995-6066EE891427}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{50C7D7F6-66A3-4AA4-87B4-3AEDEAD21B9C}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{B343ADD3-DB7B-4448-B086-684B9CD4C24A}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{E0049C84-9618-46FA-8607-0BBC43F827F3}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{BDCFDAED-EF25-4F48-ADB4-46ADFF2911ED}] => (Allow) C:\Program Files (x86)\ICQ7.1\aolload.exe
FirewallRules: [{DE06AA71-B798-4C35-96AD-D1234EA81FE9}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{800B8F3A-E411-4B24-BAE8-0BEF6F80D8F4}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{A4912148-2DFA-4DE5-B5BC-53417DE91EFD}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{6AFA07F3-8564-4DF6-A5A0-84D09C2668A9}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{66470CBA-C334-4799-B245-ADF941ED5B7A}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{08176A98-560F-43C6-AFB9-81D30EC40326}] => (Allow) C:\Program Files (x86)\ICQ7.1\ICQ.exe
FirewallRules: [{4ED0C524-E0F0-4F8A-86F4-4DACF33A1982}] => (Block) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [{07AD02D3-66E0-4F3E-B903-5505E20C6E15}] => (Block) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{9482F2CA-E00B-42EA-80E6-C527FC94ECD1}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{5D0ECCC6-9656-4ECC-89DE-45D5B983A9FB}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [{40927B44-901C-4636-9EAF-C49CA53D3AB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2C251B57-9774-4A6E-939E-B0BF2ABD6AD9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{409E1BA2-AC1D-4585-B534-4457E4BCB9C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7EA06D61-1417-41FE-AAE4-71B94A40AB61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7874F062-7FC9-4FD4-BF39-809349FC8D6F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0A40F9CD-E5B4-4D8E-B3CB-980079B87D1B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{14973220-1B8F-4EBD-BD7F-FDB4480367C0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CEB3275C-370B-4451-9730-5C00332C2FA3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F8853189-20E4-4475-90D4-9D38000DC463}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{9DD2C755-6093-4D39-A98D-2C37D7C1763D}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{436C89B5-BC59-4ECD-901A-04BBFABA6DE3}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{7DA01D73-BF7E-4BEC-82EB-DE0AA336816C}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{7E4AE9B0-0E8A-4528-BC8D-1D0AF59FFF46}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{35D9E940-B051-49E0-ADD4-F09816A5288F}] => (Allow) C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{40687AA1-BB09-4B1F-936E-A97E71CA635D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{F54605CF-D755-45EC-B62D-B85A25FE99C9}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{2AA404D7-E23C-49EE-A6FE-05A4147E32FF}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{E53A41AC-43B5-4A88-954D-3CEF6DED3ADB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{A7E6C1E3-729C-45F4-8699-42439D36F722}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{17BFDF22-AC6B-411A-98DC-7174067FFACF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BCA134F1-9E24-44A4-9A0F-5667199C0162}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{B04571FB-A86A-44F8-92DA-960EE7033033}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [UDP Query User{6CEF8444-8211-4521-BA7E-1F81E2AB3370}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5C9ED4EC-2E78-4D08-9C2C-3396298C5380}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{2CE07FF2-135E-43D7-B63B-D01A718B54B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{7ADE02D0-CA3E-47B9-BA2F-DA549D207D01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{FFCDC645-FE5E-4D5C-BAC1-5C79AB3A258A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BF48613F-B525-4A65-A942-711C00E0C47D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BC35909A-CF6D-449E-A090-5845BA9971B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{0CCC838C-C413-40FA-9CAB-BA3A6B472E17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{5AABC1CD-C50D-4779-9025-CC23872E03AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{E3A0833E-9C12-41B0-8D48-AED18943BD17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{61A3EE69-1345-4DD9-96C2-05FDBCD1F8F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{905ED32F-5005-4E31-A371-1F1E58939A35}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8992E4C1-2A93-4339-B487-DFEA749D5CAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8187E99E-CAB0-404C-99E9-04FEE59B905F}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B6382473-712B-4973-9A2D-A384EA1173D1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{EA2C8CEA-6CAD-43F5-BE23-E4957DB7F532}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5F89B5A1-FD7A-4F13-B42C-33AF14923AEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6C8CB570-7FD7-4A56-9F10-4A3602924607}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C52A75D1-BB6C-4DF7-A20C-5A1FBF798AA7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{40FC0F19-7739-44C5-9006-2C4E87FCDFFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3C5553AB-EDBA-48BF-A73B-5EF2BAF7D5F2}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{35C87915-A0B7-4ADB-A840-24FBB103C21A}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{90F3E06A-85B2-47A6-821B-5D177ABFBDCF}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{DE04C495-6A8A-41CE-B523-5CD98E7E5C25}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{F2044390-2DAB-49BB-9A1D-5680F788EF76}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{A80696E6-0A2D-4FB0-BF09-6CF0136A9C06}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{FAE12BA0-CE95-4490-A269-B4F12DA3868C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{6E61AA8D-83B9-468E-9E1F-7EB89BD618B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{231A3314-86C5-436F-8FF2-B05DD890347D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{40E6C05E-97D3-45A0-9F10-85AA672FCB0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{ECD78760-7FFC-4751-BA38-331F44EFA6E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{2BEA46C1-AA5A-4269-88BC-F7F0033265DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{562C0527-839C-4C83-BA56-0381C095B283}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{594DF821-E6DA-4994-8EC4-F63BAD511924}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{4A25BFFE-F369-4222-995C-A45C0458F96C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{2E823731-314B-4F20-BDA7-F88478E4A1F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{D55AAA04-3788-4E7D-A37E-53D0D505CB80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{24AC3508-8577-4721-93EE-B539F3B50C4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{6E79E333-E6F0-4485-A1DE-6BB1E548C212}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{3541BCEB-884A-4E9D-A250-0016E37BF61E}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [TCP