Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 10 64bit : Verdacht auf Maleware

Windows 10 64bit : Verdacht auf Maleware


Log-Analyse und Auswertung: Windows 10 64bit : Verdacht auf Maleware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 25.09.2017, 01:21   #16
burningice
/// Malwareteam
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Schritt: 1
Bitte Anleitung korrekt lesen und Malwarebytes auf Version 3 upgraden, indem du die alte Version deinstallierst und dann die neue Version verwendest. Dann einen neuen Scan ausführen.

Schritt: 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 26.09.2017, 15:28   #17
Hoshi82
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Neue Version von MBAM hat nichts gefunden, deswegen denke ich den Log kann ich weglassen?

ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# end=init
# utc_time=2017-09-25 02:09:09
# local_time=2017-09-25 04:09:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 34853
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# end=updated
# utc_time=2017-09-25 02:14:47
# local_time=2017-09-25 04:14:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# engine=34853
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-09-25 02:28:38
# local_time=2017-09-25 04:28:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 83125 16482714 0 0
# scanned=71910
# found=14
# cleaned=0
# scan_time=830
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\0REZPKA8BK\0REZPKA8B.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\2J4S1XCBYH\2J4S1XCBY.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\3K1EP8FZTW\3K1EP8FZT.exe"
sh=A1FDDCFE8E172D1B38D9D498B2AAE718082DA176 ft=1 fh=092db22a8b7a47f8 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\794JJ2L8W9\794JJ2L8W.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\CARPFHFJOG\PZY4NGLKN.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\L4GUFS7VFF\L4GUFS7VF.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\NTLYPTR4F0\NTLYPTR4F.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\R1VICQWYQE\R1VICQWYQ.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\SUGMCJMJDX\SUGMCJMJD.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\TBUC85W4RM\TBUC85W4R.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\TVCTLBBTT8\TVCTLBBTT.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\WSH55IY5CO\WSH55IY5C.exe"
sh=AA2BCF1D0F05BB99108C0D555B148AA1213724B7 ft=1 fh=108c7464cf753f3a vn="Variante von Win32/FireHooker.A Trojaner" ac=I fn="C:\FRST\Quarantine\C\WINDOWS\system32\mispaced.dll.xBAD"
sh=AA2BCF1D0F05BB99108C0D555B148AA1213724B7 ft=1 fh=108c7464cf753f3a vn="Variante von Win32/FireHooker.A Trojaner" ac=I fn="C:\FRST\Quarantine\C\WINDOWS\SysWOW64\mispaced.dll.xBAD"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# end=init
# utc_time=2017-09-26 04:15:43
# local_time=2017-09-26 06:15:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 34861
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# end=updated
# utc_time=2017-09-26 04:16:56
# local_time=2017-09-26 06:16:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a555eb79e6f71a48814909f21b6493ea
# engine=34861
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-09-26 09:12:22
# local_time=2017-09-26 11:12:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 68264 16550138 0 0
# scanned=1083049
# found=18
# cleaned=0
# scan_time=17726
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\0REZPKA8BK\0REZPKA8B.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\2J4S1XCBYH\2J4S1XCBY.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\3K1EP8FZTW\3K1EP8FZT.exe"
sh=A1FDDCFE8E172D1B38D9D498B2AAE718082DA176 ft=1 fh=092db22a8b7a47f8 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\794JJ2L8W9\794JJ2L8W.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\CARPFHFJOG\PZY4NGLKN.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\L4GUFS7VFF\L4GUFS7VF.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\NTLYPTR4F0\NTLYPTR4F.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\R1VICQWYQE\R1VICQWYQ.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\SUGMCJMJDX\SUGMCJMJD.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\TBUC85W4RM\TBUC85W4R.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\TVCTLBBTT8\TVCTLBBTT.exe"
sh=06DAB0F0EF2715239816EE4BC1866D7FD142FEAB ft=1 fh=691bc3b3fed845d0 vn="Variante von MSIL/Kryptik.KNE Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files\WSH55IY5CO\WSH55IY5C.exe"
sh=AA2BCF1D0F05BB99108C0D555B148AA1213724B7 ft=1 fh=108c7464cf753f3a vn="Variante von Win32/FireHooker.A Trojaner" ac=I fn="C:\FRST\Quarantine\C\WINDOWS\system32\mispaced.dll.xBAD"
sh=AA2BCF1D0F05BB99108C0D555B148AA1213724B7 ft=1 fh=108c7464cf753f3a vn="Variante von Win32/FireHooker.A Trojaner" ac=I fn="C:\FRST\Quarantine\C\WINDOWS\SysWOW64\mispaced.dll.xBAD"
sh=3DCA4CC49ECFBD505B6D8C216A2A0F78928B34CB ft=1 fh=933366ed703031b4 vn="Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Hoshi\AppData\Roaming\uTorrent\updates\3.4.0_30660.exe"
sh=9A076D03CA34BE4EACE14C4C4E9372A673CB9AA8 ft=1 fh=3f7d0daa45e272d7 vn="Variante von Win32/AdkDLLWrapper.A eventuell unerwünschte Anwendung" ac=I fn="D:\Programme\uTorrent\uTorrent.exe"
sh=81BE787BC81C1B8B80E47F57DF3664ECDC0BDDFB ft=1 fh=820ab1c5142fc200 vn="Win32/FusionCore.L eventuell unerwünschte Anwendung" ac=I fn="E:\CDex-1.84.exe"
sh=B0A175CDBF9FFA607759FF33DB8CBA187DEBC98C ft=0 fh=0000000000000000 vn="Variante von Generik.MCRRXSW Trojaner" ac=I fn="E:\gcfsnr.zip"
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2017 01
durchgeführt von Hoshi (Administrator) auf HOSHI-PC (26-09-2017 16:26:27)
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Oculus VR) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(TeamViewer GmbH) D:\Programme\TeamViewer\TeamViewer_Service.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify Web Helper] => C:\Users\Hoshi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [Spotify] => C:\Users\Hoshi\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-02-02] (Spotify Ltd)
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Run: [DAEMON Tools Lite] => D:\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{44eab3ff-54e7-4179-9334-818557caa181}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48087fcf-0f34-473d-98e4-623094e6d179}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{50f0966d-4c38-4772-9bc1-2e04e25500e9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53270d60-5f82-4144-bb10-31c955cd1d24}: [DhcpNameServer] 192.168.42.129
ManualProxies: 

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2016-01-18] (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF DefaultProfile: v835n1d8.default-1416499139358
FF ProfilePath: C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 [2017-09-26]
FF Homepage: Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358 -> www.google.de
FF Extension: (MEGA) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\firefox@mega.co.nz.xpi [2017-09-23]
FF Extension: (FlashDisable) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2017-04-10]
FF Extension: (NoScript) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-12]
FF Extension: (Video DownloadHelper) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Roaming\Mozilla\Firefox\Profiles\v835n1d8.default-1416499139358\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2014-04-21] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1299527896-1211748070-1707534253-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hoshi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-09-21]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12]
CHR Extension: (Kein Name) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\Hoshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)
S3 GalaxyClientService; D:\Games\GalaxyClient\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-07] (GOG.com)
S4 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts)
S2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [2977640 2017-09-12] (Electronic Arts)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [207656 2016-12-13] (Oculus VR, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [470480 2016-12-13] (Oculus VR)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-07-26] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-09-12] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies)
R2 TeamViewer; D:\Programme\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2017-05-06] (Broadcom Corporation.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2017-05-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-09-29] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2016-09-29] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-26] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R1 MpKsl1965a71f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5ECE94C0-1C34-426D-BDCD-4EC4141F7C99}\MpKsl1965a71f.sys [44928 2017-09-26] (Microsoft Corporation)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-11-09] () [Datei ist nicht signiert]
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-11-15] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U4 aspnet_state; kein ImagePath
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-25 18:58 - 2017-09-25 18:58 - 000001180 _____ C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SFPack.lnk
2017-09-25 18:55 - 2017-09-25 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualMIDISynth
2017-09-25 16:05 - 2017-09-26 16:10 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-25 16:05 - 2017-09-25 16:05 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-25 16:05 - 2017-09-25 16:05 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-25 16:05 - 2017-09-25 16:05 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-25 16:04 - 2017-09-25 16:04 - 002870984 _____ (ESET) C:\Users\Hoshi\Desktop\esetsmartinstaller_deu.exe
2017-09-25 16:03 - 2017-09-25 16:03 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-25 16:03 - 2017-09-25 16:03 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-25 16:03 - 2017-09-25 16:03 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-25 16:03 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-23 16:50 - 2017-09-23 16:50 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-23 16:50 - 2017-09-23 16:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-23 16:48 - 2017-09-23 16:48 - 000097457 _____ (Mozilla) C:\Users\Hoshi\Downloads\1f8b5ad9-cb69-4d6b-a7b4-4e37900b4ca9.tmp
2017-09-23 16:46 - 2017-09-23 16:46 - 000000008 __RSH C:\Users\Hoshi\ntuser.pol
2017-09-23 16:44 - 2017-09-23 16:53 - 000000000 ____D C:\AdwCleaner
2017-09-23 16:34 - 2017-09-23 16:34 - 008182736 _____ (Malwarebytes) C:\Users\Hoshi\Desktop\AdwCleaner_7.0.2.1.exe
2017-09-23 16:33 - 2017-09-23 16:33 - 000034532 _____ C:\Users\Hoshi\Downloads\533fd124-ca54-4763-a6db-b396caed6a8f.tmp
2017-09-23 16:33 - 2017-09-23 16:33 - 000001136 _____ C:\Users\Hoshi\Downloads\7fc3c9b5-c46a-4e84-b979-d6ea5bbcd6b1.tmp
2017-09-23 16:32 - 2017-09-23 16:32 - 000034532 _____ C:\Users\Hoshi\Downloads\b1bb7384-7163-43b3-a4b2-270df49a2362.tmp
2017-09-23 08:56 - 2017-09-23 08:56 - 000001177 _____ C:\Users\Public\Desktop\Tyrian 2000.lnk
2017-09-23 08:56 - 2017-09-23 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyrian 2000 [GOG.com]
2017-09-23 07:15 - 2017-09-26 16:26 - 000000000 ____D C:\Users\Hoshi\Desktop\FRST-OlderVersion
2017-09-23 07:15 - 2017-09-23 16:31 - 000004791 _____ C:\Users\Hoshi\Desktop\Fixlog.txt
