|
Plagegeister aller Art und deren Bekämpfung: Win 8 / HEUR:Trojan.Script.Generic / irreparabelWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.08.2017, 03:04 | #16 |
| Win 8 / HEUR:Trojan.Script.Generic / irreparabel FRST Log Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017 durchgeführt von Diesel (Administrator) auf MICHAEL (25-08-2017 22:14:37) Gestartet von C:\Users\Diesel\Desktop Geladene Profile: Diesel (Verfügbare Profile: Diesel) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17361016 2016-12-20] (Logitech Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.) HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-08-23] (Valve Corporation) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29500544 2016-07-13] (Skype Technologies S.A.) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [GalaxyClient] => D:\GOG Galaxy\GalaxyClient.exe [5087296 2017-07-31] (GOG.com) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\MountPoints2: {45c7cf2b-39c4-11e7-837b-d050990e32db} - "F:\Autorun.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-27] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration .LNK [2017-08-13] ShortcutTarget: Registration .LNK -> D:\Steam2\steamapps\common\Assassins Creed\Register\RegistrationReminder.exe (Ubisoft) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5ED15733-F069-4DA4-9BA0-DD1BCF6D0C33}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle Corporation) FireFox: ======== FF DefaultProfile: Neu FF ProfilePath: C:\Users\Diesel\AppData\Roaming\Mozilla\Firefox\Profiles\Neu [2017-08-25] FF Extension: (Firefox Screenshots) - C:\Users\Diesel\AppData\Roaming\Mozilla\Firefox\Profiles\Neu\features\{8683484d-ead2-496e-98f0-09f791fd6932}\screenshots@mozilla.org.xpi [2017-08-23] FF HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-24] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] () FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-10] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-10] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default [2017-08-25] CHR Extension: (Google Präsentationen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21] CHR Extension: (Google Docs) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21] CHR Extension: (Google Drive) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21] CHR Extension: (Google-Suche) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21] CHR Extension: (Google Docs Offline) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-12-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Google Mail) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21] CHR Extension: (Chrome Media Router) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-14] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-05-17] (EasyAntiCheat Ltd) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark) S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [487488 2017-07-31] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-16] (GOG.com) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation) S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2016-12-20] (Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-10] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-02-20] (Electronic Arts) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69768 2017-03-21] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-19] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [54256 2016-12-11] (Corsair) S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [29168 2016-12-11] (Corsair) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-05-16] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-05-16] (Disc Soft Ltd) S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.) R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] () R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] () S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] () S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] () R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R3 KillerEth; C:\WINDOWS\system32\DRIVERS\e2xw8x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.) R3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-25] (Malwarebytes) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-25 22:14 - 2017-08-25 22:14 - 000023927 _____ C:\Users\Diesel\Desktop\FRST.txt 2017-08-24 19:28 - 2017-08-24 19:28 - 000000000 ____D C:\Users\Diesel\Desktop\PC Temps, Virus, Fehler etc 2017-08-23 00:49 - 2017-08-23 00:49 - 001790024 _____ (Malwarebytes) C:\Users\Diesel\Desktop\JRT.exe 2017-08-23 00:05 - 2017-08-02 04:34 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-08-23 00:05 - 2017-08-02 03:47 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-08-23 00:05 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll 2017-08-23 00:05 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll 2017-08-23 00:05 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-08-23 00:05 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-08-23 00:05 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-23 00:05 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-08-23 00:05 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-08-23 00:05 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-08-23 00:05 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-08-23 00:05 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2017-08-23 00:05 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2017-08-23 00:05 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2017-08-23 00:05 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-08-23 00:05 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-08-23 00:05 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-08-23 00:05 - 2017-07-08 05:14 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2017-08-22 08:27 - 2017-08-22 08:27 - 000007131 _____ C:\Users\Diesel\AppData\Local\recently-used.xbel 2017-08-22 05:26 - 2017-08-23 20:22 - 000000000 ____D C:\AdwCleaner 2017-08-22 05:25 - 2017-08-22 05:25 - 008185288 _____ (Malwarebytes) C:\Users\Diesel\Desktop\adwcleaner_7.0.1.0.exe 2017-08-22 05:02 - 2017-08-25 22:14 - 000000000 ____D C:\FRST 2017-08-22 05:01 - 2017-08-22 05:01 - 002395648 _____ (Farbar) C:\Users\Diesel\Desktop\FRST64.exe 2017-08-18 17:05 - 2017-08-18 17:05 - 006357912 _____ C:\Users\Diesel\Desktop\twitchendscreen.wav 2017-08-16 22:49 - 2017-08-16 22:49 - 000000756 _____ C:\Users\Diesel\Desktop\ePSXe.exe - Verknüpfung.lnk 2017-08-16 21:39 - 2017-08-16 21:47 - 000000000 ____D C:\Users\Diesel\Desktop\Backup Iphone 2017-08-16 01:56 - 2017-08-16 01:56 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Aspyr Media 2017-08-16 01:30 - 2017-08-16 01:31 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\The First Templar 2017-08-15 21:52 - 2017-08-23 00:29 - 000000000 ____D C:\Users\Diesel\Desktop\PS2 Dumping 2017-08-14 23:06 - 2017-08-14 23:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-08-14 23:06 - 2017-08-10 00:21 - 000135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-08-14 23:06 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-08-14 23:06 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-08-14 23:06 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-08-14 23:06 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-08-14 23:05 - 2017-08-10 02:22 - 040239552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 035805632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 028930496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 023075016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 018804976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 017807936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 013649992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 012133296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 011585736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 003803768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 003359680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 001067640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000895968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000429920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000407248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000171200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000154392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000149224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000132072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-08-14 23:05 - 2017-08-10 02:22 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-08-14 22:29 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-08-13 03:19 - 2017-08-13 03:19 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Ubisoft 2017-08-13 03:19 - 2017-08-13 03:19 - 000000000 ____D C:\ProgramData\Ubisoft 2017-08-13 02:18 - 2017-08-13 02:18 - 000001259 _____ C:\Users\Diesel\Desktop\TeamSpeak 3 Client.lnk 2017-08-13 02:18 - 2017-08-13 02:18 - 000001217 _____ C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2017-08-13 02:16 - 2017-08-13 02:16 - 001525768 _____ C:\Users\Diesel\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe 2017-08-13 01:47 - 2017-08-13 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount and Blade [GOG.com] 2017-08-11 15:25 - 2017-08-11 15:25 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-08-08 20:58 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-08 20:58 - 2017-07-21 15:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-08 20:58 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-08 20:58 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-08 20:58 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-08 20:58 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-08 20:58 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-08 20:58 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2017-08-08 20:58 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2017-08-08 20:58 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-08 20:58 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-08-08 20:58 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-08-08 20:58 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-08 20:58 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-08-08 20:58 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-08-08 20:58 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-08 20:58 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-08-08 20:58 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-08 20:58 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-08-08 20:58 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-08 20:58 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-08-08 20:58 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-08-08 20:58 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-08 20:58 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-08-08 20:58 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-08-08 20:58 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-08 20:58 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-08-08 20:58 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-08 20:58 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-08-08 20:58 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-08 20:58 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-08-08 20:58 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-08-08 20:58 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-08 20:58 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-08-08 20:58 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-08 20:58 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-08 20:58 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-08 20:58 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys 2017-08-08 20:58 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-08-08 20:58 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-08-08 20:58 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-08-08 20:58 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-08 20:58 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-08-08 20:58 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-08-08 20:58 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-08-08 20:58 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-08-05 02:49 - 2016-10-08 23:17 - 003168256 _____ () C:\Users\Diesel\Desktop\DS4Windows.exe 2017-08-04 18:15 - 2017-08-18 17:54 - 000000732 _____ C:\Users\Diesel\Desktop\pcsx2.exe - Verknüpfung.lnk 2017-08-04 17:27 - 2017-08-05 18:51 - 000000000 ___RD C:\Users\Diesel\Desktop\livio usb 2017-08-04 01:54 - 2017-08-04 01:54 - 003101913 _____ (LIGHTNING UK!) C:\Users\Diesel\Downloads\SetupImgBurn_2.5.8.0.exe 2017-07-30 18:43 - 2017-07-30 18:43 - 000000222 _____ C:\Users\Diesel\Desktop\Jotun.url ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-25 22:14 - 2016-12-27 13:58 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\NetSpeedMonitor 2017-08-25 22:14 - 2015-03-03 19:31 - 000000000 ____D C:\ProgramData\NVIDIA 2017-08-25 22:12 - 2015-01-29 01:16 - 000000000 ____D C:\Program Files (x86)\Steam 2017-08-25 22:11 - 2017-06-01 21:26 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-08-25 22:11 - 2016-03-09 20:08 - 000000000 __RDO C:\Users\Diesel\OneDrive 2017-08-25 22:11 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-25 03:04 - 2016-10-21 18:58 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\obs-studio 2017-08-24 18:16 - 2017-03-09 15:02 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Telegram Desktop 2017-08-24 18:16 - 2017-01-05 07:04 - 000000000 ____D C:\Users\Diesel\AppData\Local\Personify 2017-08-24 17:47 - 2014-03-18 12:03 - 001772686 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-24 17:47 - 2014-03-18 11:25 - 000759174 _____ C:\WINDOWS\system32\perfh007.dat 2017-08-24 17:47 - 2014-03-18 11:25 - 000156934 _____ C:\WINDOWS\system32\perfc007.dat 2017-08-24 17:47 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2017-08-24 04:47 - 2014-11-09 03:29 - 000000000 ____D C:\Users\Diesel\AppData\Local\CrashDumps 2017-08-23 20:35 - 2016-11-21 18:15 - 000000000 ____D C:\Users\Diesel\AppData\LocalLow\Mozilla 2017-08-23 00:37 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2017-08-23 00:19 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2017-08-23 00:06 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-22 08:27 - 2015-10-21 17:08 - 000000000 ____D C:\Users\Diesel\.gimp-2.8 2017-08-22 07:28 - 2014-08-26 22:54 - 000000000 ____D C:\Users\Diesel 2017-08-22 06:56 - 2014-08-26 22:59 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2308537951-1921869107-4181014529-1001 2017-08-22 06:41 - 2014-11-24 19:14 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Audacity 2017-08-19 23:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-19 00:00 - 2016-09-06 18:57 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2017-08-18 17:54 - 2016-12-09 01:53 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\DS4Windows 2017-08-18 14:52 - 2014-09-04 20:38 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\DVDVideoSoft 2017-08-18 00:00 - 2015-10-21 16:16 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-16 03:52 - 2017-02-18 18:37 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\vlc 2017-08-16 01:55 - 2016-09-02 17:56 - 000000000 ____D C:\Users\Diesel\AppData\Local\Ubisoft Game Launcher 2017-08-15 22:42 - 2017-04-26 14:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-15 22:42 - 2014-09-04 18:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-14 23:06 - 2016-09-08 02:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-08-14 23:06 - 2016-09-08 02:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-08-14 22:29 - 2017-05-13 17:05 - 000003814 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-12-23 02:38 - 000004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-10-21 20:52 - 000003554 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-08 02:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-08-14 22:29 - 2016-09-07 17:39 - 000003852 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-07 17:39 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-07 17:39 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-07 17:39 - 000003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-07 17:39 - 000003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-14 22:29 - 2016-09-07 17:39 - 000001432 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-08-14 22:29 - 2014-08-27 02:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-08-13 04:30 - 2014-11-22 16:43 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\TS3Client 2017-08-13 02:18 - 2014-11-22 16:43 - 000000000 ____D C:\Users\Diesel\AppData\Local\TeamSpeak 3 Client 2017-08-11 15:25 - 2016-07-12 10:44 - 000002214 _____ C:\Users\Diesel\Desktop\Discord.lnk 2017-08-11 15:25 - 2016-07-12 10:44 - 000000000 ____D C:\Users\Diesel\AppData\Local\Discord 2017-08-11 15:25 - 2016-06-18 15:42 