Query User{0B33AD1D-1CA9-410F-AB80-DE2CCA67702D}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{7D79E5A4-52EA-4AC4-994A-396D2EAA9D5C}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{52E5A27F-882E-4CBC-8714-E828E978ADFC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{A2658328-98C1-42F5-9A8D-53E9D41C3DBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{77118AE0-C544-4B64-A3F8-F63F52C71063}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{82EE631C-7CD6-4F39-8C69-5B3979D79BF2}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{0FB43ABA-E82B-4598-8A1E-B1398221D5FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{A32E5E5E-A206-4E31-8F91-A78B5A6EC597}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{48E65A78-269A-4BF1-AD80-C496C7D1601B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EYE\EYE.exe
FirewallRules: [{353AEE40-661A-4950-B9AF-D18E71520618}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EYE\EYE.exe
FirewallRules: [{E7F8E3D2-AA04-419C-B5CB-59C5D63AA91B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{5A450649-B5FA-4D14-893F-EC2A80F3EAC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{38828B56-7B78-4AB4-990F-F26D6D4F5689}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6E9BA3A4-652C-4BEB-82D9-DA58C67D3916}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{9175AA46-CFEB-4FF1-8389-EC77A6887ED5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{84FD8CCF-6651-4837-AE25-4CC862B6093C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{13603CA3-1B3C-480E-B9D0-9FE93D2B1CB8}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{81F26DED-7D1C-48D1-8F50-025B38575EF9}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{0B71AD25-8F9A-4BF5-B3C7-0CA92112D7D1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{78E4629D-01A3-4381-9C7F-789543AE2A2C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{EF731521-1AAE-4977-89C4-F8D43E72F8B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{AE64B535-18E7-41A7-8421-348BFF779714}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{781D8CE0-E55D-459A-AD27-29F7CD20C96A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{7004C49B-A986-48B3-892A-F4F6619D7FC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [TCP Query User{239C9269-ADC8-4CD3-8F3F-71EAB29E899D}C:\users\user\appdata\roaming\icqm\icq.exe] => (Allow) C:\users\user\appdata\roaming\icqm\icq.exe
FirewallRules: [UDP Query User{604491E6-9ED7-4AC2-8C54-D7D5574BE239}C:\users\user\appdata\roaming\icqm\icq.exe] => (Allow) C:\users\user\appdata\roaming\icqm\icq.exe
FirewallRules: [{177D3C90-E915-466D-B495-82FA510DC9CE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7B636A50-39AB-4663-9970-E40E043E5C4B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3476D9EE-E8B8-4FBB-85AD-99EB11A6955E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{21C5DE10-6437-4420-9EC0-DBFF92D6F042}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3F0581A2-EE8F-46DE-A3A0-6DEE5389031C}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{4465A60B-E1EB-4821-BAD1-E48EA0247DD3}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{E4F55732-8C8C-4299-AFBA-4EC7DD8CDDD9}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{C83B1911-172A-4FCA-BF5E-4C328C80B3A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{AC7351C5-E266-487E-B9BD-A64D6CFAD5E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{F590293A-0306-45A0-98B3-FCA603A72E11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{1D2CADF9-3CE4-42E4-9A41-925A7711030F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{2FEEEDB7-AA36-482A-A3C2-87E411E9A7D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{25463910-9990-48F5-82CA-8B6B1086F1ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{2B1C4474-A211-4569-8E83-20E730EF41B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{6C915F6D-C486-4BE6-BDF7-07A86F4FCC73}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{084B9636-289B-40DE-B28D-F4CEAF100C11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{E9EBAB0F-2CE0-4EA3-8FDD-2477E2CB1E45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{1E74C517-87FF-452F-84A7-F9718926C1CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{367CDCE0-204E-4008-A2E2-B0FDEBC79A7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{97CD4962-BD42-4BA0-9A5D-2594BF43ECF0}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{3DE3EAF7-1A29-4D61-AA29-27F73004324D}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{5B3A3D66-C3CA-4F15-BED5-F3AE6A7528CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{D396A5B5-3A36-4A68-AB7E-D2ECB5776976}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{3F386A6D-1F02-45DF-91FA-DE0C0B2C3416}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{FA711BBD-11FB-4464-B0B2-FABFBE9A6395}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{0A380FE9-6F2C-4C22-AEE8-ED4B632E2222}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B143998A-FCB7-419E-8AD3-7C33E52709CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{2DC75D73-0EE6-451E-8791-C1485D8E3075}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E6503CF8-DCFB-4225-9DF2-91D2BC9A2E65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{B197DE61-2FFC-452C-BED0-123E316018BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{EB345F74-A7F4-4D2A-B279-7F2A70EA66AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{A796975D-C1D0-49C5-A407-7ADB41E9E1E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{4FCD08BF-CEDF-44EE-B66B-73564072B226}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{27C9F3BC-902D-40F9-8DF4-7C4FEE836625}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{32647D60-B305-46E7-98AC-996139238577}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{5BC6CB2F-AE5E-4FEA-B34D-6C71AAE76340}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{80157CF6-AABE-496D-B00E-057C9AC0A379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [TCP