2017-09-22 15:45 - 2017-09-22 15:45 - 000070612 _____ C:\Users\Hoshi\Downloads\2a29ca61-d44f-4702-ada1-a5202ddde7c8.tmp
2017-09-22 15:14 - 2017-09-22 15:15 - 039468304 _____ (Microsoft Corporation) C:\Users\Hoshi\Downloads\mpas-feX64.exe
2017-09-22 06:19 - 2017-09-23 07:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-22 06:18 - 2017-09-22 19:58 - 000000000 ____D C:\Users\Hoshi\Desktop\mbar
2017-09-22 06:17 - 2017-09-22 06:17 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Hoshi\Downloads\mbar-1.09.3.1001.exe
2017-09-21 20:32 - 2017-09-21 20:32 - 000539414 _____ C:\Users\Hoshi\Desktop\Defender.txt
2017-09-21 20:25 - 2017-09-21 20:25 - 000245912 _____ (Mozilla) C:\Users\Hoshi\Downloads\Firefox Installer.exe
2017-09-21 20:23 - 2017-09-21 20:23 - 000251110 _____ C:\Users\Hoshi\Desktop\bookmarks-2017-09-21.json
2017-09-21 18:47 - 2017-09-25 16:08 - 000001434 _____ C:\Users\Hoshi\Desktop\mbam.txt
2017-09-21 18:39 - 2017-09-26 16:26 - 000022695 _____ C:\Users\Hoshi\Desktop\FRST.txt
2017-09-21 18:39 - 2017-09-26 16:26 - 000000000 ____D C:\FRST
2017-09-21 18:39 - 2017-09-23 16:56 - 000139919 _____ C:\Users\Hoshi\Desktop\Addition.txt
2017-09-21 18:37 - 2017-09-26 16:26 - 002399744 _____ (Farbar) C:\Users\Hoshi\Desktop\FRST64.exe
2017-09-21 17:49 - 2017-09-21 18:32 - 000465324 _____ C:\WINDOWS\ntbtlog.txt
2017-09-21 17:49 - 2017-09-21 18:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-21 17:45 - 2017-09-21 17:45 - 000024658 _____ C:\WINDOWS\System32\Tasks\{79097F47-7A7D-0904-0B11-0F04040D1179}
2017-09-21 17:42 - 2017-09-21 17:47 - 000003286 _____ C:\WINDOWS\System32\Tasks\088195c19b33f61100dd567039f0a39e
2017-09-20 22:10 - 2017-09-20 22:10 - 000051624 _____ C:\WINDOWS\uninstaller.dat
2017-09-20 16:59 - 2017-09-20 17:01 - 004204032 _____ (crosire) C:\Users\Hoshi\Desktop\ReShade.exe
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ C:\Users\Hoshi\AppData\Local\recently-used.xbel
2017-09-19 16:48 - 2017-09-19 16:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-09-18 17:33 - 2017-09-18 17:33 - 000000098 _____ C:\WINDOWS\SysWOW64\QuickTime.qtp
2017-09-18 17:33 - 2017-09-18 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2017-09-18 17:33 - 1999-07-13 20:02 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32qt.exe
2017-09-18 17:32 - 2017-09-18 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Time
2017-09-18 16:49 - 2017-09-19 19:20 - 000000000 ____D C:\Users\Hoshi\Documents\Project CARS
2017-09-18 16:49 - 2017-09-18 16:49 - 000000000 ____D C:\Users\Hoshi\Documents\wmd_symbol_cache
2017-09-17 20:26 - 2017-09-17 20:49 - 000000065 _____ C:\Users\Hoshi\Desktop\SL Foto Termine!.txt
2017-09-17 10:27 - 2017-09-17 10:29 - 021643807 _____ C:\Users\Hoshi\Desktop\Sound Fix v1.4.3.rar
2017-09-17 10:27 - 2017-09-17 10:28 - 021697338 _____ C:\Users\Hoshi\Desktop\Jaguar XJ220 v1.3.rar
2017-09-17 08:52 - 2017-09-17 09:35 - 000000000 ____D C:\Users\Hoshi\Documents\Assetto Corsa
2017-09-16 14:13 - 2017-09-16 14:13 - 000000000 ____D C:\Users\Hoshi\Desktop\Posen
2017-09-15 20:18 - 2017-09-15 20:21 - 000000000 ____D C:\Users\Hoshi\Documents\MindShow
2017-09-15 20:13 - 2017-09-15 20:13 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Mindshow
2017-09-15 19:43 - 2017-09-15 19:43 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Against Gravity
2017-09-15 15:52 - 2017-09-15 15:52 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Stress Level Zero
2017-09-13 20:38 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-13 20:38 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 20:38 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 20:38 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 20:38 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 20:38 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-13 20:38 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 20:38 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 20:38 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-13 20:38 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 20:38 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 20:38 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 20:38 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-13 20:38 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-13 20:38 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 20:38 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-13 20:38 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 20:38 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 20:38 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 20:38 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-13 20:38 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 20:38 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 20:38 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 20:38 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-13 20:38 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 20:38 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 20:38 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-13 20:38 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 20:38 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-13 20:38 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 20:38 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 20:38 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-09-13 20:38 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-13 20:38 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 20:38 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 20:38 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 20:38 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 20:38 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 20:38 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-13 20:38 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-13 20:38 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-13 20:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 20:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 20:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 20:34 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 20:34 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 20:34 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 20:34 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 20:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 20:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 20:33 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 20:33 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 20:33 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 20:33 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-13 20:33 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 20:33 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 20:33 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 20:33 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 20:33 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 20:33 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 20:33 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 20:33 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 20:33 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 20:33 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 20:33 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 20:33 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 20:33 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 20:33 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 20:33 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 20:33 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 20:33 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 20:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 20:33 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 20:33 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 20:33 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 20:33 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 20:33 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 20:33 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 20:33 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 20:33 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 20:33 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 20:33 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 20:33 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 20:33 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-13 20:33 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 20:33 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 20:33 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 20:33 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 20:33 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 20:33 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 20:33 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 20:33 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 20:33 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 20:33 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 20:32 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 20:32 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 20:32 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 20:32 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 20:32 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 20:32 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 20:32 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 20:32 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 20:32 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 20:32 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 20:32 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 20:32 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 20:32 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 20:32 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 20:32 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 20:32 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 20:32 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 20:32 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 20:32 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 20:32 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 20:32 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 20:32 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 20:32 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 20:32 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 20:32 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 20:32 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 20:32 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 20:32 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 20:32 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 20:32 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 20:32 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 20:32 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 20:32 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 20:32 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 20:32 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-09-13 20:32 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 20:32 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 20:32 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 20:32 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 20:32 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 20:32 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 20:32 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 20:32 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 20:32 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 20:31 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 20:31 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-13 20:31 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 20:31 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 20:31 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 20:31 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 20:31 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 20:31 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 20:31 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 20:31 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 20:31 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 20:31 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 20:31 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 20:31 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 20:31 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 20:31 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 20:31 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 20:31 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 20:31 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 20:30 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 19:33 - 2017-09-13 19:33 - 000000000 ____D C:\temp