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\discord 2017-08-10 23:46 - 2015-08-30 23:46 - 000000000 ____D C:\Users\Diesel\AppData\Local\ElevatedDiagnostics 2017-08-10 23:37 - 2017-03-16 23:45 - 000000000 ____D C:\Users\Diesel\Downloads\Telegram Desktop 2017-08-10 02:22 - 2017-05-23 00:07 - 015425984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2017-08-10 02:22 - 2017-05-04 21:46 - 018705072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2017-08-10 02:22 - 2016-11-06 03:10 - 021403392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2017-08-10 02:22 - 2016-11-06 03:10 - 014689632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2017-08-10 02:22 - 2016-11-06 03:10 - 004187336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-08-10 02:22 - 2016-11-06 03:10 - 003691704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-08-10 02:22 - 2016-11-06 03:10 - 000491536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2017-08-10 02:22 - 2016-09-08 02:04 - 000044200 _____ C:\WINDOWS\system32\nvinfo.pb 2017-08-10 00:53 - 2016-09-08 02:04 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 000549496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-08-10 00:53 - 2016-09-08 02:04 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-08-10 00:47 - 2016-09-07 17:39 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-08-09 22:21 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-09 22:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2017-08-09 21:58 - 2013-08-22 16:44 - 000576072 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-09 01:03 - 2014-09-04 21:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-09 01:02 - 2014-09-04 21:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-08 20:55 - 2014-09-04 19:26 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-08-08 20:55 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-08-08 20:55 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-08-08 11:39 - 2016-09-08 02:04 - 008112721 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-08-05 18:49 - 2017-06-09 00:05 - 000000000 ____D C:\Users\Diesel\Desktop\WWE Supercard Gimp 2017-08-05 18:49 - 2017-04-07 21:21 - 000000000 ____D C:\Users\Diesel\Desktop\Minecraft 2017 2017-08-03 21:29 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-07-29 02:03 - 2013-08-22 17:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-07-29 02:03 - 2013-08-22 17:38 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-26 19:09 - 2017-05-13 17:04 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-07-26 19:09 - 2017-05-13 17:04 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-07-26 19:09 - 2016-09-08 02:05 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-07-26 19:09 - 2016-09-08 02:05 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-07-26 19:09 - 2016-09-08 02:05 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-07-26 19:09 - 2016-09-07 17:39 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-07-26 19:09 - 2016-09-07 17:39 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-07-26 15:40 - 2017-04-07 20:43 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-08-27 02:46 - 2014-08-27 02:46 - 000000000 _____ () C:\Users\Diesel\AppData\Roaming\gdfw.log 2014-08-27 02:46 - 2014-08-27 02:46 - 000000779 _____ () C:\Users\Diesel\AppData\Roaming\gdscan.log 2016-05-16 11:08 - 2017-03-25 16:14 - 000011264 _____ () C:\Users\Diesel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-27 02:42 - 2014-08-27 02:42 - 000000000 _____ () C:\Users\Diesel\AppData\Local\Driver_LOM_8161Present.flag 2017-08-22 08:27 - 2017-08-22 08:27 - 000007131 _____ () C:\Users\Diesel\AppData\Local\recently-used.xbel 2014-11-12 18:56 - 2017-06-07 02:26 - 000007606 _____ () C:\Users\Diesel\AppData\Local\Resmon.ResmonCfg 2014-08-27 02:35 - 2014-08-27 02:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2016-12-23 02:38 - 2017-01-28 01:00 - 000019727 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-23 02:38 - 2017-01-18 17:27 - 000009230 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Einige Dateien in TEMP: ==================== 2017-03-28 23:34 - 2017-08-25 22:12 - 000619464 _____ () C:\Users\Diesel\AppData\Local\Temp\0Kraken0510DevProps.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-08-24 04:18 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017 durchgeführt von Diesel (25-08-2017 22:14:54) Gestartet von C:\Users\Diesel\Desktop Windows 8.1 (Update) (X64) (2014-08-26 20:54:36) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2308537951-1921869107-4181014529-500 - Administrator - Disabled) Diesel (S-1-5-21-2308537951-1921869107-4181014529-1001 - Administrator - Enabled) => C:\Users\Diesel Gast (S-1-5-21-2308537951-1921869107-4181014529-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1954 Alcatraz (HKLM\...\Steam App 255280) (Version: - Daedalic Entertainment) 3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden 3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs) Airline Tycoon Deluxe (HKLM\...\Steam App 331920) (Version: - Spellbound AG) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.28 - NVIDIA Corporation) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Armello (HKLM\...\Steam App 290340) (Version: - League of Geeks) ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) Assassin's Creed (HKLM\...\Steam App 15100) (Version: - Ubisoft Montreal) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Back to the Future: Ep 1 - It's About Time (HKLM\...\Steam App 31290) (Version: - Telltale Games) Back to the Future: Ep 2 - Get Tannen! (HKLM\...\Steam App 94500) (Version: - Telltale Games) Back to the Future: Ep 3 - Citizen Brown (HKLM\...\Steam App 94510) (Version: - Telltale Games) Back to the Future: Ep 4 - Double Visions (HKLM\...\Steam App 94520) (Version: - Telltale Games) Back to the Future: Ep 5 - OUTATIME (HKLM\...\Steam App 94530) (Version: - Telltale Games) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Caravan (HKLM\...\Steam App 352890) (Version: - it Matters Games) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) Champions of Anteria (HKLM\...\Steam App 374520) (Version: - Blue Byte) Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.) Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd) DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc) Darkest Dungeon (HKLM\...\Steam App 262060) (Version: - Red Hook Studios) Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.) Dead Rising 4 (HKLM\...\Steam App 543460) (Version: - Capcom Game Studio Vancouver, Inc.) Deceit (HKLM\...\Steam App 466240) (Version: - Automaton) Delicious - Emily's Hopes and Fears (HKLM\...\Steam App 550400) (Version: - Blue Giraffe) Der Pate® Das Spiel (HKLM-x32\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - ) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts) Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts) Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts) Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts) Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts) Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts) Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.625.10 - Electronic Arts Inc.) Discord (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version: - Larian Studios) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Eador - Genesis (HKLM-x32\...\1207659147_is1) (Version: 2.1.0.10 - GOG.com) Evil Genius (HKLM\...\Steam App 3720) (Version: - Elixir Studios) Fahrenheit: Indigo Prophecy Remastered (HKLM\...\Steam App 312840) (Version: - Aspyr) Fallout Shelter (HKLM\...\Steam App 588430) (Version: - Bethesda Game Studios) Fantasy General (HKLM-x32\...\1430136345_is1) (Version: 2.0.0.3 - GOG.com) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd) Free Video Editor (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.53.831 - Digital Wave Ltd) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.10.511 - Digital Wave Ltd) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.16.525 - Digital Wave Ltd) Friday the 13th: The Game (HKLM\...\Steam App 438740) (Version: - IllFonic) Frisky Business (HKLM\...\Steam App 588240) (Version: - K Bros Games) Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark) Game of Thrones - A Telltale Games Series (HKLM\...\Steam App 330840) (Version: - Telltale Games) Geeks3D FurMark 1.18.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies) Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) GOG.com Airline Tycoon Deluxe (HKLM\...\{d39698f1-1e15-4eba-8a7e-4b99ffb8f1cb}.sdb) (Version: - ) GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version: - Defiant Development) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heritage of Kings - The Settlers (HKLM-x32\...\1207658793_is1) (Version: 2.2.0.8 - GOG.com) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) House Party (HKLM\...\Steam App 611790) (Version: - Eek! Games, LLC) INSIDE (HKLM-x32\...\1916896012_is1) (Version: 10 - GOG.com) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{4F4D1244-12E7-4D6C-803D-3B16C13E8912}) (Version: 4.2.41.2633 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.) Jade Empire: Special Edition (HKLM\...\Steam App 7110) (Version: - BioWare Corporation) Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Jotun (HKLM\...\Steam App 323580) (Version: - Thunder Lotus Games) Killer Drivers (HKLM\...\{2D4C0206-11EE-4218-B347-BBAE6195BF7D}) (Version: 1.0.1028 - Rivet Networks) King's Bounty: Dark Side (HKLM\...\Steam App 289520) (Version: - 1C-SoftClub) King's Bounty: Warriors of the North (HKLM\...\Steam App 203350) (Version: - 1C-SoftClub) Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software) League of Legends (HKLM-x32\...\{7C6B1560-A8B1-4AED-BF77-A43713C7726D}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Life is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Little King's Story (HKLM-x32\...\1460733072_is1) (Version: 2.4.0.6 - GOG.com) Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.16.1 - GOG.com) Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.16.1 - GOG.com) Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.16.1 - GOG.com) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.90 (HKLM\...\Logitech Gaming Software) (Version: 8.90.117 - Logitech Inc.) Lucius (HKLM-x32\...\1207659128_is1) (Version: 2.1.0.9 - GOG.com) MAGIX Speed burnR (HKLM\...\{4E5B902F-D917-4AB9-BDFD-C1E0C8D75C46}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{4E5B902F-D917-4AB9-BDFD-C1E0C8D75C46}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Video deluxe (HKLM\...\{7874960A-3F7A-4A03-A49A-8BD4CE4E4B6F}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden MAGIX Video deluxe (HKLM\...\MX.{7874960A-3F7A-4A03-A49A-8BD4CE4E4B6F}) (Version: 16.0.1.22 - MAGIX Software GmbH) Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) MediaJoin (HKLM-x32\...\{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}) (Version: 2.0 - Mystik Media) Hidden MediaJoin (HKLM-x32\...\MediaJoin) (Version: - Mystik Media) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mount and Blade - With Fire and Sword (HKLM-x32\...\1207666903_is1) (Version: 2.1.0.6 - GOG.com) Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com) Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.032 (1.172) - GOG.com) Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 55.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.1 (x86 de)) (Version: 55.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.1.6430 - Mozilla) MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.28 - NVIDIA Corporation) NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation) NVIDIA Grafiktreiber 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.28 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.28 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios) Overlord with Rising Hell (HKLM-x32\...\1207659207_is1) (Version: 2.1.0.13 - GOG.com) Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.8.8 - Personify, Inc.) PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.) Police Quest - SWAT (HKLM-x32\...\1207661473_is1) (Version: 2.1.0.49 - GOG.com) Police Quest - SWAT 2 (HKLM-x32\...\1207661483_is1) (Version: 2.1.0.49 - GOG.com) Populous - The Beginning (HKLM-x32\...\1207659027_is1) (Version: 2.1.0.5 - GOG.com) Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Rayman Forever (HKLM-x32\...\1207658919_is1) (Version: 2.1.0.18 - GOG.com) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.14.7 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games) Rise of the Argonauts (HKLM\...\Steam App 12770) (Version: - Liquid Entertainment) RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder) Robin Hood - The Legend of Sherwood (HKLM-x32\...\1207659008_is1) (Version: 2.1.0.15 - GOG.com) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Sang Froid - Tales of Werewolves (HKLM-x32\...\1207660203_is1) (Version: 2.1.0.7 - GOG.com) Screen Antics 2.1 (HKLM-x32\...\Screen Antics) (Version: 2.1 - Jaap van Wingerden) Settlers 2 GOLD (HKLM-x32\...\1207658786_is1) (Version: 2.1.0.17 - GOG.com) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Sonicomi (HKLM\...\Steam App 444140) (Version: - Nitroplus) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.) Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66595 - TeamViewer) Telegram Desktop version 1.1.19 (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.1.19 - Telegram Messenger LLP) The Curious Expedition (HKLM\...\Steam App 358130) (Version: - Maschinen-Mensch) The First Templar (HKLM\...\Steam App 57680) (Version: - Haemimont Games) The Flame in the Flood (HKLM\...\Steam App 318600) (Version: - The Molasses Flood) The Raven - Legacy of a Master Thief (HKLM\...\Steam App 233370) (Version: - KING Art) The Settlers - Rise of an Empire - Gold Edition (HKLM-x32\...\1438268682_is1) (Version: 2.1.0.5 - GOG.com) The Settlers 3 - Ultimate Collection (HKLM-x32\...\1207659185_is1) (Version: 2.1.0.22 - GOG.com) The Settlers IV GOLD (HKLM-x32\...\1207659254_is1) (Version: 2.1.0.6 - GOG.com) Tom Clancy's Ghost Recon® Wildlands (HKLM\...\Steam App 460930) (Version: - Ubisoft Paris) Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games) Total War: ATTILA - Assembly Kit BETA (HKLM-x32\...\Steam App 343660) (Version: - ) Total War: ATTILA (HKLM\...\Steam App 325610) (Version: - Creative Assembly) Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly) Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Town of Salem (HKLM-x32\...\Steam App 334230) (Version: - BlankMediaGames) TruckersMP 0.2.1.0.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.0.1 Alpha - ETS2MP Team) Trust GXT Gaming Headset (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - ) Trust GXT Gaming Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 2.0.01.13 - Trust) Twitch Leecher 1.3.1 (HKLM\...\{B951A5DD-DA49-4C4B-838C-662D1B054E91}) (Version: 1.3.1.0 - Fake Smile Revolution) Hidden Twitch Leecher 1.3.1 (HKLM-x32\...\{43b31a6e-b33b-49de-9fde-bc75cf9c1973}) (Version: 1.3.1.0 - Fake Smile Revolution) UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) War for the Overworld (HKLM\...\Steam App 230190) (Version: - Brightrock Games) White Noise 2 (HKLM\...