Query User{8849223B-2BDD-4C3D-A67D-03E451B6C806}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{853F8701-D0A3-4624-8812-FF491AC3C475}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{CACC0CEC-F9A4-4A4D-BA2A-023B1AD172A4}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{EAE23E49-C788-4C8D-955D-B05236E1B203}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{5912521D-B5A8-4139-AD72-0BA09A032E2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{1D641243-0DC9-42E3-BC3C-89357ADEF2EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{283C512A-68D5-480B-A7E7-DDA24873F122}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{EA495097-59A8-4DFB-B2AD-12FE911530F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{57FB4EB1-7F1F-42C7-A8BF-8790E2B5D8CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{31F16080-8F15-4EA0-9F98-375B77FC03FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{0C66FB9E-ADE7-43FD-B805-F813BE35E287}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6157CFD2-3906-4BF0-8CBB-1A302C1C9A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{F10185E0-35D6-4D7C-BA22-801BCBB9A7DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{A744AD6B-805A-46F8-AE82-2254B8CE396E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{D3950A34-B0DF-4741-AE9A-D5D2E6FF5FE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{808E5680-CA86-49AE-9637-C822C5DA7F6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{F862B45B-66DD-4833-AC9F-80C67E173196}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{CC72F23A-9006-458C-A933-95441641DEEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{6911322E-DFCF-431C-B668-B2E4FCC272E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{86D6C0C6-D3BB-4D0E-83FD-D2F8424A4A03}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{0D435DE2-B25F-489C-ADE3-C62B9BD82764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{71A42E32-49A0-4EB4-AE6F-5A7F0A878AD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{2410B03F-9F52-4C73-A3F7-B1888F31C222}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{6A322E82-FB51-4B48-9DA2-71D65AE601AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{26025E1B-B92E-4B6D-9136-DD219D53BF97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{AB29BF0B-35C6-4A4F-AC36-57AD016C0086}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{791F23A6-8AE8-4E21-9391-3B7EEC63037B}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{50262BAC-D6A3-4183-BE8B-5E3F2E331BFE}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{A2D7EC9C-54B0-474D-AD39-2EE996C6DF0E}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{37E98415-7A25-4F77-AFB3-097E19F81F1E}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{DF929226-22D1-45A4-8895-B1D52D1344A9}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{1DC32F6E-6716-408F-A268-8DF691FE057E}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{97DAA817-39F1-4E3C-9A91-C7DFFB851974}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{C06E2ED9-E998-4937-B1F7-75BC5E48C752}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{B3DD38F7-C30F-4601-96DE-78FE29D7F4FF}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EB7E2688-0F0F-49F3-8814-4F41AD1162FE}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{B4062088-92BB-41DA-8315-16EACE3FC8B5}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{3A0A73E3-DA68-4FC0-8728-86DF8228C670}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{6BC42968-94ED-4445-8C60-51ED0AAB2FAE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{27BA0027-93D1-4994-99DE-F04164B13CD4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{8C0FB303-98B1-49A5-B745-4A7EED8CDC23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BD8E09D0-6337-4205-8829-D3A0591EDFA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F2ACAFD1-B2F1-4CCA-8D4A-8F7926CB94A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{E4007B5D-7F74-47F3-8C7B-4725FD534DBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Verdun\Verdun.exe
FirewallRules: [{712023CB-0F10-4CFD-8F50-94B06447F711}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{9CC63E64-2E1D-4BC7-995D-A70050DF0321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{3658CCB1-50F1-4EB4-9E59-62C8C28A3F55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{B66D71F3-E6A1-4012-8C9D-DAAAB890D533}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{A5762018-7CFD-4B04-8041-6B31A17E957A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A8CD626-ECBE-44EC-85A8-FFCFB6F9D5D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5616FB83-6C4B-4FA1-A706-E34B1B4179B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Hulk Ascension\game.exe
FirewallRules: [{B15C158E-1486-4BBE-BD92-7258B75E2328}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Space Hulk Ascension\game.exe
FirewallRules: [{0D988040-3CA7-4144-BB2F-82E1AEBEDECA}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\USBSetup.exe
FirewallRules: [{7F3D3C4D-403E-44F4-A016-6E47AEC8958C}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{29AFB680-7A6F-4F9C-907B-E8C4B0BEBE86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9525E0A5-78F8-4215-8FEF-F4538A559121}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{0E44D2E9-AB43-4E60-85C1-F3B9A148CEBD}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{16CAF364-F0D9-404A-BDD4-3878BF2785D6}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{2B285E94-8E3C-4A82-BF52-1E3665E6C4CB}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{7E9C0B93-6E59-476C-9338-2FE89095CBC4}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{3DA73FB0-8497-4E1B-A9C2-0740F1355835}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{B37CA192-F073-4CEE-9F01-AF418A6A01A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{F5867C89-CAD2-4489-B1E7-CFBC50A39EF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{C5A8B12C-1418-4300-9126-98EA888EAEE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{468B6933-D9ED-4CA2-9EFC-09A3BFBECD64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{6B33FBAC-9D23-49EB-930F-12073C2F84F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{881B2521-FA60-4305-8EF9-AD6CB5286424}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{B9BB410F-9125-4E37-9678-37B3ACBE2591}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{379CDAEF-1A82-43CB-B582-CA5D38BC8E44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{EA1BCDD9-61F9-4783-B895-E144A20902C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [TCP