2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Google
2017-09-12 16:44 - 2017-09-12 18:32 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-09-12 16:44 - 2017-09-12 16:44 - 000000000 ____D C:\Program Files\Virtual Desktop
2017-09-10 10:52 - 2017-09-10 11:30 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\Users\Hoshi\Documents\com.nolimitscoaster.nolimits2
2017-09-10 10:52 - 2017-09-10 10:52 - 000000000 ____D C:\ProgramData\com.nolimitscoaster.nolimits2
2017-09-09 17:16 - 2017-09-09 17:16 - 000000000 ____D C:\Users\Hoshi\AppData\Local\E1
2017-09-09 13:53 - 2017-09-09 13:53 - 000000000 ____D C:\Users\Hoshi\M210Projects
2017-09-09 13:28 - 2017-09-09 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood [GOG.com]
2017-09-09 11:09 - 2017-09-09 11:34 - 000000000 ____D C:\Users\Hoshi\Desktop\Aufnahme Vorlagen
2017-09-09 09:04 - 2017-09-09 09:05 - 000000024 _____ C:\Users\Hoshi\Desktop\SL Hud verstecken.txt
2017-09-08 19:08 - 2017-09-08 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima series
2017-09-08 18:14 - 2017-09-08 18:14 - 000000000 ____D C:\Users\Hoshi\AppData\Local\DarkSoulsMapViewer
2017-09-08 17:54 - 2017-09-08 17:54 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Citor3 Entertainment Studio Oy
2017-09-08 17:40 - 2017-09-08 17:40 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\STUDIO MORI
2017-09-08 12:24 - 2017-09-08 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clive Barkers Undying [GOG.com]
2017-09-08 09:09 - 2017-09-08 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Suffering [GOG.com]
2017-09-07 11:18 - 2017-09-07 11:18 - 000003908 _____ C:\WINDOWS\SysWOW64\ST5UNST.003
2017-09-07 11:18 - 2017-09-07 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein [GOG.com]
2017-09-07 11:17 - 2017-09-07 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlaws [GOG.com]
2017-09-07 10:10 - 2017-09-07 10:11 - 000096730 _____ C:\WINDOWS\TRON 2.0 Killer App Mod Uninstall Log.txt
2017-09-06 15:55 - 2017-09-06 15:55 - 000001151 _____ C:\Users\Hoshi\Desktop\DTLite.exe - Verknüpfung.lnk
2017-09-06 15:03 - 2017-09-06 15:57 - 000000000 ____D C:\Users\Hoshi\Documents\OpenRA
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\Documents\DAZ 3D
2017-09-06 06:26 - 2017-09-06 06:26 - 000000000 ____D C:\ProgramData\DAZ 3D
2017-09-06 06:25 - 2017-09-06 06:25 - 000000979 _____ C:\Users\Hoshi\Desktop\DAZ Studio 4.9 (64-bit).lnk
2017-09-06 06:25 - 2017-09-06 06:25 - 000000000 ____D C:\Program Files\DAZ 3D
2017-09-05 20:22 - 2017-09-06 11:48 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2017-09-05 20:20 - 2017-09-05 20:20 - 000000000 ____D C:\Users\Public\Documents\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:26 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\DAZ 3D
2017-09-05 20:19 - 2017-09-06 06:25 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2017-09-05 20:19 - 2017-09-05 20:19 - 000000949 _____ C:\Users\Hoshi\Desktop\DAZ Install Manager.lnk
2017-09-05 18:57 - 2017-09-05 18:57 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-09-05 18:55 - 2017-09-05 18:55 - 000000279 _____ C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk
2017-09-05 17:50 - 2017-09-05 17:50 - 000001106 _____ C:\Users\Hoshi\Desktop\dosbox.exe - Verknüpfung.lnk
2017-09-01 19:29 - 2017-09-05 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MadOnion.com
2017-08-31 17:51 - 2017-08-31 17:51 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Lighthouse Games Studio
2017-08-29 15:23 - 2017-08-29 15:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Bungie
2017-08-28 17:33 - 2017-08-28 17:33 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemur

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-26 16:23 - 2017-04-14 09:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-26 06:16 - 2017-04-14 09:04 - 000000000 ____D C:\Users\Hoshi
2017-09-25 20:56 - 2017-04-14 09:03 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-25 20:56 - 2014-03-30 14:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\TS3Client
2017-09-25 19:19 - 2017-04-14 09:17 - 006755354 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-25 19:19 - 2017-03-20 06:41 - 003408086 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-25 19:19 - 2017-03-20 06:41 - 000922472 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-25 19:05 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-25 16:03 - 2017-04-14 09:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-25 16:03 - 2014-03-15 15:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-25 16:02 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-25 15:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-25 15:53 - 2017-04-14 09:13 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{91BA399B-E431-49C7-9B9A-A968D8719897}
2017-09-25 15:53 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-24 12:45 - 2014-03-19 20:22 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\vlc
2017-09-23 16:52 - 2014-03-15 14:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-23 16:46 - 2015-01-30 20:17 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-23 13:14 - 2016-06-05 13:48 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Origin
2017-09-23 13:14 - 2014-03-20 18:26 - 000000000 ____D C:\Users\Hoshi\Documents\My Games
2017-09-23 13:14 - 2014-03-15 16:03 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-23 13:05 - 2014-03-15 16:33 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\UseNeXT
2017-09-23 12:54 - 2016-10-21 12:42 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-09-23 12:50 - 2014-03-15 15:20 - 000000000 ____D C:\ProgramData\Origin
2017-09-23 08:23 - 2014-10-19 17:11 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Cinemaware
2017-09-23 07:15 - 2016-06-05 13:41 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Temp
2017-09-22 19:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Performance
2017-09-22 15:43 - 2015-11-17 21:12 - 000000000 ____D C:\Users\Hoshi\AppData\Local\CrashDumps
2017-09-22 05:15 - 2014-11-13 05:39 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-09-21 20:24 - 2016-03-19 10:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-21 18:54 - 2015-06-21 13:23 - 000000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP
2017-09-21 18:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-09-21 18:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-09-21 17:40 - 2017-04-14 09:13 - 000003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-21 17:40 - 2017-04-14 09:13 - 000003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-20 16:33 - 2014-12-06 17:48 - 000000000 ____D C:\Users\Hoshi\AppData\Local\gtk-2.0
2017-09-20 16:33 - 2014-12-06 17:39 - 000000000 ____D C:\Users\Hoshi\.gimp-2.8
2017-09-18 19:11 - 2014-03-15 15:32 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Skype
2017-09-18 18:19 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Programme
2017-09-18 17:35 - 2015-12-13 09:21 - 000000000 ____D C:\Users\Hoshi\AppData\Local\ElevatedDiagnostics
2017-09-18 17:33 - 2014-05-11 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-09-16 14:13 - 2014-03-15 15:44 - 000000000 ___RD C:\Users\Hoshi\Desktop\Games
2017-09-15 18:27 - 2017-05-21 16:47 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Battle.net
2017-09-14 17:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-14 06:10 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-14 06:09 - 2017-04-14 09:03 - 005290080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 20:58 - 2017-03-20 06:41 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 20:58 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 20:57 - 2017-04-29 07:35 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Mixxx
2017-09-13 20:44 - 2014-03-15 17:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 20:43 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 20:43 - 2014-03-15 17:02 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 20:00 - 2014-03-19 18:23 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\uTorrent
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 05:48 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 18:32 - 2014-05-17 19:23 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-09-12 18:31 - 2014-03-15 16:03 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-09-12 18:16 - 2015-07-03 19:19 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Google
2017-09-12 18:02 - 2014-03-15 16:03 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-09-12 16:23 - 2014-03-15 14:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-12 16:23 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-11 20:25 - 2017-02-18 07:18 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\Cronus
2017-09-10 19:43 - 2015-05-20 17:19 - 000000000 ____D C:\Users\Hoshi\Documents\The Witcher 3
2017-09-09 19:09 - 2014-03-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-07 11:18 - 2016-04-16 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Gold [GOG.com]
2017-09-07 11:18 - 2014-06-16 17:24 - 000000390 _____ C:\WINDOWS\SysWOW64\ilent
2017-09-07 11:17 - 2017-07-18 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F.E.A.R. Platinum Collection [GOG.com]
2017-09-07 11:17 - 2016-12-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redneck Rampage [GOG.com]
2017-09-05 18:57 - 2017-05-23 16:41 - 000002237 _____ C:\Users\Hoshi\Desktop\Discord.lnk
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Roaming\discord
2017-09-05 18:57 - 2017-05-23 16:41 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Discord
2017-09-05 18:46 - 2017-07-16 08:25 - 000000000 ____D C:\Users\Hoshi\AppData\LocalLow\Thunder Lotus Games
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-30 19:57 - 2015-11-02 18:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 05:56 - 2015-07-03 19:19 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 18:17 - 2017-07-19 20:18 - 000000000 ____D C:\Users\Hoshi\AppData\Local\Firestorm

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-18 20:03 - 2016-07-18 20:03 - 000006144 _____ () C:\Program Files (x86)\com.htc.vive.setup.bilogclient