\Steam App 503350) (Version: - Milkstone Studios) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-10] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01CE7E12-4661-4F30-BC4F-6B35396268EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-09] (Microsoft Corporation) Task: {09182569-FF8F-4353-A30D-7BCD193D28FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated) Task: {0EEECA92-CFA2-4CBE-8A83-AEBD4D919249} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {149FD9B7-AFD7-4059-94A0-A6541F1D145C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation) Task: {2C8C2C37-5897-496D-AAA8-4774FB13E963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-21] (Google Inc.) Task: {2CED0C6E-6849-43D3-8184-C1CFA082ED82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) Task: {359392A2-5CAC-43A8-B842-C552D5BF22E8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation) Task: {7893A07F-6A99-4DD2-B2BC-8F1992DB9235} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {7E3DE3EB-A15A-49D5-AF38-B751D9502058} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {91A7F5D2-4A49-431A-8307-7BC7A8100C68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation) Task: {B4446819-DCD1-45DB-B389-1F70DEFA603F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {BAF97D5A-1230-4F42-9473-82840E7D4816} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation) Task: {DD09E128-99DB-4DFA-96D6-A1AE7FAAABE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-21] (Google Inc.) Task: {EC5D8EC0-D12E-4D1A-A580-70A3721F9091} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {F7058632-E552-49CF-AEB9-19FD07F73430} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Diesel\Desktop\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg ShortcutWithArgument: C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-01-13 14:56 - 2017-01-13 14:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 14:56 - 2017-01-13 14:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-09-08 02:40 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-25 00:20 - 2016-09-25 00:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-07-03 13:14 - 2015-07-03 13:14 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2016-12-20 01:59 - 2016-12-20 01:59 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2016-12-20 01:59 - 2016-12-20 01:59 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2017-03-28 23:34 - 2017-08-25 22:12 - 000619464 _____ () C:\Users\Diesel\AppData\Local\Temp\0Kraken0510DevProps.dll 2015-01-29 01:18 - 2017-08-04 23:19 - 000678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-29 01:18 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-01-29 01:18 - 2017-08-23 02:18 - 002505504 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-29 01:18 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-29 01:18 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-01-29 01:17 - 2016-01-27 09:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-01-29 01:17 - 2016-01-27 09:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-01-29 01:17 - 2016-01-27 09:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-01-29 01:17 - 2016-01-27 09:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-01-29 01:17 - 2016-01-27 09:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-01-29 01:18 - 2017-08-23 02:18 - 000885024 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-12-04 05:59 - 2017-07-18 00:50 - 073115424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-06-07 21:13 - 2017-05-17 03:54 - 000678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2015-01-29 01:17 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2014-08-27 02:28 - 2013-09-03 16:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-09-08 02:40 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Diesel:Heroes & Generals [38] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme2\img8.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\StartupFolder: => "Registration .LNK" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A5EEB4F5-60F6-41C4-93E0-0A402AD8F464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C2625C16-68CF-48FF-A336-108D1464246F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E1C233C8-5736-436F-8DA7-48106F313624}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7B03E079-2A06-46F0-AEDA-CAE9BF35E97A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6CE58037-78CD-42BE-BBB7-0260E13C97E5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{945C07AE-EA55-4388-9A8C-966269AF8952}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{AF3D4378-9A2A-41C0-98BD-1F016AB3A2CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{01C791F2-12AA-4DEA-8CCE-6924EFCCBBFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{F46522DF-2E2B-4FBA-BB21-E54EECC4E9FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{ED135D71-037D-456E-B1D6-2E019269843E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4CF41F94-7434-43C7-944F-AA26A28F74E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{039C4BB7-D518-45FE-9933-25A5C44C6F57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{5205CA98-6317-40A4-B7FD-1FBEE4DA6D31}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe FirewallRules: [{554BF86A-1FC3-4F57-BFE6-BC5490CF6D70}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe FirewallRules: [{E34038B8-F9BC-44F2-96CB-9A8077BD2843}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe FirewallRules: [{649278C5-09B2-4DCB-B440-658F6F2C4616}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe FirewallRules: [{56C2D115-7827-42FF-97ED-E504E084D2CE}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe FirewallRules: [{5EEE61EC-A183-4FB9-A6E5-B8C6997639AF}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe FirewallRules: [{F4CB4F5D-4AC4-43CA-8104-C242340359CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2E7804AD-A754-4145-B69D-A5F44AF40DE4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6732F700-6867-4C73-B31C-BD760EB0FB81}] => (Allow) LPort=2869 FirewallRules: [{E455FFA5-F630-4FFC-B66A-32DFA91634E0}] => (Allow) LPort=1900 FirewallRules: [{44FF59EC-DC28-49EF-B914-E8696A07AD3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [{E088BB22-D207-449E-B6A2-E33D1CF5A592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [{45352A06-1760-4F6C-AC9C-220A63850F02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F0EF624B-F9DE-428B-A7DC-0EE2D255C4AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{712CC379-79F3-48D2-B5ED-328D65AAF48A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F6F1CECF-21A7-4C07-81ED-D1985D6EC023}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D9E1C728-D1C0-4F17-8047-495494974C26}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{67510F25-6B5D-470B-80D4-7B82E09CEECF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FCAA489D-9D0F-420A-89DB-2FF60856F3B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9061F7DA-5A7C-43B3-9DF5-D1A890269628}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{8C4C5A27-96AD-440C-8210-5DA1C11ABF39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C5B4039D-1E4B-49F1-95CE-BA54CFA00D6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{152C6EDF-5E6E-4071-ABA4-95BF073C495C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{29D20AD8-52AE-4F66-BE5C-B2F49596ECFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{21E2DCD8-7EF8-42E2-8694-E8AF9DB17DDD}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{950FFE9A-E228-4E24-A425-9AC9DA15CFA2}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{0277E18A-B8C7-450D-B4F0-14B1D4DD6706}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{53DC9A56-6191-4F68-B829-C75197F4DEC2}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{CA3F76DE-981E-4F78-9343-7191D7EC90E2}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{551ACF2A-520F-4EF0-9D24-46B0679143D0}] => (Allow) D:\Ghost Recon Wildlands Beta\GRW.exe FirewallRules: [{C463E785-F158-4E9E-A66B-5178EBEE8C98}] => (Allow) D:\Steam2\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{83155E0D-5C67-4B41-8BB9-1F6391AD91D1}] => (Allow) D:\Steam2\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{DF885171-06D5-4421-921B-384A8D7F5FE9}] => (Allow) D:\Tom Clancy's The Division\TheDivision.exe FirewallRules: [{1EA516B4-E7FD-4D95-86FF-6B83826BB47D}] => (Allow) D:\Steam2\steamapps\common\King's Bounty - Warriors of the North\KBWotN.exe FirewallRules: [{5D21244A-F80A-4243-9433-65A8E2CC65C1}] => (Allow) D:\Steam2\steamapps\common\King's Bounty - Warriors of the North\KBWotN.exe FirewallRules: [{47700A83-AFD5-43C4-A155-DB9D1735E1AF}] => (Allow) D:\Steam2\steamapps\common\Darkside\KBDarkside.exe FirewallRules: [{E2F2A528-757D-42EA-B70C-A0AFE8C1899C}] => (Allow) D:\Steam2\steamapps\common\Darkside\KBDarkside.exe FirewallRules: [{87B64C62-1552-434B-A30B-2E44E4E35716}] => (Allow) D:\Steam2\steamapps\common\Sonicomi\Sonicomi_Steam.exe FirewallRules: [{B1B9EDAD-B124-4F64-B50B-E425B9A2184C}] => (Allow) D:\Steam2\steamapps\common\Sonicomi\Sonicomi_Steam.exe FirewallRules: [{6B07F933-5F72-4D27-A4B9-40A6DBB36407}] => (Allow) D:\Steam2\steamapps\common\War For The Overworld\WFTO.exe FirewallRules: [{4E55C9C4-706D-4D1A-96CA-25573ECF1F26}] => (Allow) D:\Steam2\steamapps\common\War For The Overworld\WFTO.exe FirewallRules: [{AA4B6341-2640-4812-83EF-CD1973506FD1}] => (Allow) D:\Steam2\steamapps\common\Airline Tycoon Deluxe\At.exe FirewallRules: [{E88326F8-CF5A-4398-BB92-5272090205D2}] => (Allow) D:\Steam2\steamapps\common\Airline Tycoon Deluxe\At.exe FirewallRules: [{855F032B-DCF8-4E99-B199-2319C13F342A}] => (Allow) D:\Steam2\steamapps\common\Wildlands\GRW.exe FirewallRules: [{DE35AC37-AF0B-4AC8-BCE9-A6A739E8AA06}] => (Allow) D:\Steam2\steamapps\common\Wildlands\GRW.exe FirewallRules: [{E1694859-2806-487D-A293-791EB1C1436D}] => (Allow) D:\Steam2\steamapps\common\DeadRising4\deadrising4.exe FirewallRules: [{595AE796-4E89-4C97-819E-73654CCC7D68}] => (Allow) D:\Steam2\steamapps\common\DeadRising4\deadrising4.exe FirewallRules: [{9C2FD0DF-2DD7-4A8C-B34F-8381797DD5E6}] => (Allow) D:\Steam2\steamapps\common\Frisky Business\FriskyBusiness.exe FirewallRules: [{F9589075-BDE7-4C21-BF04-CD4D84240FDF}] => (Allow) D:\Steam2\steamapps\common\Frisky Business\FriskyBusiness.exe FirewallRules: [{CA91000C-8E39-47B3-92FA-17D9C1CC0D62}] => (Allow) D:\Steam2\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{883787A5-880D-4CCF-893F-B33B97357C8A}] => (Allow) D:\Steam2\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{1682A977-5E03-401F-A950-42A60CC5D695}] => (Allow) D:\Steam2\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{01480F2C-B59E-4E95-B37F-600D7F6E33E1}] => (Allow) D:\Steam2\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{3EDBC620-A5FF-4E98-9C9B-CAEC423AD64A}] => (Allow) D:\Steam2\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{13A6539F-C0AA-4F50-BDF2-F7555C0EB515}] => (Allow) D:\Steam2\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{9784B51B-A93D-433C-A4FB-740CA3A10730}] => (Allow) D:\Steam2\steamapps\common\White Noise 2\WhiteNoise2.exe FirewallRules: [{4DA9C119-DAFD-4CCF-B068-036EF931F20E}] => (Allow) D:\Steam2\steamapps\common\White Noise 2\WhiteNoise2.exe FirewallRules: [{8412033E-A133-493E-B4FB-5518F94B28F0}] => (Allow) D:\Steam2\steamapps\common\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe FirewallRules: [{084ECC6D-145F-4ECD-A1CB-DD2CDA4C1D2D}] => (Allow) D:\Steam2\steamapps\common\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe FirewallRules: [{C756A354-7362-4184-AC4A-B437FBD95C36}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Overlord2.exe FirewallRules: [{7C636354-5F3C-44CD-AA68-5459AF6970BB}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Overlord2.exe FirewallRules: [{D3AABD39-B4A9-4EDB-8D50-324D4E90F134}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Config.exe FirewallRules: [{BF0D9341-C896-4103-929D-83B7DB99F5A8}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Config.exe FirewallRules: [{8005BE0F-A732-4249-BE95-354FA5F72A0B}] => (Allow) D:\Steam2\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{898CE406-350C-459F-863C-637FF1EB24E9}] => (Allow) D:\Steam2\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{FA207A85-EE54-44F2-9CA5-E06C41D641B7}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [{65D306E0-1245-4677-9840-700076DB6C8F}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [{547BBE85-DEFB-46BC-821A-24215F474E37}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\aomx.exe FirewallRules: [{82FB87D4-63C8-49EF-98AE-A96E38119236}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\aomx.exe FirewallRules: [{102EDF7E-04AB-4188-B946-47A2725A56DF}] => (Allow) D:\Steam2\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{BABDB6BA-5E25-4D6E-8E43-41BB676E9ABB}] => (Allow) D:\Steam2\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{6F89630F-FA86-40E8-9476-34838CCB0226}] => (Allow) D:\Steam2\steamapps\common\The Curious Expedition\electron.exe FirewallRules: [{DFC4DAE1-49C0-406E-8B82-14D9CF22DD90}] => (Allow) D:\Steam2\steamapps\common\The Curious Expedition\electron.exe FirewallRules: [{7C65413A-15FC-4D0F-8508-D62124E475AE}] => (Allow) D:\Steam2\steamapps\common\Ghost Master\ghost.exe FirewallRules: [{809FFB13-FF64-49FF-B36C-9DDFC7CCBE8E}] => (Allow) D:\Steam2\steamapps\common\Ghost Master\ghost.exe FirewallRules: [{3ECA0FD4-C696-465F-A87B-1957C48DC9B6}] => (Allow) D:\Steam2\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{CF8A978E-FBBA-4D13-A6D7-6A8F264A5246}] => (Allow) D:\Steam2\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{80605A4B-9B1C-4501-A272-785831D0102D}] => (Allow) D:\Steam2\steamapps\common\Reus\Reus.exe FirewallRules: [{6EA2063E-E471-47E1-97DC-76E4AEA04AE6}] => (Allow) D:\Steam2\steamapps\common\Reus\Reus.exe FirewallRules: [{B198646C-629F-4406-89B2-7D6865C51ABA}] => (Allow) D:\Steam2\steamapps\common\Caravan\Caravan.exe FirewallRules: [{9C434015-5929-40B7-99FB-A802EED84696}] => (Allow) D:\Steam2\steamapps\common\Caravan\Caravan.exe FirewallRules: [{ABD50B3A-E060-4135-A6F4-FF4EC2540BF1}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{FBBF94F2-7A68-45BD-A2EE-70221C777787}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{B66758BA-E25E-48B8-B86C-31F9C1DD9E3A}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{EBAE679B-AB96-4F0E-9254-A1191EE2E391}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{693C788B-FEE7-4ED0-889D-FFB8A9AD4085}] => (Allow) D:\Steam2\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe FirewallRules: [{490E0A4F-932E-4379-8C1C-F4F98D6F3D1A}] => (Allow) D:\Steam2\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe FirewallRules: [{239CE3AC-1875-4B3C-AE53-33211D13ECF3}] => (Allow) D:\Steam2\steamapps\common\F13Game\EAC_Launcher.exe FirewallRules: [{92CFC256-E1CF-4D45-8688-4578C32FB93C}] => (Allow) D:\Steam2\steamapps\common\F13Game\EAC_Launcher.exe FirewallRules: [TCP Query User{965D9836-186B-4095-B85A-F2B99AD15D0F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{CE010C18-7F4B-4D51-A7DA-1652B2799448}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{383DFF6A-A1E8-4A4F-A134-BFE3019A86A4}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{CBF53A96-F17E-409C-BB99-60588D24DE88}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{830B129F-2EB3-4A92-9853-6ED742C25002}] => (Allow) D:\Steam2\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{612B8A72-7F54-44A9-A0EC-FCF0B4A905FB}] => (Allow) D:\Steam2\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{9F7AD324-EBB1-44A7-9542-655416B9B394}] => (Allow) D:\Steam2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe FirewallRules: [{B54DDCF7-31BF-409E-9D9B-94AD8C9736DB}] => (Allow) D:\Steam2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe FirewallRules: [{1DAA4E42-F831-408B-A8BB-9F4D7435BFAD}] => (Allow) D:\Steam2\steamapps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{5D5C7736-39F8-44D8-A5F0-7F326DE7B4F6}] => (Allow) D:\Steam2\steamapps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{20124520-3DD8-457B-A767-28F5A571716F}] => (Allow) D:\Steam2\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{465D41EB-DFB5-4A6A-BF24-8CF67B84C014}] => (Allow) D:\Steam2\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{0113DC81-7917-4EE9-B392-D94C7DAE036A}] => (Allow) D:\Steam2\steamapps\common\The Raven\launcher\TheRavenLauncher.exe FirewallRules: [{67CCAF22-EC60-418C-8651-BE65FA8A4CF0}] => (Allow) D:\Steam2\steamapps\common\The Raven\launcher\TheRavenLauncher.exe FirewallRules: [{16F75B44-0890-4971-8437-EDEA2E9F3DB9}] => (Allow) D:\Steam2\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{783D86B0-84C9-4A96-A880-F385DB6E4D83}] => (Allow) D:\Steam2\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{784CD2F0-ED27-42F8-B7EA-23BB3F0C9633}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireLauncher.exe FirewallRules: [{331BAF41-5C27-4BA7-918F-E3CC17E6138C}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireLauncher.exe FirewallRules: [{A3F53357-AB2F-42F6-944F-FDC68FAC271D}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireConfig.exe FirewallRules: [{71C4572C-44FF-4BA2-9E00-722A7A98EB07}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireConfig.exe FirewallRules: [{2E18E6AC-92A8-42A4-AC03-D424B04473C9}] => (Allow) D:\Steam2\steamapps\common\Game of Thrones\Thrones.exe FirewallRules: [{19E7C5B3-DA78-45DF-8EEE-DCC527EA451A}] => (Allow) D:\Steam2\steamapps\common\Game of Thrones\Thrones.exe FirewallRules: [{0C925373-AD32-4FA7-AD66-5DB028B85A22}] => (Allow) D:\Steam2\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{BC3375A8-4128-4F6C-9AE0-8B566D5B23DD}] => (Allow) D:\Steam2\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{17C85482-78FE-4B06-8384-20BAE10356A0}] => (Allow) D:\Steam2\steamapps\common\The First Templar\TFT.exe FirewallRules: [{AAE9CCA0-BBF7-4447-9710-E743F1969B5C}] => (Allow) D:\Steam2\steamapps\common\The First Templar\TFT.exe FirewallRules: [{51F0B15C-C26F-443B-9F4A-64D01FA6DDE8}] => (Allow) D:\Steam2\steamapps\common\Kelvin\Fahrenheit.exe FirewallRules: [{E0D4BC8F-3DC9-4B22-8EA6-8721E9BA6B0F}] => (Allow) D:\Steam2\steamapps\common\Kelvin\Fahrenheit.exe FirewallRules: [{9D43E34D-D67B-4887-AA09-B8BD44B2361E}] => (Allow) D:\Steam2\steamapps\common\Evil Genius\EvilGeniusLauncher.exe FirewallRules: [{006392FA-084A-46DA-8659-E3D804B6BC17}] => (Allow) D:\Steam2\steamapps\common\Evil Genius\EvilGeniusLauncher.exe FirewallRules: [{7C2626DE-1564-49B2-9B63-773BA988C439}] => (Allow) D:\Steam2\steamapps\common\Delicious - Emily's Hopes and Fears\Delicious12.exe FirewallRules: [{82DD1253-E882-4934-97BF-47DDF8F96724}] => (Allow) D:\Steam2\steamapps\common\Delicious - Emily's Hopes and Fears\Delicious12.exe FirewallRules: [{16C8B409-9102-4FB4-AE9A-31A48E0C7A08}] => (Allow) D:\Steam2\steamapps\common\Champions of Anteria\CoA.exe FirewallRules: [{EDF510B6-AEF0-4115-98A2-4CE04DD11706}] => (Allow) D:\Steam2\steamapps\common\Champions of Anteria\CoA.exe