Query User{D987953D-F3FD-418F-9C00-5BE02E9C105C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A0DE60EA-21E0-4927-BAA5-57591C29730F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3AAADEEC-D316-4169-9046-AD16981B29CC}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D2C5F2E4-9C1F-416C-A1CE-3B5C7EFC1E48}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E94C4975-4A79-4528-A846-39E331B9FB9A}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{895C2C83-A672-4BBF-90EE-F3BA63127E47}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{ACBE48C7-F1A2-4527-92E9-9DB96AC24463}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3FF847ED-7118-4E58-804E-8939D774F894}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A6C22993-EE66-472F-8B3B-E3196F58E605}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{493CCB70-3744-4DEF-9828-3B35CF0D8FD6}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B296A033-1D2D-4786-B738-17668528E14C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{E722FFAF-AA68-4B0A-82A8-345F3F83ED96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{F897E776-8362-4627-95EA-5133D4CF229F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{73460FB8-E6EA-4A73-965F-E8BF28F00761}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{3C6AB4DD-C6B2-42E8-8C9A-BEC6079E9EAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{1CD9640B-3991-4137-A63A-26A9C19A17A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{3A88C4FC-4531-4AEE-995A-F71B37047B04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{CE33DFA0-9209-4F26-BCE2-36BA46E24233}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [TCP Query User{9AC86469-0E4A-4B03-92DA-DB3FFD7CEEED}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{72A51F40-089F-4262-A491-7837FE8B4178}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{E306D924-7403-40AE-9F80-B2E755AD1847}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{2B818E3D-2BE1-4318-A3F8-154FBA508A2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{D407F19F-9705-4E12-B33F-FF13726B887A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{08A6ABF7-13CD-4712-9C62-5226EF8E0311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{EA0BF491-B0E9-4872-8DB5-4A05207C175E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{43D5DAB0-62EC-4B56-B7A6-1EFDED396E20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{15504621-143D-4CF4-B6DC-D1587BB78289}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{78F25391-18D7-44DE-AEB5-13A4AF4EC5DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{26727797-0DF9-4931-82C3-0EC3F8DB3BBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{162C70C5-EDC8-4FB3-B121-475CB1B9F5BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [TCP Query User{A00667F7-0CBC-495F-8F60-63E30DC5502E}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6D1E8B82-F995-4AA0-A164-EB3CA6645852}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{F7244C87-CDE2-4AB2-869F-ACC6923D7C7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{9504DAE6-EDC3-4147-BA38-1A0EA1FE5A36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{A277490B-2283-4E93-BAB9-5AA14D0CD11D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4F2068A9-D49B-4A72-B2CE-9ACE80E884AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4D4EB668-EEC1-4513-90B5-CB66224AA683}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7C78F4D5-817D-4689-B173-43539AEFA3B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{ACC09D84-B980-4E84-9D01-C5ABC533480F}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{AFB976C3-4A92-4E74-90E5-3B65293FCE7D}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{B41B1276-240C-4089-B3BA-C61190529048}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\daorigins.exe
FirewallRules: [{ECAE986A-4D9D-4EA2-8F8E-71A4530F8269}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\daorigins.exe
FirewallRules: [{2C068E0E-BCBB-4110-B201-704493DF2D4B}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{2541D9C9-69D9-469A-9E2C-907F76D7B765}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{45E1D340-0AE6-4810-8CC1-8AC8AF712F61}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{07457BE1-5082-47DA-A719-BD42B4A6F999}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{577759E2-62D0-49B6-AB81-B1E4DFC85CE5}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{BE64601E-5D18-4BB3-B555-2879FEC5D01C}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{5351D007-B20F-4FF7-8950-D65E5BAFEF96}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{371843C3-4F16-4C43-9137-A34C29DEB9AE}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{23C6CB95-3724-402C-A195-9E5E270717E7}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{F62EE2DB-51F5-4AB4-90F2-59F152805303}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{12EBF485-6654-48DC-BC7E-62996DB6BEB9}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{C7EB2F68-D929-47C9-A54C-5464567E8B1E}] => (Allow) C:\Users\User\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{BC1D581F-0011-4DEF-A233-E26E26400C3E}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{EDEE27BA-6FFC-45AA-82FC-A1D011074C4B}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{790F791B-B6B6-403B-9B8E-23AC2865EB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{3E1EA518-F630-423B-8EF9-B898C2F2D2C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{1439D2E7-F725-45DD-B945-EDDE950881E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{FCF370B2-C449-41CE-8DE4-0DA57461846A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{363C4C89-1C9F-47BE-974F-8B638AEEDF5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{5A0BEA43-3245-4DAA-B660-604A587B7578}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{6EDF768E-F6FC-41A7-8D03-0EEF777B6962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [{007B00EC-18D4-48B7-8E38-EEC8F9198E25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [TCP