2015-12-26 23:05 - 2015-12-27 14:56 - 000000297 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Login.ini
2015-12-26 23:06 - 2015-12-27 16:12 - 000001427 _____ () C:\Users\Hoshi\AppData\Roaming\BreakingPoint_Options.ini
2016-08-14 16:25 - 2016-08-14 16:32 - 000000224 _____ () C:\Users\Hoshi\AppData\Roaming\highScores.txt
2015-09-21 14:52 - 2015-09-21 14:52 - 000000099 _____ () C:\Users\Hoshi\AppData\Roaming\LauncherSettings_live.cfg
2015-09-21 14:44 - 2015-09-21 14:44 - 000010525 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_live.bin
2015-09-21 14:43 - 2015-09-21 14:43 - 000000040 _____ () C:\Users\Hoshi\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-11-15 21:03 - 2015-12-02 22:37 - 000003317 _____ () C:\Users\Hoshi\AppData\Roaming\VoiceMeeterDefault.xml
2015-01-30 20:11 - 2016-12-03 10:20 - 000010752 _____ () C:\Users\Hoshi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-19 11:53 - 2016-10-19 11:53 - 000000291 _____ () C:\Users\Hoshi\AppData\Local\ledConfiguration.config
2016-10-19 11:53 - 2016-12-25 12:58 - 000000737 _____ () C:\Users\Hoshi\AppData\Local\NvidiaLEDVisualizer.config
2016-03-15 17:36 - 2016-03-26 20:52 - 000000600 _____ () C:\Users\Hoshi\AppData\Local\PUTTY.RND
2017-09-20 16:33 - 2017-09-20 16:33 - 000027238 _____ () C:\Users\Hoshi\AppData\Local\recently-used.xbel
2016-07-31 13:54 - 2017-04-02 16:11 - 000007659 _____ () C:\Users\Hoshi\AppData\Local\Resmon.ResmonCfg
2014-12-23 13:43 - 2014-12-23 13:43 - 000004999 _____ () C:\ProgramData\auqrgqib.ttw
2017-04-14 09:04 - 2017-04-14 09:04 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-04 09:56 - 2017-05-04 18:25 - 000000257 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-04-08 22:13 - 2017-04-08 22:13 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-25 16:43

==================== Ende von FRST.txt ============================
__________________
Alt 26.09.2017, 15:29   #18
Hoshi82
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2017 01
durchgeführt von Hoshi (26-09-2017 16:27:00)
Gestartet von C:\Users\Hoshi\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-14 07:15:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1299527896-1211748070-1707534253-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1299527896-1211748070-1707534253-503 - Limited - Disabled)
Gast (S-1-5-21-1299527896-1211748070-1707534253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1299527896-1211748070-1707534253-1002 - Limited - Enabled)
Hoshi (S-1-5-21-1299527896-1211748070-1707534253-1000 - Administrator - Enabled) => C:\Users\Hoshi
Mcx1-HOSHI-PC (S-1-5-21-1299527896-1211748070-1707534253-1005 - Limited - Enabled) => C:\Users\Mcx1-HOSHI-PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Chair in a Room: Greenwater (HKLM\...\Steam App 427760) (Version:  - Wolf & Wood Interactive Ltd)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{151974E9-9B16-47DC-8B57-5684A1E42127}) (Version: 12.1.1.151 - Adobe Systems, Inc)
Aeon (HKLM\...\Steam App 543390) (Version:  - Illusion Ranger)
Agents of Mayhem (HKLM\...\Steam App 304530) (Version:  - Deep Silver Volition)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{AFADB5DC-3ABC-421F-9DAD-BDABE511258B}) (Version: 4.0.51117.1 - Microsoft Corporation)
Arizona Sunshine (HKLM\...\Steam App 342180) (Version:  - Vertigo Games)
Art of Fight (HKLM\...\Steam App 531270) (Version:  - Raptor-Lab)
Assetto Corsa (HKLM\...\Steam App 244210) (Version:  - Kunos Simulazioni)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos)
Axiom Verge (HKLM\...\Steam App 332200) (Version:  - Thomas Happ Games LLC)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Battlezone (HKLM\...\Steam App 312650) (Version:  - Rebellion)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
Bullets And More VR - BAM VR (HKLM\...\Steam App 525640) (Version:  - Koenigz)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version:  - )
Clive Barker's Undying (HKLM-x32\...\1207659191_is1) (Version: 2.1.0.9 - GOG.com)
Cloudlands : VR Minigolf (HKLM\...\Steam App 425720) (Version:  - Futuretown)
Cmoar VR Cinema (HKLM\...\Steam App 527160) (Version:  - Cmoar Studio)
Comedy Night (HKLM\...\Steam App 665360) (Version:  - Lighthouse Games Studio)
Conan Exiles (HKLM\...\Steam App 440900) (Version:  - Funcom)
Conarium (HKLM\...\Steam App 313780) (Version:  - Zoetrope Interactive)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH)
CoolSoft VirtualMIDISynth 2.0.1 (HKLM\...\CoolSoft VirtualMIDISynth) (Version: 2.0.1.0 - CoolSoft)
Cronus PRO 1.20 (HKLM-x32\...\Cronus PRO) (Version: 1.20 - CronusMAX Team)
CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.6.43412 - CtrlAltStudio)
Cyberduck (HKLM-x32\...\{27F61226-4F73-4617-BEDF-DBCB5C6D35D3}) (Version: 5.0.3.20504 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{be4c3b9a-7362-4e8b-a310-225db8ff97d6}) (Version: 5.0.3.20504 - iterate GmbH)
Dangerous Golf (HKLM\...\Steam App 405500) (Version:  - Three Fields Entertainment)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version:  - Double Fine Productions)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.71) (Version: 1.1.0.71 - DAZ 3D)
Dead Effect 2 VR (HKLM\...\Steam App 646200) (Version:  - BadFly Interactive, a.s.)
DeliPlayer (HKLM-x32\...\DeliPlayer2) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Discord (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - )
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Dotfuscator and Analytics Community Edition 5.19.0 (HKLM-x32\...\{4C5B1DD0-7E8E-4972-9247-818E6D030552}) (Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Duck Season (HKLM\...\Steam App 503580) (Version:  - Stress Level Zero)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version:  - Frontier Developments)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
EVERSPACE™ (HKLM\...\Steam App 396750) (Version:  - ROCKFISH Games)
F.E.A.R. Platinum Collection (HKLM-x32\...\1423058413_is1) (Version: 2.0.0.6 - GOG.com)
Fast Action Hero (HKLM\...\Steam App 534000) (Version:  - Sirius Sam)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firestorm-Release (HKLM-x32\...\Firestorm-Release) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.1.119 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.21.610 - Digital Wave Ltd)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Full Throttle Remastered (HKLM\...\Steam App 228360) (Version:  - Double Fine Productions)
Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)
G4E (HKLM-x32\...\{D42540BE-EB5A-9420-8101-6D87DCDACD9E}) (Version: 1.7 - UNKNOWN) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.7 - UNKNOWN)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Games (HKLM\...\{55956d7b-35e0-49fa-8343-7adc8e1eb34b}.sdb) (Version:  - )
Ghost of a Tale (HKLM\...\Steam App 417290) (Version:  - SeithCG)
Ghost Town Mine Ride & Shootin' Gallery (HKLM\...\Steam App 459010) (Version:  - Spectral Illusions)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth VR (HKLM\...\Steam App 348250) (Version:  - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GORN (HKLM\...\Steam App 578620) (Version:  - Free Lives)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version:  - Valve)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HCS VoicePacks Deutsch AURORA version 2.0 (HKLM-x32\...\{D53FEFBB-C717-403A-8246-D8F2BFC507DA}_is1) (Version: 2.0 - HCS VoicePacks Ltd)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version:  - Ninja Theory)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
ILLUSION HoneySelect (HKLM-x32\...\{1F709DAC-507B-47DA-B04F-367EF5AA20B4}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
INSIDE (HKLM\...\Steam App 304430) (Version:  - Playdead)
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Island 359 (HKLM\...\Steam App 476700) (Version:  - CloudGate Studio, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Job Simulator (HKLM\...\Steam App 448280) (Version:  - Owlchemy Labs)
John Wick Chronicles (HKLM\...\Steam App 382360) (Version:  - Starbreeze Studios)
Karnage Chronicles (HKLM\...\Steam App 611160) (Version:  - Nordic Trolls)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.66 (HKLM-x32\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes)
Layers of Fear (HKLM-x32\...\Steam App 391720) (Version:  - Bloober Team SA)
Lethal VR (HKLM\...\Steam App 532270) (Version:  - Three Fields Entertainment)
Lethe - Episode One (HKLM\...\Steam App 407780) (Version:  - KoukouStudios)
Lockdown: Stand Alone (HKLM\...\Steam App 513270) (Version:  - Viversion)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MAGIX Common Components 1 (HKLM-x32\...\{7A8B2204-574B-42A2-A3DC-52AE142D197F}) (Version: 1.2.0.0 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fonts Package 1 (HKLM-x32\...\{3859AC53-3C30-4885-AA6B-5DAC442AC871}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fonts Package 2 (HKLM-x32\...\{BCE30F6A-D172-4A2A-94FC-65B6749FDBC7}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM\...\{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{2497E82C-98AE-494E-B155-52623C230EC6}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{81F7511B-CB79-40CB-B173-35292038A84D}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{3F744D82-3ED5-48B6-A3C8-C0208C3BEE0B}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 4) (HKLM\...\MX.{A35C545A-8BF8-40C4-BC04-50216A46C2F0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 5) (HKLM\...\MX.{57AA9D95-6A4C-4247-B98A-6EA983F3E0FB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 6) (HKLM\...\MX.{D3AC4780-D1C1-4A70-9832-BB64E79C62B3}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 7) (HKLM\...\MX.{98C37332-DC95-426F-A987-043FA9A282D1}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{310EA489-7C68-407E-A246-D600398647F8}) (Version: 15.0.0.107 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{7751963F-7D88-4626-BEFE-9A848F7400B4}) (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{AA6874A6-C7EB-42D5-B434-A86B75E00F32}) (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{D02B20D4-DA3E-4542-ADFD-D2B0BC8A1E84}) (Version: 15.0.0.102 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (HKLM\...\MX.{6EF62090-796C-42D3-9D71-BA127DDEC550}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (MotionStudios Vasco da Gama 9 Essential) (HKLM\...\MX.{5EC327CC-EEA1-41E1-A416-0E931051D49B}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Premium (NewBlue Titler Pro Express) (HKLM\...\MX.{1746FE16-859D-4169-960B-712ED9A0215D}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MakeMKV v1.10.2 (HKLM-x32\...\MakeMKV) (Version: v1.10.2 - GuinpinSoft inc)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Marvel's Guardians of the Galaxy: The Telltale Series (HKLM\...\Steam App 579950) (Version:  - Telltale Games)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62607.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62607.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mindshow (HKLM\...\Steam App 382000) (Version:  - Mindshow, Inc.)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Monster Maze VR (HKLM\...\Steam App 543600) (Version:  - 4 Fun Studio)
Mozilla Firefox 55.0.3 (x64 de) (HKLM\...\Mozilla Firefox 55.0.3 (x64 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{FA0599C5-C083-41BE-8AEA-E8EB9070D128}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.1.33 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{6B088B33-748B-4AFD-B6D1-841F298B5D52}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
My Game Long Name (HKLM\...\UDK-6a43523d-137c-4ffe-8432-fea0f9ad936e) (Version:  - Epic Games, Inc.)