FirewallRules: [{D9E78633-E5E8-4FBD-B7E5-D004C2FDD6B7}] => (Allow) D:\Steam2\steamapps\common\1954 Alcatraz\Alcatraz.exe FirewallRules: [{A3E6DA37-B482-4D11-A273-56CF36473117}] => (Allow) D:\Steam2\steamapps\common\1954 Alcatraz\Alcatraz.exe FirewallRules: [{B73688ED-28BC-4279-97D9-1EBBB570BB28}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{A454ACC5-F685-4A60-A89C-D2C28F5DC317}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{1DA5B0A6-AC69-43C5-B7BB-D004D0A89A9E}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{89A07A1D-E66C-46B5-9E29-9B9787F86D08}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{94D0997F-6047-46A8-B4DF-34342664E243}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{8B51DD3B-F45C-4247-BE47-64F60D33370F}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{E1392DE2-5CE7-4590-B3AA-902C98FC4078}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{735CA91E-3E0B-4D56-9146-22530595EE32}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{95858E7D-DBDC-4DC6-86F1-D8344C5D9FF9}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{A3A9E381-9149-4A3E-BB92-B841DBEE2BA2}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{40981343-1B94-47A7-A58E-CCBD6BFB6F6D}] => (Allow) D:\Steam2\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe FirewallRules: [{3E0482D9-37D4-4162-A3AB-7C659A125AA5}] => (Allow) D:\Steam2\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe FirewallRules: [{D99F0F6F-E040-410C-AA9A-50BD03032F31}] => (Allow) D:\Steam2\steamapps\common\Armello\armello.exe FirewallRules: [{32428085-A728-4B23-BA60-CBEF44F8BFBD}] => (Allow) D:\Steam2\steamapps\common\Armello\armello.exe FirewallRules: [{52CA8593-F3B0-4B0E-A2F7-DB0BDA4BE93A}] => (Allow) D:\Steam2\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{976D618F-2C8F-4DE0-BE94-A6E1B4FDB158}] => (Allow) D:\Steam2\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{AC4BAB6C-44DB-46DB-BF43-7D538D1A3C4D}] => (Allow) D:\Steam2\steamapps\common\House Party\HouseParty.exe FirewallRules: [{0ABD81B0-FDC6-49FE-B89F-1679D6219B0F}] => (Allow) D:\Steam2\steamapps\common\House Party\HouseParty.exe FirewallRules: [{EBC5DA06-6851-40C2-B7AF-5888B0FC8CAF}] => (Allow) C:\Program Files\MAGIX\Video deluxe\2017\Videodeluxe.exe FirewallRules: [{9BD88CFD-1572-49FA-9FFB-42FF55441E80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{ABE3472A-F58D-41DF-95BA-0BC242184BCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{138E03C8-43F8-4C05-ABB2-81B572AEC666}] => (Allow) D:\Steam2\steamapps\common\Jotun\Jotun.exe FirewallRules: [{52E12D29-0150-4101-8AD7-48BF7C30E800}] => (Allow) D:\Steam2\steamapps\common\Jotun\Jotun.exe FirewallRules: [{27302D38-3F38-4542-87E0-F50CD1C4060B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{6E0DBB1B-E8C8-4804-89CE-3650B92FD46B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{81169AC4-2DE1-456B-BBAA-B56CF423FFA5}] => (Allow) D:\Steam2\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{BAD59EAB-8B18-4934-9C96-C24B86447FDB}] => (Allow) D:\Steam2\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{44D70206-F0D5-483F-A81F-509734F3B0E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{E2658AFC-BDE6-4785-B65B-573658453256}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{4B740477-A895-4969-809B-E676D36FB477}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9F87CAA9-245C-43EE-81D0-0F7215336556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C0129459-A8F6-427B-81CC-7DD4219A6050}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6F4CA4C8-AABF-4B42-95FD-693E3805EFCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7D4E586E-1B05-4862-8742-5D37E94E0BAD}] => (Allow) D:\Steam2\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{443E6478-64B2-4323-AEA2-6DD9C44AC1D9}] => (Allow) D:\Steam2\steamapps\common\Total War WARHAMMER\launcher\launcher.exe ==================== Wiederherstellungspunkte ========================= 16-08-2017 01:29:31 DirectX wurde installiert 22-08-2017 19:48:36 chip 1-click download service wurde entfernt. 23-08-2017 00:50:52 JRT Pre-Junkware Removal 23-08-2017 01:39:32 JRT Pre-Junkware Removal 23-08-2017 20:24:00 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: RODE NT-USB Description: USB-Audiogerät Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard-USB-Audio) Service: usbaudio Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/25/2017 10:11:39 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/24/2017 05:40:49 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/24/2017 04:25:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/24/2017 04:47:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Discord.exe, Version: 0.0.42.0, Zeitstempel: 0x598a3014 Name des fehlerhaften Moduls: Discord.exe, Version: 0.0.42.0, Zeitstempel: 0x598a3014 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0268e710 ID des fehlerhaften Prozesses: 0x2030 Startzeit der fehlerhaften Anwendung: 0x01d31c46c8e3063d Pfad der fehlerhaften Anwendung: C:\Users\Diesel\AppData\Local\Discord\app-0.0.298\Discord.exe Pfad des fehlerhaften Moduls: C:\Users\Diesel\AppData\Local\Discord\app-0.0.298\Discord.exe Berichtskennung: 8f299529-8876-11e7-83a9-d050990e32db Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/23/2017 09:34:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Discord.exe, Version: 0.0.42.0, Zeitstempel: 0x598a3014 Name des fehlerhaften Moduls: Discord.exe, Version: 0.0.42.0, Zeitstempel: 0x598a3014 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0268e710 ID des fehlerhaften Prozesses: 0x1594 Startzeit der fehlerhaften Anwendung: 0x01d31c45f6728169 Pfad der fehlerhaften Anwendung: C:\Users\Diesel\AppData\Local\Discord\app-0.0.298\Discord.exe Pfad des fehlerhaften Moduls: C:\Users\Diesel\AppData\Local\Discord\app-0.0.298\Discord.exe Berichtskennung: 0350a348-883a-11e7-83a9-d050990e32db Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/23/2017 09:27:41 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/23/2017 08:23:10 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/23/2017 07:57:50 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/23/2017 01:35:34 AM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/23/2017 01:30:10 AM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Systemfehler: ============= Error: (08/25/2017 10:11:38 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 25.08.2017 um 02:32:11 unerwartet heruntergefahren. Error: (08/24/2017 05:40:48 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.08.2017 um 17:05:21 unerwartet heruntergefahren. Error: (08/24/2017 04:25:21 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.08.2017 um 16:24:14 unerwartet heruntergefahren. Error: (08/23/2017 09:28:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (08/23/2017 09:28:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/23/2017 08:24:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/23/2017 08:24:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/23/2017 08:22:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/23/2017 08:22:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/23/2017 08:22:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz Prozentuale Nutzung des RAM: 12% Installierter physikalischer RAM: 16314.55 MB Verfügbarer physikalischer RAM: 14351.97 MB Summe virtueller Speicher: 20410.55 MB Verfügbarer virtueller Speicher: 18604.95 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:28.99 GB) NTFS Drive d: (Volume) (Fixed) (Total:2794.39 GB) (Free:711.26 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 208F0848) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ Diese zwei Meldungen traten noch auf kannst du mir vielleicht sagen um was es sich dabei handeln kann? Code:
ATTFilter Problemereignisame: LiveKernelEvent Code: 141 Parameter 1: ffffe001d636f010 Parameter 2: fffff800e119d314 Parameter 3: 0 Parameter 4: 0 Betriebssystemversion: 6_3_9600 Service Pack: 0_0 Produkt: 768_1 Betriebsystemversion: 6.3.9600.2.0.0.768.101 Gebietsschema-ID: 2055 Code:
ATTFilter Problemereignisame: LiveKernelEvent Code: 117 Parameter 1: ffffe001d7f38010 Parameter 2: fffff800e119d314 Parameter 3: 0 Parameter 4: 0 Betriebssystemversion: 6_3_9600 Service Pack: 0_0 Produkt: 768_1 Betriebsystemversion: 6.3.9600.2.0.0.768.101 Gebietsschema-ID: 2055 |
28.08.2017, 08:40 | #17 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win 8 / HEUR:Trojan.Script.Generic / irreparabel Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:
__________________1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte SecurityCheck und:
__________________ |
31.08.2017, 22:29 | #18 |
| Win 8 / HEUR:Trojan.Script.Generic / irreparabelCode:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 31.08.17 Scan-Zeit: 19:14 Protokolldatei: d06f05d8-8e6f-11e7-a389-d050990e32db.json Administrator: Ja -Softwaredaten- Version: 3.2.2.2018 Komponentenversion: 1.0.188 Version des Aktualisierungspakets: 1.0.2698 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: MICHAEL\Diesel -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 350103 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 1 Min., 49 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter 09:01:05 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial= # end=init # utc_time=2017-08-30 07:01:05 # local_time=2017-08-30 09:01:05 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 09:01:21 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\Quarantine\ 09:53:43 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial= # end=init # utc_time=2017-08-30 07:53:43 # local_time=2017-08-30 09:53:43 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 09:53:45 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-30 07:53:45 # local_time=2017-08-30 09:53:45 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 09:54:42 Updating 09:54:42 Update Init 09:54:43 Update Download 09:57:06 esets_scanner_reload returned 0 09:57:06 g_uiModuleBuild: 34574 09:57:06 Update Finalize 09:57:06 Call m_esets_charon_send 09:57:06 Call m_esets_charon_destroy 09:57:07 Updated modules version: 34574 09:57:14 Call m_esets_charon_setup_create 09:57:14 Call m_esets_charon_create 09:57:14 m_esets_charon_create OK 09:57:14 Call m_esets_charon_start_send_thread 09:57:14 Call m_esets_charon_setup_set 09:57:14 m_esets_charon_setup_set OK 09:57:14 Scanner engine: 34574 10:30:38 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # engine=34574 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # sfx_checked=true # utc_time=2017-08-30 08:30:38 # local_time=2017-08-30 10:30:38 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # lang=1031 # osver=6.3.9600 NT # compatibility_mode_1='Kaspersky Internet Security' # compatibility_mode=1313 16777213 100 100 3259 37015972 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 66 85 12490693 19841961 0 0 # scanned=0 # found=7 # cleaned=0 # scan_time=2010 sh=2CE715A45EE71D36376F78E63426D2BBC910A312 ft=1 fh=0000000000000000 vn="Win32/Auslogics.F eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\AppData\Local\Temp\_Del_BDFED914-D1FC-4308-8683-F3E750A4096E_boost-speed_setup\GASender.exe" sh=2CE715A45EE71D36376F78E63426D2BBC910A312 ft=1 fh=0000000000000000 vn="Win32/Auslogics.F eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\AppData\Local\Temp\_Del_BoostSpeed\GASender.exe" sh=2CE715A45EE71D36376F78E63426D2BBC910A312 ft=1 fh=0000000000000000 vn="Win32/Auslogics.F eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\AppData\Local\Temp\_Del__iu14D2N\GASender.exe" sh=21FBA3DF010A5D1144701EDBF30B54D45EADBB33 ft=1 fh=0000000000000000 vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader.exe" sh=A960EC17F947DDC98235B4B212D520CD7FB5BBB2 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\Downloads\Magix Video Deluxe 2017 - CHIP-Installer(1).exe" sh=4F149AFB47D7F72BD7BEFB32D97AF84FEB063AE0 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\Downloads\Magix Video Deluxe 2017 - CHIP-Installer.exe" sh=6EB7A9C078DC9722205863E47CA5A204B2BC2AF7 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Diesel\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe" 10:32:36 Call m_esets_charon_send 10:32:36 Call m_esets_charon_destroy 10:32:38 Cleaning up 10:32:38 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\Modules\ 10:32:38 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\OldModules\ 10:32:38 DeleteEstsApi: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner 10:32:38 DeleteApiStgFile: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner 10:32:38 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\ 17:33:44 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-30 15:33:44 # local_time=2017-08-30 17:33:44 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 17:33:46 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-30 15:33:46 # local_time=2017-08-30 17:33:46 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 17:33:49 Updating 17:33:49 Update Init 17:33:50 Update Download 17:34:59 esets_scanner_reload returned 0 17:34:59 g_uiModuleBuild: 34580 17:34:59 Update Finalize 17:34:59 Call m_esets_charon_send 17:34:59 Call m_esets_charon_destroy 17:34:59 Updated modules version: 34580 17:35:06 Call m_esets_charon_setup_create 17:35:06 Call m_esets_charon_create 17:35:06 m_esets_charon_create OK 17:35:06 Call m_esets_charon_start_send_thread 17:35:06 Call m_esets_charon_setup_set 17:35:06 m_esets_charon_setup_set OK 17:35:06 Scanner engine: 34580 18:28:03 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # engine=34580 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # sfx_checked=true # utc_time=2017-08-30 16:28:03 # local_time=2017-08-30 18:28:03 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # lang=1031 # osver=6.3.9600 NT # compatibility_mode_1='Kaspersky Internet Security' # compatibility_mode=1313 16777213 100 100 3296 37044617 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 66 85 12519338 19870606 0 0 # scanned=0 # found=0 # cleaned=0 # scan_time=3183 18:28:08 Call m_esets_charon_send 18:28:08 Call m_esets_charon_destroy 19:11:57 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-31 17:11:57 # local_time=2017-08-31 19:11:57 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 19:12:01 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-31 17:12:01 # local_time=2017-08-31 19:12:01 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 19:12:18 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\Quarantine\ 19:12:26 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-31 17:12:26 # local_time=2017-08-31 19:12:26 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 19:12:28 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # end=init # utc_time=2017-08-31 17:12:28 # local_time=2017-08-31 19:12:28 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # osver=6.3.9600 NT 19:13:11 Call m_esets_charon_setup_create 19:13:11 Call m_esets_charon_create 19:13:11 m_esets_charon_create OK 19:13:11 Call m_esets_charon_start_send_thread 19:13:11 Call m_esets_charon_setup_set 19:13:11 m_esets_charon_setup_set OK 19:13:11 Updating 19:13:11 Update Init 19:13:18 Call m_esets_charon_setup_create 19:13:18 Call m_esets_charon_create 19:13:18 m_esets_charon_setup_set ERROR 19:13:18 Update Download 19:13:39 esets_scanner_reload returned 0 19:13:39 g_uiModuleBuild: 34592 19:13:39 Update Finalize 19:13:39 Call m_esets_charon_send 19:13:39 Call m_esets_charon_destroy 19:13:39 Updated modules version: 34592 19:13:47 Call m_esets_charon_setup_create 19:13:47 Call m_esets_charon_create 19:13:47 m_esets_charon_setup_set ERROR 19:13:47 Scanner engine: 34592 21:22:21 # product=EOS # version=8 # flags=0 # esetonlinescanner_deu.exe=2.0.17.0 # EOSSerial=bcd7346de70dd148a14439fd20a5e6bd # engine=34592 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # sfx_checked=true # utc_time=2017-08-31 19:22:21 # local_time=2017-08-31 21:22:21 (+0100, Mitteleuropäische Sommerzeit) # country="Switzerland" # lang=1031 # osver=6.3.9600 NT # compatibility_mode_1='Kaspersky Internet Security' # compatibility_mode=1313 16777213 100 100 81064 37141475 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 66 85 12616196 19967464 0 0 # scanned=2 # found=0 # cleaned=0 # scan_time=7720 23:23:42 Call m_esets_charon_send 23:23:42 Call m_esets_charon_destroy 23:23:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Diesel\AppData\Local\ESET\ESETOnlineScanner\Quarantine\ checkup Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky Internet Security Windows Defender Malwarebytes Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 141 Java version 32-bit out of Date! Adobe Flash Player 26.0.0.151 Mozilla Firefox (55.0.3) Google Chrome (60.0.3112.113) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe Kaspersky Lab Kaspersky Secure Connection 1.0 ksde.exe Kaspersky Lab Kaspersky Secure Connection 1.0 ksdeui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
01.09.2017, 11:26 | #19 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win 8 / HEUR:Trojan.Script.Generic / irreparabel Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.09.2017, 04:26 | #20 |