Query User{8A9C8D7F-9B90-4445-B3D1-95BAF87E2645}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4FE0E49F-EB50-449E-A665-32C101C4DCA7}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{725968C5-DBFD-458F-95D3-12CF6376E7A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{EB489362-2332-42C9-8E2B-C740FC1C24A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{BF0ADB82-7EFB-4280-82C6-4020DEED3AB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{1044092E-2EAA-4452-8E0C-23278D6A9DF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{536B0732-BC4F-4A2D-AB57-5F923EF5A364}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{420243C1-65A3-49E3-B2B1-1ACBCDB4A1C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{74C1BA56-AD62-44D7-85C2-1BE724E07FF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E71DF360-6660-4724-B4CD-AEE1FEA1DAA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{391D2C48-102E-4DF7-853D-1DFDC584EF25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{808147A5-5549-4FE3-9A7A-85298DD007F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{B2949B2B-1748-4916-AA6B-769ABAF26DF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{CF483AA7-AC68-492B-A01F-18DA037404F0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{78973824-D048-4B9C-979E-F71236CEFE9A}] => (Allow) LPort=53000
FirewallRules: [{0E354BBC-327C-4C37-B4B8-0FE68ADF15E6}] => (Allow) LPort=52000
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Ralink RT5390R 802.11bgn Wi-Fi Adapter
Description: Ralink RT5390R 802.11bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/01/2015 04:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1a90
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (07/29/2015 04:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: run_game.exe, Version: 1.0.0.0, Zeitstempel: 0x54194e10
Name des fehlerhaften Moduls: EasyAntiCheat_x86.dll, Version: 1.0.3.0, Zeitstempel: 0x54d4ae6b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000019ac
ID des fehlerhaften Prozesses: 0x1110
Startzeit der fehlerhaften Anwendung: 0xrun_game.exe0
Pfad der fehlerhaften Anwendung: run_game.exe1
Pfad des fehlerhaften Moduls: run_game.exe2
Berichtskennung: run_game.exe3
Vollständiger Name des fehlerhaften Pakets: run_game.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: run_game.exe5
Error: (07/29/2015 03:55:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [0]
Error: (07/29/2015 03:42:10 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
Error: (07/29/2015 03:42:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
Error: (07/29/2015 03:25:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: JOSEF-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F084E7200}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (07/29/2015 02:51:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
Error: (06/24/2015 12:17:11 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/24/2015 12:14:02 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/24/2015 12:13:01 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Systemfehler:
=============
Error: (08/01/2015 04:50:41 PM) (Source: DCOM) (EventID: 10016) (User: JOSEF-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}JOSEF-PCJosefS-1-5-21-3441488294-490295330-2377242766-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/01/2015 04:48:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/01/2015 11:57:54 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212265131171520
Error: (08/01/2015 11:58:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.08.2015 um 11:17:33 unerwartet heruntergefahren.
Error: (08/01/2015 10:32:10 AM) (Source: DCOM) (EventID: 10010) (User: JOSEF-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/01/2015 10:31:40 AM) (Source: DCOM) (EventID: 10010) (User: JOSEF-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/31/2015 10:30:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/31/2015 11:03:06 AM) (Source: DCOM) (EventID: 10010) (User: JOSEF-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/31/2015 11:02:36 AM) (Source: DCOM) (EventID: 10010) (User: JOSEF-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/30/2015 09:19:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office:
=========================
Error: (08/01/2015 04:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa11a9001d0cc62ec8aed15C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll69dc830e-3859-11e5-beef-10604b7e1d3e
Error: (07/29/2015 04:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: run_game.exe1.0.0.054194e10EasyAntiCheat_x86.dll1.0.3.054d4ae6bc0000005000019ac111001d0ca0781c783e3C:\Program Files (x86)\Steam\steamapps\common\War of the Roses\run_game.exeC:\Program Files (x86)\Steam\steamapps\common\War of the Roses\EasyAntiCheat\EasyAntiCheat_x86.dllbfe0a02f-35fa-11e5-beed-10604b7e1d3e
Error: (07/29/2015 03:55:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [0]
Error: (07/29/2015 03:42:10 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [0]
Error: (07/29/2015 03:42:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
Error: (07/29/2015 03:25:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: JOSEF-PC)
Description: Adobe Acrobat Reader DC - Deutsch{AC76BA86-7AD7-0000-2550-AC0F084E7200}1625(NULL)(NULL)(NULL)
Error: (07/29/2015 02:51:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
Error: (06/24/2015 12:17:11 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/24/2015 12:14:02 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/24/2015 12:13:01 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
CodeIntegrity:
===================================
Date: 2015-02-28 08:13:31.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.91_x86__v68kp9n051hdp\mmaMain.exe that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 33%
Total physical RAM: 12243.3 MB
Available physical RAM: 8135.89 MB
Total Virtual: 112243.3 MB
Available Virtual: 107701.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.95 GB) (Free:72.27 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:11.64 GB) (Free:1.41 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EADF2D74)
Partition: GPT Partition Type.