Nature Treks VR (HKLM\...\Steam App 587580) (Version:  - John Carline)
Nero Burning ROM 2014 (HKLM-x32\...\{AB51F94A-8AA0-4F96-81B1-0446BA681083}) (Version: 15.0.02700 - Nero AG)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Neverending Nightmares (HKLM-x32\...\Steam App 253330) (Version:  - Infinitap Games)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NewBlue Titler Pro Express For Magix (HKLM\...\NewBlue Titler Pro Express For Magix) (Version: 1.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
nGlide 1.03 (HKLM-x32\...\nGlide) (Version: 1.03 - Zeus Software)
NightCry (HKLM\...\Steam App 427660) (Version:  - Nude Maker)
Nock: Hidden Arrow (HKLM\...\Steam App 525210) (Version:  - CodeBison Games)
NoLimits 2 Roller Coaster Simulation (HKLM\...\Steam App 301320) (Version:  - Ole Lange)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.0 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Observer (HKLM\...\Steam App 514900) (Version:  - Bloober Team SA)
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM\...\{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM\...\{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM\...\{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 2.1.0.24 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outlast 2 (HKLM\...\Steam App 414700) (Version:  - Red Barrels)
Outlaws (HKLM-x32\...\1425302464_is1) (Version: 2.1.0.11 - GOG.com)
Overload (HKLM\...\Steam App 448850) (Version:  - Revival Productions, LLC)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Paranormal Activity: The Lost Soul (HKLM\...\Steam App 467660) (Version:  - VRWERX)
Pavlov VR (HKLM\...\Steam App 555160) (Version:  - davevillz)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Pierhead Arcade (HKLM\...\Steam App 435490) (Version:  - Mechabit Ltd)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Pool Nation VR  (HKLM\...\Steam App 269170) (Version:  - Cherry Pop Games)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
PS4 Remote Play (HKLM-x32\...\{079C8DC3-767F-46CF-B871-14D21FCC2890}) (Version: 2.0.0.02211 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Quantum Break (HKLM\...\Steam App 474960) (Version:  - Remedy Entertainment)
Quell 4D (HKLM\...\Steam App 534230) (Version:  - Rubycone)
Quest 5.6.1 (HKLM-x32\...\Quest_is1) (Version: 5.6.1 - Alex Warren)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Raw Data (HKLM\...\Steam App 436320) (Version:  - Survios)
Realms of the Haunting (HKLM-x32\...\Realms of the Haunting_is1) (Version:  - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Rec Room (HKLM\...\Steam App 471710) (Version:  - Against Gravity)
Redneck Rampage Collection (HKLM-x32\...\1207658674_is1) (Version: 2.1.0.12 - GOG.com)
Redout (HKLM\...\Steam App 517710) (Version:  - 34BigThings srl)
Resident Evil: Operation Raccoon City (HKLM-x32\...\{43430FA1-388E-4359-A6DB-DA1000048401}) (Version: 1.0.0004.132 - CAPCOM U.S.A, INC) Hidden
Return to Castle Wolfenstein (HKLM-x32\...\1441704976_is1) (Version: 2.0.0.2 - GOG.com)
Revive Dashboard (HKLM-x32\...\Revive) (Version:  - )
Rez Infinite (HKLM\...\Steam App 636450) (Version:  - Monstars Inc.)
Rick and Morty: Virtual Rick-ality (HKLM\...\Steam App 469610) (Version:  - Owlchemy Labs)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rising Storm 2: Vietnam (HKLM\...\Steam App 418460) (Version:  - Antimatter Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Roslyn Language Services - x86 (HKLM-x32\...\{6A7F37C9-1E37-3A9A-93D4-09BBEB4BD343}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Secret World Legends (HKLM\...\Steam App 215280) (Version:  - Funcom)
Serious Sam VR: The First Encounter (HKLM\...\Steam App 552450) (Version:  - Croteam VR)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
SHOUTcast DNAS (remove only) (HKLM-x32\...\SCDNAS) (Version:  - )
Sin (HKLM-x32\...\Sin) (Version:  - )
Sin Gold (HKLM-x32\...\GOGPACKSINGOLD_is1) (Version: 2.0.0.9 - GOG.com)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SlimDX Redistributable (June 2010) (HKLM-x32\...\{354D00E0-C7C9-4BC1-BC12-08C4977AA827}) (Version: 2.0.10.43 - SlimDX Group)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Soldier of Fortune - Community Edition 6.1 (HKLM-x32\...\Soldier of Fortune - Community Edition 6.1) (Version:  - )
Sonic Mania (HKLM\...\Steam App 584400) (Version:  - Christian Whitehead)
Soundscape VR (HKLM\...\Steam App 636930) (Version:  - Groove Science)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version:  - )
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version:  - Streum On Studio)
Spirits of Xanadu (HKLM-x32\...\Steam App 312230) (Version:  - Good Morning, Commander)
Spotify (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Battlefront™ II Closed Alpha (HKLM-x32\...\{d32f9b53-3a06-4720-bc64-c56f0fe8256a}) (Version: 1.0.0.0 - Electronic Arts)
STASIS (HKLM\...\Steam App 380150) (Version:  - THE BROTHERHOOD)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteamDolls VR Demo (HKLM\...\Steam App 528690) (Version:  - The Shady Gentlemen)
SteamWorld Dig (HKLM-x32\...\{F81E6BA3-5772-4435-B635-D71E90130052}) (Version: 1.10.0.0 - Image & Form)
STRAFE® (HKLM\...\Steam App 442780) (Version:  - Pixel Titans)
Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version:  - Rogue Entertainment)
SUPERHOT VR (HKLM\...\Steam App 617830) (Version:  - SUPERHOT Team)
SVRVIVE: The Deus Helix (HKLM\...\Steam App 509540) (Version:  - SVRVIVE Studios)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Shock - Enhanced Edition (HKLM-x32\...\1439995156_is1) (Version: 2.1.0.4 - GOG.com)
System Shock 2 (HKLM\...\Steam App 238210) (Version:  - Irrational Games)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version:  - Telltale Games)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{48992F68-BEE6-35D8-89AC-6A81406F1096}) (Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Terminator Future Shock + SkyNET version 1.0 (HKLM-x32\...\{AC9D63E6-A090-49E3-95CA-9CAA6706AEAF}_is1) (Version: 1.0 - Bethesda Softworks)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Brookhaven Experiment (HKLM\...\Steam App 440630) (Version:  - Phosphor Games)
The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\GOGPACKRIDDICK_is1) (Version: 2.0.0.10 - GOG.com)
The Gallery - Episode 1: Call of the Starseed (HKLM\...\Steam App 270130) (Version:  - Cloudhead Games ltd.)
The Klub 17 (HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\Klub-7) (Version: 7.5.0 - Team WRK17)
The Lab (HKLM\...\Steam App 450390) (Version:  - Valve)
The Solus Project (HKLM\...\Steam App 313630) (Version:  - Hourences)
The Suffering (HKLM-x32\...\1268478205_is1) (Version: 1.0.1 - GOG.com)
The Unwelcomed (HKLM\...\Steam App 504560) (Version:  - The Unwelcomed Studios)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
theBlu (HKLM\...\Steam App 451520) (Version:  - Wevr, Inc.)
TheWaveVR (HKLM\...\Steam App 453000) (Version:  - TheWaveVR)
Thief 3 Sneaky Upgrade SDB (HKLM\...\{61271900-d6b0-4da5-801b-7127a8713df1}.sdb) (Version:  - )
Thief 3 Sneaky Upgrade version 1.1.5.2 (HKLM-x32\...\{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1) (Version: 1.1.5.2 - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version:  - Ion Storm)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.1.0 - Electronic Arts, Inc.)