| Win 8 / HEUR:Trojan.Script.Generic / irreparabel FRST-Log Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017 durchgeführt von Diesel (Administrator) auf MICHAEL (02-09-2017 05:22:07) Gestartet von C:\Users\Diesel\Desktop Geladene Profile: Diesel (Verfügbare Profile: Diesel) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe (Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17361016 2016-12-20] (Logitech Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.) HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5565296 2015-12-01] (Western Digital Technologies, Inc.) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-08-25] (Valve Corporation) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29500544 2016-07-13] (Skype Technologies S.A.) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [GalaxyClient] => D:\GOG Galaxy\GalaxyClient.exe [5087296 2017-07-31] (GOG.com) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\MountPoints2: {45c7cf2b-39c4-11e7-837b-d050990e32db} - "F:\Autorun.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-27] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration .LNK [2017-08-13] ShortcutTarget: Registration .LNK -> D:\Steam2\steamapps\common\Assassins Creed\Register\RegistrationReminder.exe (Ubisoft) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5ED15733-F069-4DA4-9BA0-DD1BCF6D0C33}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2308537951-1921869107-4181014529-1001 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab) FireFox: ======== FF DefaultProfile: Neu FF ProfilePath: C:\Users\Diesel\AppData\Roaming\Mozilla\Firefox\Profiles\Neu [2017-09-02] FF Extension: (Firefox Screenshots) - C:\Users\Diesel\AppData\Roaming\Mozilla\Firefox\Profiles\Neu\features\{9964c042-3d89-40d8-bd7c-eb6a8291ff1f}\screenshots@mozilla.org.xpi [2017-08-26] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-20] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-24] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] () FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default [2017-09-01] CHR Extension: (Google Präsentationen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21] CHR Extension: (Google Docs) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21] CHR Extension: (Google Drive) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21] CHR Extension: (Google-Suche) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21] CHR Extension: (Kaspersky Protection) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-03] CHR Extension: (Google Docs Offline) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-12-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Google Mail) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21] CHR Extension: (Chrome Media Router) - C:\Users\Diesel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-14] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-05-17] (EasyAntiCheat Ltd) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark) S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [487488 2017-07-31] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-16] (GOG.com) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation) S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2016-12-20] (Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-02-20] (Electronic Arts) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69768 2017-03-21] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [54256 2016-12-11] (Corsair) S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [29168 2016-12-11] (Corsair) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-05-16] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-05-16] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] () S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.) R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] () R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] () S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] () S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] () R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R3 KillerEth; C:\WINDOWS\system32\DRIVERS\e2xw8x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-20] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-10] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-20] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-06] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-20] (AO Kaspersky Lab) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-08-30] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-01] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-01] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-01] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-02] (Malwarebytes) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-09-02 05:22 - 2017-09-02 05:22 - 000025754 _____ C:\Users\Diesel\Desktop\FRST.txt 2017-09-01 23:36 - 2017-09-01 23:36 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-08-31 23:24 - 2017-08-31 23:24 - 000009255 _____ C:\Users\Diesel\Desktop\esetlog.txt 2017-08-31 19:13 - 2017-08-31 19:13 - 008182736 _____ (Malwarebytes) C:\Users\Diesel\Downloads\adwcleaner_7.0.2.1.exe 2017-08-31 16:55 - 2017-08-31 16:58 - 098316568 _____ (Swisscom) C:\Users\Diesel\Downloads\myCloudDesktop Setup 17.34.25.exe 2017-08-31 07:23 - 2017-08-31 07:23 - 000024041 _____ C:\Users\Diesel\AppData\Local\recently-used.xbel 2017-08-30 10:28 - 2017-05-01 07:31 - 002724512 ____N (Sysinternals - www.sysinternals.com) C:\Users\Diesel\Documents\procexp.exe 2017-08-30 10:28 - 2017-05-01 07:25 - 001458856 ____N (Sysinternals - www.sysinternals.com) C:\Users\Diesel\Documents\procexp64.exe 2017-08-30 10:28 - 2017-05-01 07:19 - 000072154 ____N C:\Users\Diesel\Documents\procexp.chm 2017-08-30 10:28 - 2017-03-13 10:14 - 000007490 ____N C:\Users\Diesel\Documents\Eula.txt 2017-08-30 10:27 - 2017-08-30 10:27 - 001931969 _____ C:\Users\Diesel\Downloads\ProcessExplorer.zip 2017-08-30 09:01 - 2017-08-30 09:01 - 000000000 ____D C:\Users\Diesel\AppData\Local\ESET 2017-08-30 08:57 - 2017-09-02 02:17 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-08-30 08:57 - 2017-09-01 23:36 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-08-30 08:57 - 2017-09-01 23:36 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-08-30 08:57 - 2017-08-30 08:57 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-08-30 08:57 - 2017-08-30 08:57 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-08-30 08:57 - 2017-08-30 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-08-30 08:57 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-08-29 22:12 - 2017-08-29 22:12 - 000001198 _____ C:\Users\Public\Desktop\WD Security.lnk 2017-08-29 22:12 - 2017-08-29 22:12 - 000001151 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk 2017-08-29 22:12 - 2017-08-29 22:12 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Western Digital 2017-08-29 22:11 - 2017-08-29 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2017-08-29 22:11 - 2017-08-29 22:12 - 000000000 ____D C:\Program Files (x86)\Western Digital 2017-08-29 22:11 - 2017-08-29 22:11 - 000002185 _____ C:\Users\Public\Desktop\WD Backup.lnk 2017-08-29 22:11 - 2017-08-29 22:11 - 000000000 ____D C:\Users\Diesel\AppData\Local\Western Digital 2017-08-29 22:11 - 2017-08-29 22:11 - 000000000 ____D C:\ProgramData\Western Digital 2017-08-29 21:38 - 2017-08-29 21:38 - 000852720 _____ C:\Users\Diesel\Desktop\SecurityCheck.exe 2017-08-29 21:37 - 2017-08-29 21:37 - 006760064 _____ (ESET spol. s r.o.) C:\Users\Diesel\Desktop\esetonlinescanner_deu.exe 2017-08-27 05:32 - 2017-08-27 07:00 - 000062517 _____ C:\Users\Diesel\Desktop\HWMonitor.txt 2017-08-27 02:30 - 2017-08-27 02:32 - 000000000 ____D C:\Users\Diesel\Documents\nowplaying 2017-08-27 02:28 - 2017-08-27 02:28 - 000000003 _____ C:\Users\Diesel\Documents\now-playing.txt 2017-08-27 02:25 - 2016-10-04 20:19 - 000172032 _____ C:\Users\Diesel\Desktop\foo_np_simple.dll 2017-08-27 02:15 - 2017-08-27 02:35 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\foobar2000 2017-08-27 02:15 - 2017-08-27 02:15 - 003959986 _____ (foobar2000.org) C:\Users\Diesel\Downloads\foobar2000_v1.3.16.exe 2017-08-27 02:15 - 2017-08-27 02:15 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2017-08-27 02:15 - 2017-08-27 02:15 - 000001051 _____ C:\Users\Public\Desktop\foobar2000.lnk 2017-08-27 02:15 - 2017-08-27 02:15 - 000000000 ____D C:\Program Files (x86)\foobar2000 2017-08-27 01:35 - 2017-08-27 01:35 - 000473566 _____ C:\TDSSKiller.3.1.0.15_27.08.2017_01.35.01_log.txt 2017-08-26 23:19 - 2017-09-01 03:49 - 087949312 _____ C:\WINDOWS\system32\config\SOFTWARE 2017-08-26 23:19 - 2017-09-01 03:49 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM 2017-08-26 23:19 - 2017-09-01 03:49 - 001458176 _____ C:\WINDOWS\system32\config\DEFAULT 2017-08-26 23:19 - 2017-09-01 03:49 - 000032768 _____ C:\WINDOWS\system32\config\SAM 2017-08-26 23:19 - 2017-09-01 03:49 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY 2017-08-26 22:37 - 2017-08-26 22:37 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-08-26 22:37 - 2017-08-26 22:37 - 000000971 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-08-26 06:13 - 2017-08-26 06:14 - 000036864 _____ () C:\Users\Diesel\Desktop\memtest.exe 2017-08-26 04:56 - 2017-08-26 20:40 - 000000990 _____ C:\Users\Diesel\Desktop\HWMonitor.lnk 2017-08-26 04:35 - 2017-08-26 04:35 - 001214288 _____ ( ) C:\Users\Diesel\Downloads\hwmonitor_1.32.exe 2017-08-26 04:26 - 2017-08-26 04:26 - 000002198 _____ C:\Users\Public\Desktop\Skin Tool.lnk 2017-08-26 04:26 - 2017-08-26 04:26 - 000002125 _____ C:\Users\Public\Desktop\EVGA Precision XOC.lnk 2017-08-26 04:26 - 2017-08-26 04:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA 2017-08-26 04:26 - 2017-08-26 04:26 - 000000000 ____D C:\Program Files (x86)\EVGA 2017-08-26 04:26 - 2015-05-27 14:51 - 000156160 _____ C:\WINDOWS\system32\FW1FontWrapper_x64.dll 2017-08-26 04:25 - 2017-08-26 04:25 - 039857352 _____ (EVGA Corporation ) C:\Users\Diesel\Desktop\EVGA_PrecisionX_OC_Setup_v6.1.15.exe 2017-08-26 01:08 - 2017-08-26 01:11 - 000240594 _____ C:\TDSSKiller.3.1.0.15_26.08.2017_01.08.46_log.txt 2017-08-26 01:07 - 2017-08-26 01:07 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Diesel\Desktop\tdsskiller.exe 2017-08-26 00:14 - 2017-08-26 00:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-08-26 00:14 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-08-26 00:14 - 2017-06-15 21:32 - 000541984 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-08-26 00:14 - 2017-06-15 21:32 - 000525088 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-08-26 00:14 - 2017-06-15 21:32 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-08-26 00:14 - 2017-06-15 21:32 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-08-26 00:12 - 2017-08-22 02:40 - 040240248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 035881592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 028985976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 023132184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 018849272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 017807096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 015409088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2017-08-26 00:12 - 2017-08-22 02:40 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 012225984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 011692528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 010072768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 003802048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 003354560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 001067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000895784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000690320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000512672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000429920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000407064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000171384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000154208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000149040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000132072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2017-08-26 00:12 - 2017-08-22 02:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-08-26 00:12 - 2017-08-22 02:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-08-26 00:02 - 2017-08-26 00:02 - 000001351 _____ C:\Users\Diesel\Desktop\BlueScreenView (2).lnk 2017-08-25 23:06 - 2017-08-25 23:06 - 000003272 _____ C:\WINDOWS\System32\Tasks\SamsungMagician 2017-08-25 23:06 - 2017-08-25 23:06 - 000001240 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2017-08-25 23:06 - 2017-08-25 23:06 - 000000000 ____D C:\ProgramData\Samsung 2017-08-25 23:06 - 2017-08-25 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2017-08-25 23:06 - 2017-08-25 23:06 - 000000000 ____D C:\Program Files (x86)\Samsung 2017-08-25 22:50 - 2017-08-26 00:02 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView 2017-08-25 22:50 - 2017-08-25 22:50 - 000000000 ____D C:\Program Files (x86)\NirSoft 2017-08-25 22:49 - 2017-08-25 22:49 - 000141864 _____ C:\Users\Diesel\Downloads\bluescreenview_setup.exe 2017-08-25 22:39 - 2017-08-25 22:39 - 000001318 _____ C:\Users\Public\Desktop\IntelProcessor Diagnostic Tool 64bit.lnk 2017-08-25 22:39 - 2017-08-25 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Software Manager 2017-08-25 22:39 - 2017-08-25 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation 2017-08-25 22:39 - 2017-08-25 22:39 - 000000000 ____D C:\ProgramData\Intel Corporation 2017-08-25 22:39 - 2017-08-25 22:39 - 000000000 ____D C:\Program Files\Intel Corporation 2017-08-25 22:37 - 2017-08-25 22:38 - 240549888 _____ C:\Users\Diesel\Downloads\IPDT_Installer_4.0.0.29.exe 2017-08-24 19:28 - 2017-08-31 19:11 - 000000000 ____D C:\Users\Diesel\Desktop\PC Temps, Virus, Fehler etc 2017-08-23 00:49 - 2017-08-23 00:49 - 001790024 _____ (Malwarebytes) C:\Users\Diesel\Desktop\JRT.exe 2017-08-23 00:05 - 2017-08-02 04:34 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-08-23 00:05 - 2017-08-02 03:47 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-08-23 00:05 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll 2017-08-23 00:05 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll 2017-08-23 00:05 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-08-23 00:05 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-08-23 00:05 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-23 00:05 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-08-23 00:05 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-08-23 00:05 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-08-23 00:05 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-08-23 00:05 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2017-08-23 00:05 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2017-08-23 00:05 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2017-08-23 00:05 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-08-23 00:05 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-08-23 00:05 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-08-23 00:05 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2017-08-22 05:26 - 2017-08-31 19:14 - 000000000 ____D C:\AdwCleaner 2017-08-22 05:25 - 2017-08-22 05:25 - 008185288 _____ (Malwarebytes) C:\Users\Diesel\Desktop\adwcleaner_7.0.1.0.exe 2017-08-22 05:02 - 2017-09-02 05:22 - 000000000 ____D C:\FRST 2017-08-22 05:01 - 2017-08-22 05:01 - 002395648 _____ (Farbar) C:\Users\Diesel\Desktop\FRST64.exe 2017-08-18 17:05 - 2017-08-18 17:05 - 006357912 _____ C:\Users\Diesel\Desktop\twitchendscreen.wav 2017-08-16 22:49 - 2017-08-16 22:49 - 000000756 _____ C:\Users\Diesel\Desktop\ePSXe.exe - Verknüpfung.lnk 2017-08-16 21:39 - 2017-08-31 15:01 - 000000000 ____D C:\Users\Diesel\Desktop\Backup Iphone 2017-08-16 01:56 - 2017-08-16 01:56 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Aspyr Media 2017-08-16 01:30 - 2017-08-16 01:31 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\The First Templar 2017-08-15 21:52 - 2017-08-23 00:29 - 000000000 ____D C:\Users\Diesel\Desktop\PS2 Dumping 2017-08-14 23:05 - 2017-08-10 02:22 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll 2017-08-14 23:05 - 2017-08-10 02:22 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll 2017-08-14 22:29 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-08-13 03:19 - 2017-08-13 03:19 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Ubisoft 2017-08-13 03:19 - 2017-08-13 03:19 - 000000000 ____D C:\ProgramData\Ubisoft 2017-08-13 02:18 - 2017-08-13 02:18 - 000001259 _____ C:\Users\Diesel\Desktop\TeamSpeak 3 Client.lnk 2017-08-13 02:18 - 2017-08-13 02:18 - 000001217 _____ C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2017-08-13 01:47 - 2017-08-13 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount and Blade [GOG.com] 2017-08-11 15:25 - 2017-08-11 15:25 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-08-08 20:58 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-08 20:58 - 2017-07-21 15:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-08 20:58 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-08 20:58 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-08 20:58 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-08 20:58 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-08 20:58 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-08 20:58 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2017-08-08 20:58 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2017-08-08 20:58 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-08 20:58 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-08-08 20:58 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-08-08 20:58 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-08 20:58 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-08-08 20:58 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-08-08 20:58 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-08 20:58 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-08-08 20:58 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-08 20:58 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-08-08 20:58 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-08 20:58 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-08-08 20:58 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-08-08 20:58 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-08 20:58 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-08-08 20:58 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-08-08 20:58 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-08 20:58 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-08-08 20:58 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-08 20:58 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-08-08 20:58 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-08 20:58 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-08-08 20:58 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-08-08 20:58 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-08 20:58 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-08-08 20:58 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-08 20:58 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-08 20:58 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-08 20:58 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys 2017-08-08 20:58 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-08-08 20:58 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-08-08 20:58 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-08-08 20:58 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-08-08 20:58 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-08 20:58 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-08 20:58 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-08-08 20:58 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-08-08 20:58 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-08-08 20:58 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-08-05 02:49 - 2016-10-08 23:17 - 003168256 _____ () C:\Users\Diesel\Desktop\DS4Windows.exe 2017-08-04 18:15 - 2017-08-18 17:54 - 000000732 _____ C:\Users\Diesel\Desktop\pcsx2.exe - Verknüpfung.lnk 2017-08-04 17:27 - 2017-08-05 18:51 - 000000000 ___RD C:\Users\Diesel\Desktop\livio usb 2017-08-04 01:54 - 2017-08-04 01:54 - 003101913 _____ (LIGHTNING UK!) C:\Users\Diesel\Downloads\SetupImgBurn_2.5.8.0.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-09-02 05:22 - 2016-12-27 13:58 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\NetSpeedMonitor 2017-09-02 05:01 - 2016-10-21 18:58 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\obs-studio 2017-09-02 03:54 - 2016-10-03 01:48 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-09-01 23:42 - 2014-03-18 12:03 - 001772686 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-01 23:42 - 2014-03-18 11:25 - 000759174 _____ C:\WINDOWS\system32\perfh007.dat 2017-09-01 23:42 - 2014-03-18 11:25 - 000156934 _____ C:\WINDOWS\system32\perfc007.dat 2017-09-01 23:42 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2017-09-01 23:41 - 2015-03-03 19:31 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-01 23:39 - 2017-01-05 07:04 - 000000000 ____D C:\Users\Diesel\AppData\Local\Personify 2017-09-01 23:38 - 2015-01-29 01:16 - 000000000 ____D C:\Program Files (x86)\Steam 2017-09-01 23:36 - 2016-03-09 20:08 - 000000000 __RDO C:\Users\Diesel\OneDrive 2017-09-01 23:36 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-31 14:31 - 2017-03-09 15:02 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Telegram Desktop 2017-08-31 07:39 - 2017-05-30 02:08 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2017-08-31 07:38 - 2015-10-21 17:08 - 000000000 ____D C:\Users\Diesel\.gimp-2.8 2017-08-31 04:52 - 2015-10-21 17:32 - 000000000 ____D C:\Users\Diesel\AppData\Local\gtk-2.0 2017-08-30 23:33 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Registration 2017-08-30 10:32 - 2014-09-04 20:38 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\DVDVideoSoft 2017-08-30 10:32 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2017-08-30 10:05 - 2014-08-26 22:59 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2308537951-1921869107-4181014529-1001 2017-08-29 22:12 - 2014-09-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-29 01:20 - 2017-05-30 02:06 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2017-08-29 00:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2017-08-27 06:53 - 2016-09-06 18:57 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2017-08-27 01:21 - 2016-09-08 01:50 - 000000000 ____D C:\Users\Diesel\AppData\Local\Downloaded Installations 2017-08-26 23:56 - 2017-03-16 23:45 - 000000000 ____D C:\Users\Diesel\Downloads\Telegram Desktop 2017-08-26 23:35 - 2016-10-28 20:22 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\TeamViewer 2017-08-26 23:35 - 2014-11-09 03:29 - 000000000 ____D C:\Users\Diesel\AppData\Local\CrashDumps 2017-08-26 23:23 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2017-08-26 23:20 - 2014-08-26 22:54 - 000000000 ____D C:\Users\Diesel 2017-08-26 23:20 - 2013-08-22 16:44 - 000584272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-26 23:18 - 2016-10-28 20:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-08-26 22:51 - 2013-08-22 17:36 - 000000000 __RSD C:\WINDOWS\Media 2017-08-26 22:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\security 2017-08-26 22:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Help 2017-08-26 22:39 - 2017-06-09 00:05 - 000000000 ____D C:\Users\Diesel\Desktop\WWE Supercard Gimp 2017-08-26 20:56 - 2017-04-26 14:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-26 20:56 - 2014-09-04 18:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-26 04:36 - 2017-05-30 03:59 - 000000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2017-08-26 04:26 - 2017-05-30 02:08 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2017-08-26 00:17 - 2014-08-27 02:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-08-26 00:14 - 2016-09-08 02:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-08-26 00:13 - 2016-09-08 02:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-08-26 00:08 - 2017-05-13 17:05 - 000003814 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:08 - 2016-09-07 17:39 - 000003852 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:08 - 2016-09-07 17:39 - 000001432 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-08-26 00:07 - 2016-12-23 02:38 - 000004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:07 - 2016-10-21 20:52 - 000003554 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:07 - 2016-09-08 02:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-08-26 00:07 - 2016-09-07 17:39 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:07 - 2016-09-07 17:39 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:07 - 2016-09-07 17:39 - 000003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-26 00:07 - 2016-09-07 17:39 - 000003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-25 22:22 - 2015-10-21 16:16 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-23 20:35 - 2016-11-21 18:15 - 000000000 ____D C:\Users\Diesel\AppData\LocalLow\Mozilla 2017-08-23 00:19 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2017-08-22 06:41 - 2014-11-24 19:14 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\Audacity 2017-08-22 02:40 - 2017-05-04 21:46 - 018704744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2017-08-22 02:40 - 2016-11-06 03:10 - 021405440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2017-08-22 02:40 - 2016-11-06 03:10 - 014687256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2017-08-22 02:40 - 2016-11-06 03:10 - 004188872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-08-22 02:40 - 2016-11-06 03:10 - 003692216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-08-22 02:40 - 2016-11-06 03:10 - 000491720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2017-08-22 02:40 - 2016-09-08 02:04 - 000044190 _____ C:\WINDOWS\system32\nvinfo.pb 2017-08-22 01:10 - 2016-09-08 02:04 - 006463424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-08-22 01:10 - 2016-09-08 02:04 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-08-22 00:54 - 2016-09-07 17:39 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-08-19 09:10 - 2016-09-08 02:04 - 008142301 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-08-18 17:54 - 2016-12-09 01:53 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\DS4Windows 2017-08-18 06:37 - 2016-09-08 02:05 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-08-18 06:37 - 2016-09-08 02:05 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-08-18 06:37 - 2016-09-08 02:05 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-08-18 06:37 - 2016-09-07 17:39 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-08-18 06:37 - 2016-09-07 17:39 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-08-18 06:36 - 2017-05-13 17:04 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-08-18 06:36 - 2017-05-13 17:04 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-08-17 18:26 - 2017-04-07 20:43 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-08-16 03:52 - 2017-02-18 18:37 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\vlc 2017-08-16 01:55 - 2016-09-02 17:56 - 000000000 ____D C:\Users\Diesel\AppData\Local\Ubisoft Game Launcher 2017-08-13 04:30 - 2014-11-22 16:43 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\TS3Client 2017-08-13 02:18 - 2014-11-22 16:43 - 000000000 ____D C:\Users\Diesel\AppData\Local\TeamSpeak 3 Client 2017-08-11 15:25 - 2016-07-12 10:44 - 000002214 _____ C:\Users\Diesel\Desktop\Discord.lnk 2017-08-11 15:25 - 2016-07-12 10:44 - 000000000 ____D C:\Users\Diesel\AppData\Local\Discord 2017-08-11 15:25 - 2016-06-18 15:42 - 000000000 ____D C:\Users\Diesel\AppData\Roaming\discord 2017-08-10 23:46 - 2015-08-30 23:46 - 000000000 ____D C:\Users\Diesel\AppData\Local\ElevatedDiagnostics 2017-08-09 22:21 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-09 01:03 - 2014-09-04 21:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-09 01:02 - 2014-09-04 21:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-08 20:55 - 2014-09-04 19:26 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-08-08 20:55 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-08-08 20:55 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-08-05 18:49 - 2017-04-07 21:21 - 000000000 ____D C:\Users\Diesel\Desktop\Minecraft 2017 2017-08-03 21:29 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-08-27 02:46 - 2014-08-27 02:46 - 000000000 _____ () C:\Users\Diesel\AppData\Roaming\gdfw.log 2014-08-27 02:46 - 2014-08-27 02:46 - 000000779 _____ () C:\Users\Diesel\AppData\Roaming\gdscan.log 2016-05-16 11:08 - 2017-03-25 16:14 - 000011264 _____ () C:\Users\Diesel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-27 02:42 - 2014-08-27 02:42 - 000000000 _____ () C:\Users\Diesel\AppData\Local\Driver_LOM_8161Present.flag 2017-08-31 07:23 - 2017-08-31 07:23 - 000024041 _____ () C:\Users\Diesel\AppData\Local\recently-used.xbel 2014-11-12 18:56 - 2017-06-07 02:26 - 000007606 _____ () C:\Users\Diesel\AppData\Local\Resmon.ResmonCfg 2014-08-27 02:35 - 2014-08-27 02:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2016-12-23 02:38 - 2017-01-28 01:00 - 000019727 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-23 02:38 - 2017-01-18 17:27 - 000009230 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Einige Dateien in TEMP: ==================== 2017-03-28 23:34 - 2017-09-01 23:36 - 000619464 _____ () C:\Users\Diesel\AppData\Local\Temp\0Kraken0510DevProps.dll 2017-08-27 06:53 - 2017-08-27 06:53 - 000192512 _____ () C:\Users\Diesel\AppData\Local\Temp\sfamcc00001.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-08-29 21:54 ==================== Ende von FRST.txt ============================ |
02.09.2017, 04:27 | #21 |
| Win 8 / HEUR:Trojan.Script.Generic / irreparabel FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017 durchgeführt von Diesel (02-09-2017 05:22:24) Gestartet von C:\Users\Diesel\Desktop Windows 8.1 (Update) (X64) (2014-08-26 20:54:36) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2308537951-1921869107-4181014529-500 - Administrator - Disabled) Diesel (S-1-5-21-2308537951-1921869107-4181014529-1001 - Administrator - Enabled) => C:\Users\Diesel Gast (S-1-5-21-2308537951-1921869107-4181014529-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1954 Alcatraz (HKLM\...\Steam App 255280) (Version: - Daedalic Entertainment) 3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden 3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios) Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs) Airline Tycoon Deluxe (HKLM\...\Steam App 331920) (Version: - Spellbound AG) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Armello (HKLM\...\Steam App 290340) (Version: - League of Geeks) ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) Assassin's Creed (HKLM\...\Steam App 15100) (Version: - Ubisoft Montreal) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Back to the Future: Ep 1 - It's About Time (HKLM\...\Steam App 31290) (Version: - Telltale Games) Back to the Future: Ep 2 - Get Tannen! (HKLM\...\Steam App 94500) (Version: - Telltale Games) Back to the Future: Ep 3 - Citizen Brown (HKLM\...\Steam App 94510) (Version: - Telltale Games) Back to the Future: Ep 4 - Double Visions (HKLM\...\Steam App 94520) (Version: - Telltale Games) Back to the Future: Ep 5 - OUTATIME (HKLM\...\Steam App 94530) (Version: - Telltale Games) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Caravan (HKLM\...\Steam App 352890) (Version: - it Matters Games) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) Champions of Anteria (HKLM\...\Steam App 374520) (Version: - Blue Byte) Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.) Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - ) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd) DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc) Darkest Dungeon (HKLM\...\Steam App 262060) (Version: - Red Hook Studios) Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.) Dead Rising 4 (HKLM\...\Steam App 543460) (Version: - Capcom Game Studio Vancouver, Inc.) Deceit (HKLM\...\Steam App 466240) (Version: - Automaton) Delicious - Emily's Hopes and Fears (HKLM\...\Steam App 550400) (Version: - Blue Giraffe) Der Pate® Das Spiel (HKLM-x32\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - ) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts) Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts) Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts) Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts) Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts) Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts) Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.625.10 - Electronic Arts Inc.) Discord (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version: - Larian Studios) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Eador - Genesis (HKLM-x32\...\1207659147_is1) (Version: 2.1.0.10 - GOG.com) EVGA Precision XOC (HKLM-x32\...\{800E4A8D-FD33-406F-B2E5-14C0EAF6D862}) (Version: 6.1.15 - EVGA Corporation) Evil Genius (HKLM\...\Steam App 3720) (Version: - Elixir Studios) Fahrenheit: Indigo Prophecy Remastered (HKLM\...\Steam App 312840) (Version: - Aspyr) Fallout Shelter (HKLM\...\Steam App 588430) (Version: - Bethesda Game Studios) Fantasy General (HKLM-x32\...\1430136345_is1) (Version: 2.0.0.3 - GOG.com) foobar2000 v1.3.16 (HKLM-x32\...\foobar2000) (Version: 1.3.16 - Peter Pawlowski) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd) Free Video Editor (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.53.831 - Digital Wave Ltd) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.10.511 - Digital Wave Ltd) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.16.525 - Digital Wave Ltd) Friday the 13th: The Game (HKLM\...