==================== Ende von log ============================
|
|
16.01.2016, 17:25
| #3 |
| | Windows 8.1: Sypware Befall gemeldet durch Antivir Antivir-Log
__________________Code:
ATTFilter Free Antivirus
Erstellungsdatum der Reportdatei: Samstag, 16. Jänner 2016 11:29
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8.1
Windowsversion : (plain) [6.3.9600]
Boot Modus : Normal gebootet
Benutzername : Josef
Computername : JOSEF-PC
Versionsinformationen:
build.dat : 15.0.15.129 93076 Bytes 03.12.2015 15:25:00
AVSCAN.EXE : 15.0.15.122 1203832 Bytes 01.12.2015 14:11:24
AVSCANRC.DLL : 15.0.15.106 67688 Bytes 01.12.2015 14:11:24
LUKE.DLL : 15.0.15.106 69248 Bytes 01.12.2015 14:11:32
AVSCPLR.DLL : 15.0.15.122 106352 Bytes 01.12.2015 14:11:24
REPAIR.DLL : 15.0.15.106 493608 Bytes 01.12.2015 14:11:23
repair.rdf : 1.0.13.40 1446059 Bytes 15.01.2016 11:34:50
AVREG.DLL : 15.0.15.106 346312 Bytes 01.12.2015 14:11:23
avlode.dll : 15.0.15.106 701680 Bytes 01.12.2015 14:11:22
avlode.rdf : 14.0.5.18 88653 Bytes 09.12.2015 15:52:51
XBV00004.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00005.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00006.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00007.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00008.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00009.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00010.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00011.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00012.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00013.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00014.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00015.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00016.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00017.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00018.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00019.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00020.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00021.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00022.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00023.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00024.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00025.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00026.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00027.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00028.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00029.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00030.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00031.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00032.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00033.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00034.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00035.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00036.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:07
XBV00037.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:08
XBV00038.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:08
XBV00039.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:08
XBV00040.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:08
XBV00041.VDF : 8.12.37.66 2048 Bytes 17.12.2015 13:34:08
XBV00106.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00107.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00108.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00109.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00110.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00111.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00112.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00113.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00114.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00115.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00116.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00117.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00118.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00119.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00120.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00121.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00122.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00123.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00124.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00125.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00126.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00127.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00128.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00129.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00130.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00131.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00132.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00133.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00134.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00135.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00136.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00137.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00138.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00139.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00140.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00141.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:24
XBV00142.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00143.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00144.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00145.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00146.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00147.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00148.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00149.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00150.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00151.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00152.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00153.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00154.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00155.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00156.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00157.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00158.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00159.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00160.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00161.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00162.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00163.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00164.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00165.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00166.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00167.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00168.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00169.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00170.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00171.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00172.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00173.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00174.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00175.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00176.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00177.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00178.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00179.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00180.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00181.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00182.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00183.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00184.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00185.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00186.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00187.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:25