Tormentum - Dark Sorrow (HKLM\...\Steam App 335000) (Version:  - OhNoo Studio)
TrackMania² Canyon (HKLM\...\Steam App 228760) (Version:  - Nadeo)
Trapcode Suite 64-bit (HKLM\...\{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
TypeScript Power Tool (HKLM-x32\...\{7FBEE165-A653-4B2A-A93A-4643794E22A8}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{D7C8A95B-B1EE-43B1-837D-C73D1321FEBA}) (Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
Tyrian 2000 (HKLM-x32\...\1207658901_is1) (Version: 2.1.0.13 - GOG.com)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ulead MediaStudio Pro 8.0 (HKLM-x32\...\{A6E71574-2126-4E95-816E-32B2411C94BA}) (Version: 8.0 - Ulead Systems, Inc.)
Ultima Underworld 2 (HKLM-x32\...\1207662473_is1) (Version: 2.1.0.20 - GOG.com)
Ultimate Booster Experience (HKLM\...\Steam App 499620) (Version:  - GexagonVR)
Uninvited: MacVenture Series (HKLM\...\Steam App 343810) (Version:  - Zojoi)
Unknown Pharaoh (HKLM\...\Steam App 576100) (Version:  - 4 Fun Studio)
Unreal Gold (HKLM-x32\...\1207658679_is1) (Version: 2.1.0.6 - GOG.com)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vanishing Realms (HKLM\...\Steam App 322770) (Version:  - Indimo Labs LLC)
Vasco da Gama 9 HD Essential (HKLM-x32\...\{132A1B32-8C6A-416C-B7FB-7D4CD54C18DE}) (Version: 9.00.0000 - MotionStudios)
Vertigo (HKLM\...\Steam App 465430) (Version:  - Zach Tsiakalis-Brown)
Virtual Desktop (HKLM\...\Steam App 382110) (Version:  - Guy Godin)
Virtual Desktop Service (HKLM\...\{2F1A2C04-7695-47E1-B69E-B2B5B2038C39}) (Version: 1.5.1 - Guy Godin)
Visual Basic 5.0 (C:\WINDOWS\system32\) #3 (HKLM-x32\...\ST5UNST #3) (Version:  - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #4 (HKLM-x32\...\ST5UNST #4) (Version:  - )
Visual Basic 5.0 (C:\WINDOWS\system32\) #5 (HKLM-x32\...\ST5UNST #5) (Version:  - )
Visual Basic 5.0 (C:\Windows\system32\) (HKLM-x32\...\ST5UNST #2) (Version:  - )
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
Vita 2 (HKLM\...\{39B956AD-00E8-4561-B6CC-7E91BDEDB0AF}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Concert Grand LE (HKLM\...\{0501DF32-8054-41E0-A1D1-B6BEAB54CACF}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vita Drum Engine (HKLM\...\{E5494279-4C0C-4220-9B41-A6BC89D6A92E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (HKLM\...\{D14FE00B-0E75-462A-936A-C9483A20D0D0}) (Version: 1.0.2.0 - MAGIX Software GmbH) Hidden
Vita Power Guitar (HKLM\...\{69F05894-87A2-4E92-A6E3-EE8937D09CC0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceAttack version 1.5.12 (HKLM-x32\...\{D6EDF6DB-029E-4A34-A3A0-D960CB0FCB2A}_is1) (Version: 1.5.12 - VoiceAttack.com)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
vorpX (HKLM-x32\...\{C136D0CC-9077-4979-801E-6B5A956EED6A}_is1) (Version: 17.1.3.0 - Animation Labs)
VRporize - VR FPS (HKLM\...\Steam App 498970) (Version:  - Mercury Aerospace Industries)
VS Update core components (HKLM-x32\...\{5F7870A1-0586-313E-A9FF-3249DCE9F63A}) (Version: 14.0.24720 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version:  - Aldin Dynamics)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Wheel of Time (HKLM-x32\...\Wheel of Time) (Version:  - )
White Night (HKLM-x32\...\Steam App 301560) (Version:  - OSome Studio)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windlands (HKLM\...\Steam App 428370) (Version:  - Psytec Games Ltd)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08060686-DA7A-4F81-903F-5EF5846EBC46} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10FB4821-8293-4FB8-93AC-ED877096D358} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {15CEA677-3D1C-403A-8EE5-9C536AE36655} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3356136B-5DA8-4E2C-94F1-D934C3FFD02A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33D241F7-FCC1-4696-BA50-24F80B532744} - System32\Tasks\{EA0A359E-2C55-46AC-83DB-0F986B25B53B} => C:\Windows\system32\pcalua.exe -a E:\WMEncoder64.exe -d E:\
Task: {39B3A4D0-967A-4B83-8FAE-BFC9CCF78C7C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {3C768F76-478B-4129-836E-66BBD535DF4B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CA1C205-5779-4D65-9B79-03CA693A49ED} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-05-10] (MAGIX Software GmbH)
Task: {3F26B3E2-B93D-49BD-BC7E-5F720B51C994} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {415F7118-E84D-43AD-B678-2809A265ACDD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52FD4488-82FE-4FC3-A835-7330FDE39B8B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58E0F5EB-6F42-4B37-A50A-952C0182547B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A2D88F9-D511-4485-A81D-E9539F5865C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D12D0DE-7C2D-43EB-88A7-25C081D80C44} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6509C4C3-BDFD-4861-ABD9-95C391A5DA45} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67D99D18-6635-4D3E-869B-A89F58F4E0BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {6ACACBFB-34D5-4E50-99F6-7C2E8F65870B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DFFA0FA-204A-4DB6-A32D-36551F60CD88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {71CC4BE9-738E-4546-A312-5370DAC238D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-03] (Google Inc.)
Task: {72C2654C-0345-4427-92A1-203E5906A350} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE287C4-2286-41C0-8590-B925FB2DD061} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8426F389-7EEE-48D3-86F8-A0B7F68C0351} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9502FC37-4BF3-4187-97DB-BB885F817B28} - System32\Tasks\{540C4F0A-AFE9-41B0-8BED-770ADCAFCFDD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/de/abandoninstall?page=tsMain
Task: {9F4B56CC-50E0-44AF-946B-932FF1BB8876} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {ADEAE2A2-DBBC-4FEA-AE2B-1ACCCCA9F22C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B265853E-1EB9-4490-8346-026981D861F1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B7290E7F-96E2-49E1-94BC-17D8FC712ACF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF0E8690-E916-421C-925C-8EF2FB370D68} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {D61F55A8-B0BB-4781-80FD-8F7B16E7EA4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E025C148-A5D4-4254-AAA8-1B4360B2374B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {E6B257D7-040D-4610-AFE5-4256956C9B14} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAE39C83-0CAA-4312-907A-1243969BAB66} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {ED55E21A-57DB-4591-8F95-58F0658945D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F2A52317-F2C1-4630-87BC-E12B2FFC7496} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F5132FA3-CAD1-4315-BF63-D7542912C7C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F75A3443-BF9D-4B1D-BAB0-DA6B05C232BC} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-HOSHI-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {FC7911CA-4CA6-4249-A2B5-D3C065E61A89} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC8098E2-47F8-48D3-A990-2172097B9ABA} - System32\Tasks\{1B9BAEFE-CA33-481C-8FAF-AF1A3509FC73} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield - Bad Company 2\Cleanup.exe" -c uninstall_game -autologging

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Hoshi\Desktop\Games\InLucysEyes.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\InLucysEyes\InLucysEyes.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\Desktop\Games\TenebrisLake.bat - Verknüpfung.lnk -> D:\Games\Steam\SteamApps\common\Amnesia The Dark Descent\TenebrisLake.bat (Keine Datei)
Shortcut: C:\Users\Hoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-12 16:44 - 2017-09-12 18:09 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-26 23:05 - 2011-07-28 18:06 - 000297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-07-19 21:54 - 2017-07-19 21:54 - 000330208 _____ () C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
2017-09-25 16:03 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-14 09:04 - 2017-08-22 01:10 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-03-16 12:17 - 2016-03-16 12:17 - 000052912 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-12-26 23:05 - 2011-07-27 12:53 - 000360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2014-03-15 14:20 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\skype.com -> hxxps://apps.skype.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-09-07 10:11 - 000000027 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
__________________
Alt 26.09.2017, 15:30   #19
Hoshi82
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


ADDITION Fortsetzung
Code:
ATTFilter
==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hoshi\AppData\Roaming\mozilla\firefox\desktop-hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: LogitechQuickCamRibbon => "D:\Programme\Logitech\Webcam\Logitech WebCam Software\LWS.exe" /hide