\Steam App 438740) (Version: - IllFonic) Frisky Business (HKLM\...\Steam App 588240) (Version: - K Bros Games) Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark) Game of Thrones - A Telltale Games Series (HKLM\...\Steam App 330840) (Version: - Telltale Games) Geeks3D FurMark 1.18.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies) Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) GOG.com Airline Tycoon Deluxe (HKLM\...\{d39698f1-1e15-4eba-8a7e-4b99ffb8f1cb}.sdb) (Version: - ) GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version: - Defiant Development) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heritage of Kings - The Settlers (HKLM-x32\...\1207658793_is1) (Version: 2.2.0.8 - GOG.com) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) House Party (HKLM\...\Steam App 611790) (Version: - Eek! Games, LLC) INSIDE (HKLM-x32\...\1916896012_is1) (Version: 10 - GOG.com) Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{4F4D1244-12E7-4D6C-803D-3B16C13E8912}) (Version: 4.2.41.2633 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.) Jade Empire: Special Edition (HKLM\...\Steam App 7110) (Version: - BioWare Corporation) Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Jotun (HKLM\...\Steam App 323580) (Version: - Thunder Lotus Games) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Killer Drivers (HKLM\...\{2D4C0206-11EE-4218-B347-BBAE6195BF7D}) (Version: 1.0.1028 - Rivet Networks) King's Bounty: Dark Side (HKLM\...\Steam App 289520) (Version: - 1C-SoftClub) King's Bounty: Warriors of the North (HKLM\...\Steam App 203350) (Version: - 1C-SoftClub) Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software) League of Legends (HKLM-x32\...\{7C6B1560-A8B1-4AED-BF77-A43713C7726D}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve) Life is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Little King's Story (HKLM-x32\...\1460733072_is1) (Version: 2.4.0.6 - GOG.com) Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.16.1 - GOG.com) Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.16.1 - GOG.com) Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.16.1 - GOG.com) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.90 (HKLM\...\Logitech Gaming Software) (Version: 8.90.117 - Logitech Inc.) Lucius (HKLM-x32\...\1207659128_is1) (Version: 2.1.0.9 - GOG.com) MAGIX Speed burnR (HKLM\...\{4E5B902F-D917-4AB9-BDFD-C1E0C8D75C46}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{4E5B902F-D917-4AB9-BDFD-C1E0C8D75C46}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Video deluxe (HKLM\...\{7874960A-3F7A-4A03-A49A-8BD4CE4E4B6F}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden MAGIX Video deluxe (HKLM\...\MX.{7874960A-3F7A-4A03-A49A-8BD4CE4E4B6F}) (Version: 16.0.1.22 - MAGIX Software GmbH) Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes) MediaJoin (HKLM-x32\...\{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}) (Version: 2.0 - Mystik Media) Hidden MediaJoin (HKLM-x32\...\MediaJoin) (Version: - Mystik Media) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mount and Blade - With Fire and Sword (HKLM-x32\...\1207666903_is1) (Version: 2.1.0.6 - GOG.com) Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com) Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.032 (1.172) - GOG.com) Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla) MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation) NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.41 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenCL™ runtime for Intel® Core™ and Xeon® Processors (HKLM\...\{1F6CF248-9A18-4740-BD09-281DBC8A2051}) (Version: 6.4.0.25 - Intel Corporation) Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios) Overlord with Rising Hell (HKLM-x32\...\1207659207_is1) (Version: 2.1.0.13 - GOG.com) Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.8.8 - Personify, Inc.) PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.) Police Quest - SWAT (HKLM-x32\...\1207661473_is1) (Version: 2.1.0.49 - GOG.com) Police Quest - SWAT 2 (HKLM-x32\...\1207661483_is1) (Version: 2.1.0.49 - GOG.com) Populous - The Beginning (HKLM-x32\...\1207659027_is1) (Version: 2.1.0.5 - GOG.com) Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Rayman Forever (HKLM-x32\...\1207658919_is1) (Version: 2.1.0.18 - GOG.com) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.14.7 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games) Rise of the Argonauts (HKLM\...\Steam App 12770) (Version: - Liquid Entertainment) RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder) Robin Hood - The Legend of Sherwood (HKLM-x32\...\1207659008_is1) (Version: 2.1.0.15 - GOG.com) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics) Sang Froid - Tales of Werewolves (HKLM-x32\...\1207660203_is1) (Version: 2.1.0.7 - GOG.com) Screen Antics 2.1 (HKLM-x32\...\Screen Antics) (Version: 2.1 - Jaap van Wingerden) Settlers 2 GOLD (HKLM-x32\...\1207658786_is1) (Version: 2.1.0.17 - GOG.com) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Sonicomi (HKLM\...\Steam App 444140) (Version: - Nitroplus) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.) Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.82216 - TeamViewer) Telegram Desktop version 1.1.19 (HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.1.19 - Telegram Messenger LLP) The Curious Expedition (HKLM\...\Steam App 358130) (Version: - Maschinen-Mensch) The First Templar (HKLM\...\Steam App 57680) (Version: - Haemimont Games) The Flame in the Flood (HKLM\...\Steam App 318600) (Version: - The Molasses Flood) The Raven - Legacy of a Master Thief (HKLM\...\Steam App 233370) (Version: - KING Art) The Settlers - Rise of an Empire - Gold Edition (HKLM-x32\...\1438268682_is1) (Version: 2.1.0.5 - GOG.com) The Settlers 3 - Ultimate Collection (HKLM-x32\...\1207659185_is1) (Version: 2.1.0.22 - GOG.com) The Settlers IV GOLD (HKLM-x32\...\1207659254_is1) (Version: 2.1.0.6 - GOG.com) Tom Clancy's Ghost Recon® Wildlands (HKLM\...\Steam App 460930) (Version: - Ubisoft Paris) Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games) Total War: ATTILA - Assembly Kit BETA (HKLM-x32\...\Steam App 343660) (Version: - ) Total War: ATTILA (HKLM\...\Steam App 325610) (Version: - Creative Assembly) Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly) Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Town of Salem (HKLM-x32\...\Steam App 334230) (Version: - BlankMediaGames) TruckersMP 0.2.1.0.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.0.1 Alpha - ETS2MP Team) Trust GXT Gaming Headset (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - ) Trust GXT Gaming Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 2.0.01.13 - Trust) Twitch Leecher 1.3.1 (HKLM\...\{B951A5DD-DA49-4C4B-838C-662D1B054E91}) (Version: 1.3.1.0 - Fake Smile Revolution) Hidden Twitch Leecher 1.3.1 (HKLM-x32\...\{43b31a6e-b33b-49de-9fde-bc75cf9c1973}) (Version: 1.3.1.0 - Fake Smile Revolution) UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) War for the Overworld (HKLM\...\Steam App 230190) (Version: - Brightrock Games) WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{B5D298A9-C55D-47F7-B608-C5BEFACCE32F}) (Version: 2.4.15.1 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden White Noise 2 (HKLM\...\Steam App 503350) (Version: - Milkstone Studios) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-13] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-13] (AO Kaspersky Lab) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-13] (AO Kaspersky Lab) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-13] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01CE7E12-4661-4F30-BC4F-6B35396268EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-09] (Microsoft Corporation) Task: {09182569-FF8F-4353-A30D-7BCD193D28FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated) Task: {0EEECA92-CFA2-4CBE-8A83-AEBD4D919249} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {2C8C2C37-5897-496D-AAA8-4774FB13E963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-21] (Google Inc.) Task: {321F092C-23A0-45D0-9BA0-F6F6CD6E3A41} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {433A1AB2-5BA8-4B52-BD65-5DFBD4C83BF7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation) Task: {4E1D8D1E-5C7C-4AA9-A96B-252F09CB8E89} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {550705BC-65D2-4900-8E20-83672B357D7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {72F795C3-E68B-472A-829C-7A371BE66F60} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation) Task: {7E3DE3EB-A15A-49D5-AF38-B751D9502058} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {8465F5D8-A844-475A-85C0-F026FD0EDD83} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {9AE9F72D-B22A-41B4-A713-049CF3EF32CE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation) Task: {B34128A5-9E09-4605-89C7-AD97E0C2DE69} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.) Task: {B4446819-DCD1-45DB-B389-1F70DEFA603F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {DD09E128-99DB-4DFA-96D6-A1AE7FAAABE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-21] (Google Inc.) Task: {ECC95E03-D6F5-4439-B9EB-8953DBF81C7E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Diesel\Desktop\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg ShortcutWithArgument: C:\Users\Diesel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-01-13 14:56 - 2017-01-13 14:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 14:56 - 2017-01-13 14:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-09-08 02:40 - 2017-08-18 06:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-25 00:20 - 2016-09-25 00:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-08-30 08:57 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2016-12-20 01:59 - 2016-12-20 01:59 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2016-12-20 01:59 - 2016-12-20 01:59 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-24 19:11 - 2016-08-24 17:53 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2017-03-28 23:34 - 2017-09-01 23:36 - 000619464 _____ () C:\Users\Diesel\AppData\Local\Temp\0Kraken0510DevProps.dll 2014-08-27 02:28 - 2013-09-03 16:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-09-08 02:40 - 2017-08-18 06:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Diesel:Heroes & Generals [38] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme2\img8.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\StartupFolder: => "Registration .LNK" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-2308537951-1921869107-4181014529-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A5EEB4F5-60F6-41C4-93E0-0A402AD8F464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C2625C16-68CF-48FF-A336-108D1464246F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E1C233C8-5736-436F-8DA7-48106F313624}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7B03E079-2A06-46F0-AEDA-CAE9BF35E97A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6CE58037-78CD-42BE-BBB7-0260E13C97E5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{945C07AE-EA55-4388-9A8C-966269AF8952}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{AF3D4378-9A2A-41C0-98BD-1F016AB3A2CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{01C791F2-12AA-4DEA-8CCE-6924EFCCBBFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe FirewallRules: [{F46522DF-2E2B-4FBA-BB21-E54EECC4E9FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{ED135D71-037D-456E-B1D6-2E019269843E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4CF41F94-7434-43C7-944F-AA26A28F74E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{039C4BB7-D518-45FE-9933-25A5C44C6F57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{5205CA98-6317-40A4-B7FD-1FBEE4DA6D31}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe FirewallRules: [{554BF86A-1FC3-4F57-BFE6-BC5490CF6D70}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe FirewallRules: [{E34038B8-F9BC-44F2-96CB-9A8077BD2843}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe FirewallRules: [{649278C5-09B2-4DCB-B440-658F6F2C4616}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe FirewallRules: [{56C2D115-7827-42FF-97ED-E504E084D2CE}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe FirewallRules: [{5EEE61EC-A183-4FB9-A6E5-B8C6997639AF}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe FirewallRules: [{F4CB4F5D-4AC4-43CA-8104-C242340359CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2E7804AD-A754-4145-B69D-A5F44AF40DE4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6732F700-6867-4C73-B31C-BD760EB0FB81}] => (Allow) LPort=2869 FirewallRules: [{E455FFA5-F630-4FFC-B66A-32DFA91634E0}] => (Allow) LPort=1900 FirewallRules: [{44FF59EC-DC28-49EF-B914-E8696A07AD3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [{E088BB22-D207-449E-B6A2-E33D1CF5A592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [{45352A06-1760-4F6C-AC9C-220A63850F02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F0EF624B-F9DE-428B-A7DC-0EE2D255C4AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{712CC379-79F3-48D2-B5ED-328D65AAF48A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9061F7DA-5A7C-43B3-9DF5-D1A890269628}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{8C4C5A27-96AD-440C-8210-5DA1C11ABF39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C5B4039D-1E4B-49F1-95CE-BA54CFA00D6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{152C6EDF-5E6E-4071-ABA4-95BF073C495C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{29D20AD8-52AE-4F66-BE5C-B2F49596ECFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{21E2DCD8-7EF8-42E2-8694-E8AF9DB17DDD}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{950FFE9A-E228-4E24-A425-9AC9DA15CFA2}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{0277E18A-B8C7-450D-B4F0-14B1D4DD6706}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{53DC9A56-6191-4F68-B829-C75197F4DEC2}] => (Allow) D:\Steam2\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{CA3F76DE-981E-4F78-9343-7191D7EC90E2}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{551ACF2A-520F-4EF0-9D24-46B0679143D0}] => (Allow) D:\Ghost Recon Wildlands Beta\GRW.exe FirewallRules: [{C463E785-F158-4E9E-A66B-5178EBEE8C98}] => (Allow) D:\Steam2\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{83155E0D-5C67-4B41-8BB9-1F6391AD91D1}] => (Allow) D:\Steam2\steamapps\common\Total War Attila\launcher\launcher.exe FirewallRules: [{DF885171-06D5-4421-921B-384A8D7F5FE9}] => (Allow) D:\Tom Clancy's The Division\TheDivision.exe FirewallRules: [{1EA516B4-E7FD-4D95-86FF-6B83826BB47D}] => (Allow) D:\Steam2\steamapps\common\King's Bounty - Warriors of the North\KBWotN.exe FirewallRules: [{5D21244A-F80A-4243-9433-65A8E2CC65C1}] => (Allow) D:\Steam2\steamapps\common\King's Bounty - Warriors of the North\KBWotN.exe FirewallRules: [{47700A83-AFD5-43C4-A155-DB9D1735E1AF}] => (Allow) D:\Steam2\steamapps\common\Darkside\KBDarkside.exe FirewallRules: [{E2F2A528-757D-42EA-B70C-A0AFE8C1899C}] => (Allow) D:\Steam2\steamapps\common\Darkside\KBDarkside.exe FirewallRules: [{87B64C62-1552-434B-A30B-2E44E4E35716}] => (Allow) D:\Steam2\steamapps\common\Sonicomi\Sonicomi_Steam.exe FirewallRules: [{B1B9EDAD-B124-4F64-B50B-E425B9A2184C}] => (Allow) D:\Steam2\steamapps\common\Sonicomi\Sonicomi_Steam.exe FirewallRules: [{6B07F933-5F72-4D27-A4B9-40A6DBB36407}] => (Allow) D:\Steam2\steamapps\common\War For The Overworld\WFTO.exe FirewallRules: [{4E55C9C4-706D-4D1A-96CA-25573ECF1F26}] => (Allow) D:\Steam2\steamapps\common\War For The Overworld\WFTO.exe FirewallRules: [{AA4B6341-2640-4812-83EF-CD1973506FD1}] => (Allow) D:\Steam2\steamapps\common\Airline Tycoon Deluxe\At.exe FirewallRules: [{E88326F8-CF5A-4398-BB92-5272090205D2}] => (Allow) D:\Steam2\steamapps\common\Airline Tycoon Deluxe\At.exe FirewallRules: [{855F032B-DCF8-4E99-B199-2319C13F342A}] => (Allow) D:\Steam2\steamapps\common\Wildlands\GRW.exe FirewallRules: [{DE35AC37-AF0B-4AC8-BCE9-A6A739E8AA06}] => (Allow) D:\Steam2\steamapps\common\Wildlands\GRW.exe FirewallRules: [{E1694859-2806-487D-A293-791EB1C1436D}] => (Allow) D:\Steam2\steamapps\common\DeadRising4\deadrising4.exe FirewallRules: [{595AE796-4E89-4C97-819E-73654CCC7D68}] => (Allow) D:\Steam2\steamapps\common\DeadRising4\deadrising4.exe FirewallRules: [{9C2FD0DF-2DD7-4A8C-B34F-8381797DD5E6}] => (Allow) D:\Steam2\steamapps\common\Frisky Business\FriskyBusiness.exe FirewallRules: [{F9589075-BDE7-4C21-BF04-CD4D84240FDF}] => (Allow) D:\Steam2\steamapps\common\Frisky Business\FriskyBusiness.exe FirewallRules: [{CA91000C-8E39-47B3-92FA-17D9C1CC0D62}] => (Allow) D:\Steam2\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{883787A5-880D-4CCF-893F-B33B97357C8A}] => (Allow) D:\Steam2\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{1682A977-5E03-401F-A950-42A60CC5D695}] => (Allow) D:\Steam2\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{01480F2C-B59E-4E95-B37F-600D7F6E33E1}] => (Allow) D:\Steam2\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{3EDBC620-A5FF-4E98-9C9B-CAEC423AD64A}] => (Allow) D:\Steam2\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{13A6539F-C0AA-4F50-BDF2-F7555C0EB515}] => (Allow) D:\Steam2\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{9784B51B-A93D-433C-A4FB-740CA3A10730}] => (Allow) D:\Steam2\steamapps\common\White