XBV00188.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00189.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00190.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00191.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00192.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00193.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00194.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00195.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00196.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00197.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00198.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00199.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00200.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00201.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00202.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00203.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00204.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00205.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00206.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00207.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00208.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00209.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00210.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00211.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00212.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00213.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:26
XBV00214.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00215.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00216.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00217.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00218.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00219.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00220.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00221.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00222.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00223.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00224.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00225.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00226.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00227.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00228.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00229.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00230.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00231.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00232.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00233.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00234.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00235.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00236.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00237.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00238.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00239.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00240.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00241.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00242.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00243.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00244.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00245.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00246.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00247.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00248.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00249.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00250.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00251.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00252.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00253.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00254.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00255.VDF : 8.12.44.142 2048 Bytes 09.01.2016 15:13:27
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 10:37:22
XBV00001.VDF : 7.11.237.0 48041984 Bytes 02.06.2015 13:33:55
XBV00002.VDF : 7.12.37.36 16452096 Bytes 17.12.2015 13:34:06
XBV00003.VDF : 8.12.44.142 3948032 Bytes 09.01.2016 15:13:22
XBV00042.VDF : 8.12.44.144 7168 Bytes 09.01.2016 15:13:22
XBV00043.VDF : 8.12.44.146 74752 Bytes 10.01.2016 10:49:04
XBV00044.VDF : 8.12.44.154 6656 Bytes 10.01.2016 14:48:21
XBV00045.VDF : 8.12.44.160 2048 Bytes 10.01.2016 14:48:22
XBV00046.VDF : 8.12.44.166 2048 Bytes 10.01.2016 14:48:22
XBV00047.VDF : 8.12.44.172 89088 Bytes 11.01.2016 13:39:31
XBV00048.VDF : 8.12.44.178 9728 Bytes 11.01.2016 13:39:31
XBV00049.VDF : 8.12.44.180 7168 Bytes 11.01.2016 13:39:31
XBV00050.VDF : 8.12.44.182 8704 Bytes 11.01.2016 13:39:31
XBV00051.VDF : 8.12.44.188 7680 Bytes 11.01.2016 13:39:31
XBV00052.VDF : 8.12.44.194 10752 Bytes 11.01.2016 13:39:32
XBV00053.VDF : 8.12.44.200 6144 Bytes 11.01.2016 13:39:32
XBV00054.VDF : 8.12.44.208 12288 Bytes 11.01.2016 17:38:49
XBV00055.VDF : 8.12.44.210 83456 Bytes 11.01.2016 19:38:51
XBV00056.VDF : 8.12.44.212 2048 Bytes 11.01.2016 19:38:51
XBV00057.VDF : 8.12.44.214 2048 Bytes 11.01.2016 19:38:51
XBV00058.VDF : 8.12.44.216 19456 Bytes 11.01.2016 21:38:51
XBV00059.VDF : 8.12.44.218 8704 Bytes 11.01.2016 13:36:18
XBV00060.VDF : 8.12.44.224 9728 Bytes 11.01.2016 13:36:18
XBV00061.VDF : 8.12.44.226 2048 Bytes 11.01.2016 13:36:18
XBV00062.VDF : 8.12.44.234 40960 Bytes 12.01.2016 13:36:18
XBV00063.VDF : 8.12.44.238 2048 Bytes 12.01.2016 13:36:18
XBV00064.VDF : 8.12.44.242 20992 Bytes 12.01.2016 13:36:18
XBV00065.VDF : 8.12.44.246 25088 Bytes 12.01.2016 13:36:18
XBV00066.VDF : 8.12.44.248 13824 Bytes 12.01.2016 13:36:18
XBV00067.VDF : 8.12.45.0 67072 Bytes 12.01.2016 17:35:18
XBV00068.VDF : 8.12.45.2 2048 Bytes 12.01.2016 17:35:18
XBV00069.VDF : 8.12.45.4 34816 Bytes 12.01.2016 19:35:20
XBV00070.VDF : 8.12.45.6 16896 Bytes 12.01.2016 21:35:19
XBV00071.VDF : 8.12.45.10 24064 Bytes 12.01.2016 13:31:50
XBV00072.VDF : 8.12.45.18 60928 Bytes 13.01.2016 13:31:50
XBV00073.VDF : 8.12.45.22 15360 Bytes 13.01.2016 13:31:50
XBV00074.VDF : 8.12.45.26 9216 Bytes 13.01.2016 13:31:50
XBV00075.VDF : 8.12.45.30 2048 Bytes 13.01.2016 13:31:50
XBV00076.VDF : 8.12.45.94 69120 Bytes 13.01.2016 13:31:50
XBV00077.VDF : 8.12.45.124 2048 Bytes 13.01.2016 13:31:50
XBV00078.VDF : 8.12.45.186 29184 Bytes 13.01.2016 17:30:49
XBV00079.VDF : 8.12.45.216 72192 Bytes 13.01.2016 19:30:52
XBV00080.VDF : 8.12.45.246 22016 Bytes 13.01.2016 13:40:10
XBV00081.VDF : 8.12.45.248 6656 Bytes 13.01.2016 13:40:10
XBV00082.VDF : 8.12.45.250 12288 Bytes 13.01.2016 13:40:10
XBV00083.VDF : 8.12.45.252 11776 Bytes 13.01.2016 13:40:10
XBV00084.VDF : 8.12.46.20 50688 Bytes 14.01.2016 13:40:10
XBV00085.VDF : 8.12.46.40 2048 Bytes 14.01.2016 13:40:10
XBV00086.VDF : 8.12.46.60 27136 Bytes 14.01.2016 13:40:10
XBV00087.VDF : 8.12.46.80 8704 Bytes 14.01.2016 13:40:10
XBV00088.VDF : 8.12.46.100 9216 Bytes 14.01.2016 13:40:10
XBV00089.VDF : 8.12.46.102 6656 Bytes 14.01.2016 13:40:10
XBV00090.VDF : 8.12.46.106 33280 Bytes 14.01.2016 19:39:26
XBV00091.VDF : 8.12.46.108 14848 Bytes 14.01.2016 19:39:26
XBV00092.VDF : 8.12.46.110 10240 Bytes 14.01.2016 19:39:26
XBV00093.VDF : 8.12.46.112 9728 Bytes 14.01.2016 07:57:38
XBV00094.VDF : 8.12.46.118 10240 Bytes 14.01.2016 07:57:38
XBV00095.VDF : 8.12.46.120 4608 Bytes 15.01.2016 07:57:38
XBV00096.VDF : 8.12.46.124 8192 Bytes 15.01.2016 07:57:38
XBV00097.VDF : 8.12.46.126 8192 Bytes 15.01.2016 07:57:38
XBV00098.VDF : 8.12.46.146 4096 Bytes 15.01.2016 11:34:49
XBV00099.VDF : 8.12.46.166 20480 Bytes 15.01.2016 11:34:49
XBV00100.VDF : 8.12.46.186 5120 Bytes 15.01.2016 11:34:49
XBV00101.VDF : 8.12.46.188 2048 Bytes 15.01.2016 11:34:49
XBV00102.VDF : 8.12.46.210 70144 Bytes 15.01.2016 19:34:53
XBV00103.VDF : 8.12.46.212 2048 Bytes 15.01.2016 19:34:53