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BA585EE1-A7F9-49C7-88D7-522B7C9DC59D}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E0DC3C0F-8A5A-4950-B29C-A9CC62B6E5CA}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{702407FC-570B-48B7-B575-F088B82F5FD7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DEEF9EE1-3254-466A-98B9-C6EF05212ACD}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{19C290C3-9D18-4F16-B042-EFF275DA013C}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [TCP Query User{A632B5B6-D96A-4EA2-A892-8626A8AF81A8}C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe] => (Allow) C:\games\steam\steamapps\common\pavr pre alpha demo\pa_ue4\binaries\win64\pa_ue4-win64-shipping.exe
FirewallRules: [UDP Query User{1E455C75-FB8D-483B-91A4-B8C11BE4C869}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [TCP Query User{813295F7-78FC-4553-AC43-715C5B7879F5}D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [{3C3D2E69-5741-4D9C-8BA6-F881ECC18C21}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AA3B8C49-6083-48B9-AE89-19BC7C9097E3}] => (Allow) C:\Games\Steam\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{AC96AE27-8529-497D-8B66-FCC05C1371F3}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{A7801E9D-E656-4A15-A6D0-32B372633B3A}] => (Allow) C:\Games\Steam\steamapps\common\Vertigo\Vertigo.exe
FirewallRules: [{F90A37A4-FB13-402B-B550-8F4E250A6235}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{003666E4-1942-464C-8684-9E3839ACA7ED}] => (Allow) C:\Games\Steam\steamapps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{5D395514-FDFF-41A2-9CD5-AEF110564C5E}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{DD6D3136-65A5-46F7-B3F2-9309062D411C}] => (Allow) D:\Games\Steam\SteamApps\common\PavlovVR\Pavlov.exe
FirewallRules: [{6B0A2104-10B4-44D9-83FF-602956979021}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{2EA87923-BA90-4961-B89D-8193B1BA93B7}] => (Allow) D:\Games\Steam\SteamApps\common\Monster Maze VR\MonsterMazeVR.exe
FirewallRules: [{4C28E660-F41C-4E65-BE80-7BCCA081576B}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{97BEA2F2-001B-4D94-A00B-9C1B06EBD466}] => (Allow) D:\Games\Steam\SteamApps\common\Unknown Pharaoh\UnknownPharaoh.exe
FirewallRules: [{E97CCF0D-855F-4E08-91CD-B3B76D5ECE85}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{ADA15F69-55DB-43BD-8F88-F6183D6DCE81}] => (Allow) D:\Games\Steam\SteamApps\common\INSIDE\INSIDE.exe
FirewallRules: [{E0CEF3DC-4FAE-458D-9748-B22736715E69}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [{9813278E-1BE2-419A-BF40-0A0AFC5DE0FC}] => (Allow) D:\Games\Steam\SteamApps\common\Uninvited MacVenture Series\uninvited.exe
FirewallRules: [UDP Query User{1FDBA183-7457-486A-8B59-C110F9C0AA2B}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{DFF78058-8AF5-447D-9241-DAAD9F1A1678}D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\games\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{4223108D-1598-41A0-9C7D-C98C2C7E8CF0}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{D6FE4E3D-1689-4D1C-8769-66E136EB5BFD}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{07F2908B-71B8-4032-8FCA-9B9F60CD886D}] => (Allow) OVRServer_x64.exe
FirewallRules: [{68A4192E-0BCE-4E38-B01C-7D04950BB40B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{0F30DC54-5C6A-4862-9E20-9CA261B83F8B}] => (Allow) D:\Games\Steam\SteamApps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{4806CE95-7DBE-4F03-9E01-0E8C5E15CE1B}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{9B495424-3E3E-48C7-9734-B427D7AA5148}] => (Allow) D:\Games\Steam\SteamApps\common\SteamDolls_VR_Demo\steamdolls_vr_demo.exe
FirewallRules: [{56D51920-A5CD-4085-B0AE-E21ED31050B7}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{778CDE73-7D13-4DAC-A715-F9998C193F4C}] => (Allow) D:\Games\Steam\SteamApps\common\Lethe - Episode One\Binaries\Win32\UDK.exe
FirewallRules: [{16FBA39D-A8FB-4368-AE02-748CFDC4C0BB}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8F1A9D38-4640-4CAE-B1B3-6B1659F740EE}] => (Allow) D:\Games\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{DE830C2D-2792-4793-B8C3-03EE4268374A}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{69B2D7B0-0B35-4D67-870F-B80D5DA11976}] => (Allow) D:\Games\Steam\SteamApps\common\Nature Treks VR\Nature Treks VR.exe
FirewallRules: [{C02F1FD2-BE14-4B1D-820D-88F3FB6CADED}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{349FF32B-00CD-4466-BD48-49EC3ECF16E1}] => (Allow) D:\Games\Steam\SteamApps\common\Lockdown Stand Alone\lockdown.exe
FirewallRules: [{67B64759-2152-491A-B7FD-5F2D77A134C5}] => (Allow) OculusClient.exe
FirewallRules: [{B354CDB8-59FB-4AD5-B91B-1FE9E59160DA}] => (Allow) OculusClient.exe
FirewallRules: [{1E2E29D8-EDB5-4745-9273-0E2B44C2BA12}] => (Allow) OculusVR.exe
FirewallRules: [{B3B70576-2AA5-479D-BB33-ED66BF047058}] => (Allow) OculusVR.exe
FirewallRules: [{BD2E0371-BC51-40C5-8AC5-994147DFF03C}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{70CC2275-610A-4F6B-BD23-E5BFA14550B0}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{A3E91647-CBBA-4C2A-8966-4A9D1953C275}] => (Allow) OVRServer_x64.exe
FirewallRules: [{CFC50AAE-31A2-464D-B8EC-1440BC8AF75F}] => (Allow) OVRServer_x64.exe
FirewallRules: [{5DDA393E-C726-404A-B6BE-C81B852BE85E}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{AE7789AE-2746-4886-8A8C-0A9611145455}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{C0FA4152-1304-4909-9983-0E0B4DF8231E}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{F0B60581-18FA-4DA4-A857-7074717EFEB2}] => (Allow) D:\Games\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{36C15119-7D97-4269-8318-0A54BF0699CE}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{15EFFFD8-2995-4D7A-8A1D-D55F0FBD3F00}] => (Allow) D:\Games\Steam\SteamApps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [UDP Query User{1F46EB63-73BB-49B7-B16A-AAABA83463D3}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [TCP Query User{DF38C388-6EF5-40E2-ABB5-7A7806CB462F}D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\redout\redout\binaries\win64\redout-win64-shipping.exe
FirewallRules: [{2EC97B86-1219-49A0-A7A2-7391D7E3E416}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{4D349B1F-5DAA-4F16-B516-B91CF9D6E1C3}] => (Allow) D:\Games\Steam\SteamApps\common\Redout\redout.exe
FirewallRules: [{333A85DC-E692-4A7C-AC1E-923930542B8D}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{0A0E4521-8BE0-499A-A7CC-2D14A50E7945}] => (Allow) D:\Games\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{FDAD1FE0-97EC-4D00-97CF-48EB0C58EF09}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{40561B9E-A123-4908-B83A-3C88C57B5391}] => (Allow) D:\Games\Steam\SteamApps\common\Tormentum\Tormentum.exe
FirewallRules: [{CC04E9D0-241D-4D79-A268-A88497F20AD3}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{2EECEE85-CFEE-4509-9F24-B1B03D3EE827}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [UDP Query User{45EB9ED9-0CAA-453D-B4D9-06B7B2FEBB5C}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{800CB73E-7CA2-463E-8EE9-3C87FF3734FA}D:\games\tdu2\uplauncher.exe] => (Allow) D:\games\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{50A12DFF-801A-4AF4-9920-7E5B463506CD}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{54606CA1-DA6B-4AF5-967A-E12F76C20ABC}D:\games\tdu2\testdrive2.exe] => (Allow) D:\games\tdu2\testdrive2.exe
FirewallRules: [{BF733EBD-02BE-4B5C-8C19-2FA8AF6ADEB7}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{B673414B-67A0-4DE7-8BA7-4910EA606C90}] => (Allow) D:\Games\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{9FC42CE6-3FA4-466E-B7B5-E497154C3240}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{53723693-0DAF-4DE7-9B73-9154E45330ED}] => (Allow) D:\Games\Origin\Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{DBD75664-BE69-4222-985F-4C52ACDD34DA}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{3FB2591D-93B5-4808-AD14-D34BBF3C9876}] => (Allow) D:\Games\Steam\SteamApps\common\ArizonaSunshine\ArizonaSunshine.exe
FirewallRules: [{291A965C-E12B-4661-B704-83E8743BB52C}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{9E376CE6-426A-4E7E-B116-65B088452225}] => (Allow) D:\Games\Steam\SteamApps\common\FastActionHero\Fast Action Hero.exe
FirewallRules: [{43037CC1-0C70-40A3-8BEA-6392BC9CA3CD}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{3F8F8D1C-5E0A-4FE8-81D4-0E90A5304A85}] => (Allow) D:\Games\Steam\SteamApps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [UDP Query User{2933B71E-AD92-47FB-9833-2943E612033A}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{7C1C116D-BB06-4F08-9FF8-06F1BCAF6231}D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\ghost town mine ride\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{65A88DF4-D55D-4D10-B267-092E4E81595E}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{61AB9D3C-7E2C-498E-B4C0-403D0D38CE33}] => (Allow) D:\Games\Steam\SteamApps\common\Ghost Town Mine Ride\HauntedMineRide.exe
FirewallRules: [{1B64888E-6A42-422E-ADCA-E1AC56995ED7}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{7C71C520-0138-4A51-8DAF-2DC62ACAFFC2}] => (Allow) D:\Games\Steam\SteamApps\common\SVRVIVE\SVRVIVE The Deus Helix.exe