Noise 2\WhiteNoise2.exe FirewallRules: [{4DA9C119-DAFD-4CCF-B068-036EF931F20E}] => (Allow) D:\Steam2\steamapps\common\White Noise 2\WhiteNoise2.exe FirewallRules: [{8412033E-A133-493E-B4FB-5518F94B28F0}] => (Allow) D:\Steam2\steamapps\common\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe FirewallRules: [{084ECC6D-145F-4ECD-A1CB-DD2CDA4C1D2D}] => (Allow) D:\Steam2\steamapps\common\Rise of the Argonauts\Binaries\RiseOfTheArgonauts.exe FirewallRules: [{C756A354-7362-4184-AC4A-B437FBD95C36}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Overlord2.exe FirewallRules: [{7C636354-5F3C-44CD-AA68-5459AF6970BB}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Overlord2.exe FirewallRules: [{D3AABD39-B4A9-4EDB-8D50-324D4E90F134}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Config.exe FirewallRules: [{BF0D9341-C896-4103-929D-83B7DB99F5A8}] => (Allow) D:\Steam2\steamapps\common\Overlord II\Config.exe FirewallRules: [{8005BE0F-A732-4249-BE95-354FA5F72A0B}] => (Allow) D:\Steam2\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{898CE406-350C-459F-863C-637FF1EB24E9}] => (Allow) D:\Steam2\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{FA207A85-EE54-44F2-9CA5-E06C41D641B7}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [{65D306E0-1245-4677-9840-700076DB6C8F}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [{547BBE85-DEFB-46BC-821A-24215F474E37}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\aomx.exe FirewallRules: [{82FB87D4-63C8-49EF-98AE-A96E38119236}] => (Allow) D:\Steam2\steamapps\common\Age of Mythology\aomx.exe FirewallRules: [{102EDF7E-04AB-4188-B946-47A2725A56DF}] => (Allow) D:\Steam2\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{BABDB6BA-5E25-4D6E-8E43-41BB676E9ABB}] => (Allow) D:\Steam2\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{6F89630F-FA86-40E8-9476-34838CCB0226}] => (Allow) D:\Steam2\steamapps\common\The Curious Expedition\electron.exe FirewallRules: [{DFC4DAE1-49C0-406E-8B82-14D9CF22DD90}] => (Allow) D:\Steam2\steamapps\common\The Curious Expedition\electron.exe FirewallRules: [{7C65413A-15FC-4D0F-8508-D62124E475AE}] => (Allow) D:\Steam2\steamapps\common\Ghost Master\ghost.exe FirewallRules: [{809FFB13-FF64-49FF-B36C-9DDFC7CCBE8E}] => (Allow) D:\Steam2\steamapps\common\Ghost Master\ghost.exe FirewallRules: [{3ECA0FD4-C696-465F-A87B-1957C48DC9B6}] => (Allow) D:\Steam2\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{CF8A978E-FBBA-4D13-A6D7-6A8F264A5246}] => (Allow) D:\Steam2\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{80605A4B-9B1C-4501-A272-785831D0102D}] => (Allow) D:\Steam2\steamapps\common\Reus\Reus.exe FirewallRules: [{6EA2063E-E471-47E1-97DC-76E4AEA04AE6}] => (Allow) D:\Steam2\steamapps\common\Reus\Reus.exe FirewallRules: [{B198646C-629F-4406-89B2-7D6865C51ABA}] => (Allow) D:\Steam2\steamapps\common\Caravan\Caravan.exe FirewallRules: [{9C434015-5929-40B7-99FB-A802EED84696}] => (Allow) D:\Steam2\steamapps\common\Caravan\Caravan.exe FirewallRules: [{ABD50B3A-E060-4135-A6F4-FF4EC2540BF1}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{FBBF94F2-7A68-45BD-A2EE-70221C777787}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{B66758BA-E25E-48B8-B86C-31F9C1DD9E3A}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{EBAE679B-AB96-4F0E-9254-A1191EE2E391}] => (Allow) D:\Steam2\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{693C788B-FEE7-4ED0-889D-FFB8A9AD4085}] => (Allow) D:\Steam2\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe FirewallRules: [{490E0A4F-932E-4379-8C1C-F4F98D6F3D1A}] => (Allow) D:\Steam2\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe FirewallRules: [{239CE3AC-1875-4B3C-AE53-33211D13ECF3}] => (Allow) D:\Steam2\steamapps\common\F13Game\EAC_Launcher.exe FirewallRules: [{92CFC256-E1CF-4D45-8688-4578C32FB93C}] => (Allow) D:\Steam2\steamapps\common\F13Game\EAC_Launcher.exe FirewallRules: [TCP Query User{965D9836-186B-4095-B85A-F2B99AD15D0F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{CE010C18-7F4B-4D51-A7DA-1652B2799448}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{383DFF6A-A1E8-4A4F-A134-BFE3019A86A4}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{CBF53A96-F17E-409C-BB99-60588D24DE88}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{830B129F-2EB3-4A92-9853-6ED742C25002}] => (Allow) D:\Steam2\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{612B8A72-7F54-44A9-A0EC-FCF0B4A905FB}] => (Allow) D:\Steam2\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{9F7AD324-EBB1-44A7-9542-655416B9B394}] => (Allow) D:\Steam2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe FirewallRules: [{B54DDCF7-31BF-409E-9D9B-94AD8C9736DB}] => (Allow) D:\Steam2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe FirewallRules: [{1DAA4E42-F831-408B-A8BB-9F4D7435BFAD}] => (Allow) D:\Steam2\steamapps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{5D5C7736-39F8-44D8-A5F0-7F326DE7B4F6}] => (Allow) D:\Steam2\steamapps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{20124520-3DD8-457B-A767-28F5A571716F}] => (Allow) D:\Steam2\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{465D41EB-DFB5-4A6A-BF24-8CF67B84C014}] => (Allow) D:\Steam2\steamapps\common\Stardew Valley\Stardew Valley.exe FirewallRules: [{0113DC81-7917-4EE9-B392-D94C7DAE036A}] => (Allow) D:\Steam2\steamapps\common\The Raven\launcher\TheRavenLauncher.exe FirewallRules: [{67CCAF22-EC60-418C-8651-BE65FA8A4CF0}] => (Allow) D:\Steam2\steamapps\common\The Raven\launcher\TheRavenLauncher.exe FirewallRules: [{16F75B44-0890-4971-8437-EDEA2E9F3DB9}] => (Allow) D:\Steam2\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{783D86B0-84C9-4A96-A880-F385DB6E4D83}] => (Allow) D:\Steam2\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{784CD2F0-ED27-42F8-B7EA-23BB3F0C9633}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireLauncher.exe FirewallRules: [{331BAF41-5C27-4BA7-918F-E3CC17E6138C}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireLauncher.exe FirewallRules: [{A3F53357-AB2F-42F6-944F-FDC68FAC271D}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireConfig.exe FirewallRules: [{71C4572C-44FF-4BA2-9E00-722A7A98EB07}] => (Allow) D:\Steam2\steamapps\common\Jade Empire\JadeEmpireConfig.exe FirewallRules: [{2E18E6AC-92A8-42A4-AC03-D424B04473C9}] => (Allow) D:\Steam2\steamapps\common\Game of Thrones\Thrones.exe FirewallRules: [{19E7C5B3-DA78-45DF-8EEE-DCC527EA451A}] => (Allow) D:\Steam2\steamapps\common\Game of Thrones\Thrones.exe FirewallRules: [{0C925373-AD32-4FA7-AD66-5DB028B85A22}] => (Allow) D:\Steam2\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{BC3375A8-4128-4F6C-9AE0-8B566D5B23DD}] => (Allow) D:\Steam2\steamapps\common\FlameInTheFlood\RiverGame.exe FirewallRules: [{17C85482-78FE-4B06-8384-20BAE10356A0}] => (Allow) D:\Steam2\steamapps\common\The First Templar\TFT.exe FirewallRules: [{AAE9CCA0-BBF7-4447-9710-E743F1969B5C}] => (Allow) D:\Steam2\steamapps\common\The First Templar\TFT.exe FirewallRules: [{51F0B15C-C26F-443B-9F4A-64D01FA6DDE8}] => (Allow) D:\Steam2\steamapps\common\Kelvin\Fahrenheit.exe FirewallRules: [{E0D4BC8F-3DC9-4B22-8EA6-8721E9BA6B0F}] => (Allow) D:\Steam2\steamapps\common\Kelvin\Fahrenheit.exe FirewallRules: [{9D43E34D-D67B-4887-AA09-B8BD44B2361E}] => (Allow) D:\Steam2\steamapps\common\Evil Genius\EvilGeniusLauncher.exe FirewallRules: [{006392FA-084A-46DA-8659-E3D804B6BC17}] => (Allow) D:\Steam2\steamapps\common\Evil Genius\EvilGeniusLauncher.exe FirewallRules: [{7C2626DE-1564-49B2-9B63-773BA988C439}] => (Allow) D:\Steam2\steamapps\common\Delicious - Emily's Hopes and Fears\Delicious12.exe FirewallRules: [{82DD1253-E882-4934-97BF-47DDF8F96724}] => (Allow) D:\Steam2\steamapps\common\Delicious - Emily's Hopes and Fears\Delicious12.exe FirewallRules: [{16C8B409-9102-4FB4-AE9A-31A48E0C7A08}] => (Allow) D:\Steam2\steamapps\common\Champions of Anteria\CoA.exe FirewallRules: [{EDF510B6-AEF0-4115-98A2-4CE04DD11706}] => (Allow) D:\Steam2\steamapps\common\Champions of Anteria\CoA.exe FirewallRules: [{D9E78633-E5E8-4FBD-B7E5-D004C2FDD6B7}] => (Allow) D:\Steam2\steamapps\common\1954 Alcatraz\Alcatraz.exe FirewallRules: [{A3E6DA37-B482-4D11-A273-56CF36473117}] => (Allow) D:\Steam2\steamapps\common\1954 Alcatraz\Alcatraz.exe FirewallRules: [{B73688ED-28BC-4279-97D9-1EBBB570BB28}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{A454ACC5-F685-4A60-A89C-D2C28F5DC317}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{1DA5B0A6-AC69-43C5-B7BB-D004D0A89A9E}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{89A07A1D-E66C-46B5-9E29-9B9787F86D08}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{94D0997F-6047-46A8-B4DF-34342664E243}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{8B51DD3B-F45C-4247-BE47-64F60D33370F}] => (Allow) D:\Steam2\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{E1392DE2-5CE7-4590-B3AA-902C98FC4078}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{735CA91E-3E0B-4D56-9146-22530595EE32}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{95858E7D-DBDC-4DC6-86F1-D8344C5D9FF9}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{A3A9E381-9149-4A3E-BB92-B841DBEE2BA2}] => (Allow) D:\Steam2\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{40981343-1B94-47A7-A58E-CCBD6BFB6F6D}] => (Allow) D:\Steam2\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe FirewallRules: [{3E0482D9-37D4-4162-A3AB-7C659A125AA5}] => (Allow) D:\Steam2\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe FirewallRules: [{D99F0F6F-E040-410C-AA9A-50BD03032F31}] => (Allow) D:\Steam2\steamapps\common\Armello\armello.exe FirewallRules: [{32428085-A728-4B23-BA60-CBEF44F8BFBD}] => (Allow) D:\Steam2\steamapps\common\Armello\armello.exe FirewallRules: [{52CA8593-F3B0-4B0E-A2F7-DB0BDA4BE93A}] => (Allow) D:\Steam2\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{976D618F-2C8F-4DE0-BE94-A6E1B4FDB158}] => (Allow) D:\Steam2\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{AC4BAB6C-44DB-46DB-BF43-7D538D1A3C4D}] => (Allow) D:\Steam2\steamapps\common\House Party\HouseParty.exe FirewallRules: [{0ABD81B0-FDC6-49FE-B89F-1679D6219B0F}] => (Allow) D:\Steam2\steamapps\common\House Party\HouseParty.exe FirewallRules: [{EBC5DA06-6851-40C2-B7AF-5888B0FC8CAF}] => (Allow) C:\Program Files\MAGIX\Video deluxe\2017\Videodeluxe.exe FirewallRules: [{9BD88CFD-1572-49FA-9FFB-42FF55441E80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{ABE3472A-F58D-41DF-95BA-0BC242184BCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{138E03C8-43F8-4C05-ABB2-81B572AEC666}] => (Allow) D:\Steam2\steamapps\common\Jotun\Jotun.exe FirewallRules: [{52E12D29-0150-4101-8AD7-48BF7C30E800}] => (Allow) D:\Steam2\steamapps\common\Jotun\Jotun.exe FirewallRules: [{27302D38-3F38-4542-87E0-F50CD1C4060B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{6E0DBB1B-E8C8-4804-89CE-3650B92FD46B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{81169AC4-2DE1-456B-BBAA-B56CF423FFA5}] => (Allow) D:\Steam2\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{BAD59EAB-8B18-4934-9C96-C24B86447FDB}] => (Allow) D:\Steam2\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{44D70206-F0D5-483F-A81F-509734F3B0E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{E2658AFC-BDE6-4785-B65B-573658453256}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9F87CAA9-245C-43EE-81D0-0F7215336556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C0129459-A8F6-427B-81CC-7DD4219A6050}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7D4E586E-1B05-4862-8742-5D37E94E0BAD}] => (Allow) D:\Steam2\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{443E6478-64B2-4323-AEA2-6DD9C44AC1D9}] => (Allow) D:\Steam2\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{A9083CF1-CF2D-4657-96C3-6D7BB9E76EA9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F94B2721-1056-42AB-9791-2B4DF5ADB084}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{8540B06D-BFB1-4FAC-9729-37E28509DC8A}] => (Allow) D:\Steam2\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{817F6853-1223-4D09-8ADD-3AB5605450BF}] => (Allow) D:\Steam2\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{36796049-89A5-4913-9EC4-381AD58BD34A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2BE389CF-C377-4FAE-BD77-FF7E3EF39732}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{585DEEB9-DF12-4661-8C2C-FD98A1DB055D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DB922965-3F88-4D2E-890D-591F1D54C134}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{76AA634D-7C66-4887-B9EE-8252508205D0}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe FirewallRules: [UDP Query User{159FA1FD-80E9-49BC-B4E5-43D25E767E60}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe FirewallRules: [{335F98F9-DD24-4584-B6B8-1439E0060BB4}] => (Block) C:\program files\core temp\core temp.exe FirewallRules: [{66D777AF-73CD-46A4-9722-D9A9E43BACCE}] => (Block) C:\program files\core temp\core temp.exe FirewallRules: [TCP Query User{5A71BDAD-5D57-4D3D-A4E4-5B6B9DD563CA}C:\users\diesel\appdata\local\discord\app-0.0.298\discord.exe] => (Block) C:\users\diesel\appdata\local\discord\app-0.0.298\discord.exe FirewallRules: [UDP Query User{50EE21EF-13E3-4C94-A97E-79CFD1D42C9C}C:\users\diesel\appdata\local\discord\app-0.0.298\discord.exe] => (Block) C:\users\diesel\appdata\local\discord\app-0.0.298\discord.exe ==================== Wiederherstellungspunkte ========================= 26-08-2017 04:26:17 Installed EVGA Precision XOC. 26-08-2017 23:12:42 Auslogics Regisry Defrag - before defragmentation 27-08-2017 01:23:10 JRT Pre-Junkware Removal 27-08-2017 01:29:08 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/02/2017 12:18:50 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "F:\WD Backup.swstor\Diesel\Backup 31.08.2017\Backup\Andrea Verbatim\Michael\Jackooty\PC Daten\01 Internet Treiber\SoftonicDownloader_fuer_sisoft-sandra.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Error: (09/01/2017 11:36:04 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CISCTPnpDriverApi::CreateInstance *****Unable to open the ISCT device driver Error: (08/31/2017 06:00:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/31/2017 06:00:03 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. Error: (08/31/2017 06:00:03 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (08/31/2017 06:00:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/31/2017 06:00:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/31/2017 06:00:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/31/2017 04:06:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/31/2017 04:06:40 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. Systemfehler: ============= Error: (08/31/2017 07:13:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/31/2017 07:13:03 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diesel\AppData\Local\Temp\ehdrv.sys Error: (08/31/2017 07:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/31/2017 07:13:02 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diesel\AppData\Local\Temp\ehdrv.sys Error: (08/31/2017 07:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/31/2017 07:13:02 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diesel\AppData\Local\Temp\ehdrv.sys Error: (08/30/2017 05:33:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/30/2017 05:33:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diesel\AppData\Local\Temp\ehdrv.sys Error: (08/30/2017 05:33:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/30/2017 05:33:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diesel\AppData\Local\Temp\ehdrv.sys ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz Prozentuale Nutzung des RAM: 24% Installierter physikalischer RAM: 16314.55 MB Verfügbarer physikalischer RAM: 12292.42 MB Summe virtueller Speicher: 20426.55 MB Verfügbarer virtueller Speicher: 16425.73 MB ==================== Laufwerke ================================ Drive b: (Backup Baby) (Fixed) (Total:5588.9 GB) (Free:2808.76 GB) NTFS Drive c: () (Fixed) (Total:232.79 GB) (Free:60.74 GB) NTFS Drive d: (Volume) (Fixed) (Total:2794.39 GB) (Free:268.19 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 208F0848) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 5589 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ |
02.09.2017, 13:00 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win 8 / HEUR:Trojan.Script.Generic / irreparabel Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Win 8 / HEUR:Trojan.Script.Generic / irreparabel |
.dll, administrator, defender, dll, explorer, firefox, flash player, geforce, google, heur, mozilla, node.js, nvcontainer, nvidia, programm, prozesse, realtek, rundll, scan, security, services.exe, software, svchost.exe, system, teamspeak, windows, winlogon.exe |