XBV00104.VDF : 8.12.46.216 65536 Bytes 15.01.2016 23:34:48
XBV00105.VDF : 8.12.46.218 23552 Bytes 15.01.2016 23:34:48
LOCAL001.VDF : 8.12.46.218 138759168 Bytes 15.01.2016 23:34:59
Engineversion : 8.3.34.124
AEBB.DLL : 8.1.3.0 59296 Bytes 19.11.2015 14:31:41
AECORE.DLL : 8.3.9.0 249920 Bytes 12.11.2015 14:30:02
AEDROID.DLL : 8.4.3.348 1800104 Bytes 06.11.2015 13:00:06
AEEMU.DLL : 8.1.3.6 404328 Bytes 19.11.2015 14:31:41
AEEXP.DLL : 8.4.2.144 289920 Bytes 22.12.2015 16:16:50
AEGEN.DLL : 8.1.8.16 490344 Bytes 14.01.2016 13:40:06
AEHELP.DLL : 8.3.2.8 284584 Bytes 21.12.2015 15:31:53
AEHEUR.DLL : 8.1.4.2130 10076224 Bytes 14.01.2016 13:40:09
AEMOBILE.DLL : 8.1.8.10 301936 Bytes 26.11.2015 13:50:08
AEOFFICE.DLL : 8.3.1.84 427944 Bytes 15.01.2016 13:34:37
AEPACK.DLL : 8.4.1.22 802880 Bytes 05.01.2016 12:54:47
AERDL.DLL : 8.2.1.38 813928 Bytes 06.11.2015 13:00:05
AESBX.DLL : 8.2.21.2 1629032 Bytes 06.11.2015 13:00:05
AESCN.DLL : 8.3.4.0 141216 Bytes 12.11.2015 14:30:05
AESCRIPT.DLL : 8.3.0.20 547696 Bytes 14.01.2016 13:40:10
AEVDF.DLL : 8.3.2.4 141216 Bytes 19.11.2015 14:31:43
AVWINLL.DLL : 15.0.15.106 28632 Bytes 01.12.2015 14:11:20
AVPREF.DLL : 15.0.15.106 54896 Bytes 01.12.2015 14:11:23
AVREP.DLL : 15.0.15.106 225320 Bytes 01.12.2015 14:11:23
AVARKT.DLL : 15.0.15.106 231032 Bytes 01.12.2015 14:11:20
AVEVTLOG.DLL : 15.0.15.106 200632 Bytes 01.12.2015 14:11:21
SQLITE3.DLL : 15.0.15.106 460704 Bytes 01.12.2015 14:11:33
AVSMTP.DLL : 15.0.15.106 82120 Bytes 01.12.2015 14:11:24
NETNT.DLL : 15.0.15.106 18792 Bytes 01.12.2015 14:11:32
CommonImageRc.dll: 15.0.15.106 4309752 Bytes 01.12.2015 14:11:20
CommonTextRc.dll: 15.0.15.106 70784 Bytes 01.12.2015 14:11:20
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+PCK,+SPR,
Beginn des Suchlaufs: Samstag, 16. Jänner 2016 11:29
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '191' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'STacSV64.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'HiPatchService.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpsa_service.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPConnectedRemoteService.exe' - '135' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvStreamService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvStreamNetworkService.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'ScpService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '203' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'sttray64.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'XBoxStat.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '179' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '137' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvStreamUserAgent.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc_P2G8.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'jucheck.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'Steam.exe' - '135' Modul(e) wurden durchsucht
Durchsuche Prozess 'steamwebhelper.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'SteamService.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'steamwebhelper.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'steamwebhelper.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'VirtualBox.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'VBoxSVC.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '133' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '8' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinLogon.exe' - '25' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3430' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS>
[0] Archivtyp: Runtime Packed
--> C:\Controller PS3\ScpServer\bin\System\amd64\WinUsbCoInstaller2.dll
[1] Archivtyp: RSRC
--> C:\Controller PS3\ScpServer\bin\System\amd64\WUDFUpdate_01009.dll
[2] Archivtyp: RSRC
--> C:\Controller PS3\ScpServer\bin\System\x86\WinUsbCoInstaller2.dll
[3] Archivtyp: RSRC
--> C:\Controller PS3\ScpServer\bin\System\x86\WUDFUpdate_01009.dll
[4] Archivtyp: RSRC
--> C:\Program Files (x86)\THQ\Dawn Of War\steel_legion\Uninstall.exe
[5] Archivtyp: Runtime Packed
--> C:\Users\User\AppData\Local\Temp\0.09514685335599682.xpi
[6] Archivtyp: ZIP
--> lib/AddonObserver.js
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\User\AppData\Local\Temp\0.09514685335599682.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
--> C:\Users\User\AppData\Local\Temp\0.21998580761877806.xpi
[6] Archivtyp: ZIP
--> lib/AddonObserver.js
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\User\AppData\Local\Temp\0.21998580761877806.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
--> C:\Users\User\AppData\Local\Temp\0.45223670618721534.xpi
[6] Archivtyp: ZIP
--> lib/AddonObserver.js
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\User\AppData\Local\Temp\0.45223670618721534.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
Beginne mit der Suche in 'D:\' <Recovery Image>
Beginne mit der Desinfektion:
C:\Users\User\AppData\Local\Temp\0.45223670618721534.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '539dc78a.qua' verschoben!
C:\Users\User\AppData\Local\Temp\0.21998580761877806.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b08e82d.qua' verschoben!
C:\Users\User\AppData\Local\Temp\0.09514685335599682.xpi
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/Skrum.EL
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1951b2c5.qua' verschoben!
Ende des Suchlaufs: Samstag, 16. Jänner 2016 16:50
Benötigte Zeit: 5:06:49 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
105985 Verzeichnisse wurden überprüft
3215529 Dateien wurden geprüft
6 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
3 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
3215523 Dateien ohne Befall
23765 Archive wurden durchsucht
3 Warnungen
3 Hinweise
1487 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
18.01.2016, 21:21
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 8.1: Sypware Befall gemeldet durch Antivir Hi, zuerst mal: Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Da du W8.1 hast, brauchst du nur den Windows Defender zu aktivieren, denn ab W8.1 ist es ein vollwertiger Virenscanner mit Echtzeitschutz (MS Security Essentials) Danach öffnest du bitte Malwarebytes und siehst im Verlauf nach den Suchlauf-Protokollen. Diese bitte posten.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.01.2016, 19:43
| #5 |
| | Windows 8.1: Sypware Befall gemeldet durch Antivir Tut mir echt leid wegen dem warten. Der PC hat herum gesponnen und musste ihn erst mal wieder zum laufen kriegen. Kann ich da auch scanns mit dem Programm durchführen? Ich kann auch irgendwie nicht mehr mein PC passwort ändern ist mir aufgefallen. Er kann die PC-Einstellungen nicht mehr aufrufen. Das Fenster öffnet sich einfach nicht mehr. Bisher war ich eigentlich zufireden mit den scans. Also sollte ich mir ein anderes Programm holen und wann ja, welches? Wo sind denn die Probleme bei Antivir? Code:
ATTFilter alwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 25.01.2016
Suchlaufzeit: 18:59
Protokolldatei: MBAM.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2016.01.25.03
Rootkit-Datenbank: v2016.01.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Josef
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 427293
Abgelaufene Zeit: 29 Min., 32 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 0
(keine bösartigen Elemente erkannt)
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
25.01.2016, 19:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 8.1: Sypware Befall gemeldet durch Antivir Kein Ding man  Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Windows 8.1: Sypware Befall gemeldet durch Antivir |
|
| Themen zu Windows 8.1: Sypware Befall gemeldet durch Antivir |
| .dll, administrator, antivir, avira, bonjour, converter, defender, desktop, dnsapi.dll, explorer, firefox, mozilla, mp3, nvidia, prozesse, registry, rundll, scan, services.exe, software, svchost.exe, system, teamspeak, temp, virtualbox, windows, winlogon.exe |
Linear-Darstellung