FirewallRules: [{53ED8D1A-8BED-457E-AE41-F08A40127E3C}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{BD6E9A75-9511-45A6-BB74-05CD434D17F6}] => (Allow) D:\Games\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{DE5A1E59-8DB6-4619-AA85-79AC39691117}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{5695F430-0FE8-48C1-A594-CF8C4FD0704A}] => (Allow) D:\Games\Steam\SteamApps\common\EarthVR\Earth.exe
FirewallRules: [{B5DA8A5E-4D4F-4C20-95F3-6B65B41ACD8E}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A4C7EA8-EA75-4249-8A13-A5DFD9404043}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C96678AE-C5EB-4085-A06B-F142B7C9CF80}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [{0D6113C4-FD38-466D-BA47-3844AB491F38}] => (Allow) D:\Games\Steam\SteamApps\common\Quell 4D\Quell4D.exe
FirewallRules: [UDP Query User{16FB7109-76B1-49E7-AD78-62CAB08F652C}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [TCP Query User{F31A3F18-2596-450D-B0E2-3D2B785BEF25}D:\games\firestorm havok\slvoice.exe] => (Allow) D:\games\firestorm havok\slvoice.exe
FirewallRules: [{5005CEA3-87E3-4E58-9E27-AB3FD75FBC88}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{DE4E352D-3ADD-436E-BAA1-BE95D3987B52}] => (Allow) D:\Games\Steam\SteamApps\common\theBlu\theblu.exe
FirewallRules: [{2E4E90F2-95CF-425D-8541-030B3D462F85}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{477BC455-D26F-420D-B5FB-7C3F96B3A73D}] => (Allow) D:\Games\Steam\SteamApps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{06865A7F-2F3F-4008-AECF-96E39B11738D}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AA3DC80E-C831-4309-B0F4-A176BFF7030C}] => (Allow) D:\Games\Steam\SteamApps\common\Art of Fight\ArtOfFight.exe
FirewallRules: [{AFFA8C04-DCAA-48EC-AE74-2AD45EF733FF}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{2F642C70-E2AE-4442-8001-EA9124030D71}] => (Allow) D:\Games\Steam\SteamApps\common\Island 359\Island359.exe
FirewallRules: [{4E547210-56DD-436D-AFB6-26132F63F1C3}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [{5AEACF73-9594-4924-9B2E-0EAA5121E625}] => (Allow) D:\Games\Steam\SteamApps\common\NightCry\NightCry.exe
FirewallRules: [UDP Query User{44EAC687-8C54-4322-8240-F8FB63E03101}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{24758668-2959-4BC3-8E2C-3E9E455E6734}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{5D898310-DB54-49ED-830B-05F242D1F421}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{0466309B-407F-4D69-91E6-86BEAFE9DBEB}] => (Allow) D:\Programme\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8AEE8D01-CF01-47AE-AD5D-714D7BE7D820}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{342EA1E1-2E21-4A09-8C9D-95D4D0B61526}] => (Allow) D:\Games\Steam\SteamApps\common\White Night\Bin\Win32\WNight.exe
FirewallRules: [{0F13B3E5-0FC1-4D38-A9EC-6B8004EC0738}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{72B3B364-082E-4265-B78D-10FD766E99DB}] => (Allow) D:\Games\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{2ED621BB-621E-4F5B-9EEE-2445F798F417}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38EAF7FD-1387-4B2F-B071-A3050E0E7B52}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41BA33BD-41ED-4667-B5EC-850C760D7EC4}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{96FE98B7-8520-4C4B-889D-95A849A6406C}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{8F614056-23CF-4179-8110-CBF96615B056}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{92DEB061-DDBE-4317-9756-EED6E50B36C1}] => (Allow) D:\Games\Steam\SteamApps\common\Spirits of Xanadu\Spirits of Xanadu.exe
FirewallRules: [{41E6B432-E1F9-4489-B50C-C3CFA89580CB}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{43D853E6-AAA5-4C78-8271-3DE5C476A900}] => (Allow) D:\Games\Steam\SteamApps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{3D4D3D55-258A-4452-8354-59A0C9B95BE9}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CF90FD8C-9D02-4F83-87A8-86DE8BF0703E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{3B74ADF1-6A43-4401-AB32-EF15C1D49194}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{B3EC2834-8773-4B20-A2D9-841BF8179FDF}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{633BF3E0-7616-4F0C-BD34-D7AE38CF71C2}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{F523341D-D024-479A-B1C6-09E174003418}] => (Allow) D:\Programme\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{94207D91-6307-48BA-886A-841FBC51410E}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{2F2FD238-9218-4E73-8DA4-6FA41E0506C3}] => (Allow) D:\Games\Steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{F55B01C6-BA46-4D72-BA01-DC0F62B2D9DE}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{4656B89B-E5B0-492F-AA56-97C9CB624605}] => (Allow) D:\Games\Steam\SteamApps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [UDP Query User{025F09C2-9AA1-4ADF-A604-9FA5A3FA0A64}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [TCP Query User{4AB9BA08-A5C6-4079-9E58-21E9E7D66539}C:\program files\vlc\vlc.exe] => (Allow) C:\program files\vlc\vlc.exe
FirewallRules: [{BFF87F05-85B8-4FAB-A7BC-80B7D7ACB251}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{41F30114-6E1E-4DC6-A988-5235C132E4D3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [UDP Query User{09B31CFA-B2D4-4E9C-846A-9E6AE61A437F}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{59421173-7EB5-4508-9C9F-3ED146289E5B}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{32F1DDE8-CC4C-4320-A8A4-1C75F90D4BB4}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [TCP Query User{2B62BCA7-11D4-4AD8-B437-2DE1EAD40A50}D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe] => (Allow) D:\games\steam\steamapps\common\aliens colonial marines\binaries\win32\_acm.exe
FirewallRules: [UDP Query User{241742FE-2949-4E72-81E5-122D323D76F4}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [TCP Query User{009A6B4B-3F84-4965-99B0-AC627E9AB743}D:\programme\shoutcast\sc_serv.exe] => (Allow) D:\programme\shoutcast\sc_serv.exe
FirewallRules: [{410F8931-7BED-4D99-A248-881443D2BA43}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{FAB3AE78-C3C6-4DD4-A657-2D7D3A467C0F}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
FirewallRules: [{6F7A5C9A-2A1B-4FC7-94F6-93EDAECD75D4}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{17931943-1054-49E9-8E44-15C4ED0E76EC}] => (Allow) D:\Games\Steam\SteamApps\common\Strife\strife-ve.exe
FirewallRules: [{1627D254-2807-47E5-A965-8EF14D291E95}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{372C07F2-7E64-4845-BD0D-18F42729A021}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9EE86F79-EA28-48E7-BDF7-DA3CB5CB0EB2}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{0C0096FD-BC19-4204-9414-C50767846395}] => (Allow) D:\Games\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{E8CCB980-186C-4786-9D43-AAF5F521C015}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [TCP Query User{7B0BBD21-DD89-4546-A8E6-92CF642CFF29}D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) D:\games\gog games\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{B4BEBBEE-A2AB-4C62-BA1A-3E947E8618D0}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [{F7A90859-ECB9-4126-9CF8-32AEF926581A}] => (Allow) D:\Games\Steam\SteamApps\common\Neverending Nightmares\nightmare.exe
FirewallRules: [UDP Query User{118013CC-E8F7-4503-92F8-BED165808AE7}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [TCP Query User{24A0B1AA-132B-4576-965E-6044AAE7FE03}D:\games\quake hd pack\darkplaces.exe] => (Allow) D:\games\quake hd pack\darkplaces.exe
FirewallRules: [{5561E420-4BC8-44A8-9F33-AA239310F2C3}] => (Allow) LPort=41780
FirewallRules: [{EF206F0E-4EAA-4E2E-97A8-722315EF974A}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{92763FF7-CD31-49A4-AD1D-3C59426CE645}] => (Allow) D:\Games\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{339CA568-B0BA-476E-8647-E398FD154305}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6AA3EA4-AE5F-4147-9477-C983C17F78B3}] => (Allow) C:\Users\Hoshi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A09E3AB7-BA3F-49B3-A93D-F50DEF8265E6}] => (Allow) D:\Programme\Skype\Phone\Skype.exe
FirewallRules: [{F7C0F58A-218F-41E3-B1F3-5E65CC3A3F50}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{8602E317-6CEA-4200-89BA-4F8E48E3414E}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [TCP Query User{9606A9D6-6A6A-40C7-AE58-17B18A3111E1}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [UDP Query User{48C77771-399E-4E63-BA0F-5C9A89A5F366}D:\games\gog games\unreal gold\system\unreal.exe] => (Allow) D:\games\gog games\unreal gold\system\unreal.exe
FirewallRules: [TCP Query User{549B6F9D-C048-4E95-99A2-3A377AAA0748}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{672FCE63-7931-4363-B2E8-7C5890F947CB}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{444E3619-2165-4B6B-A277-9CC0BC7B53B0}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{48AAD65B-32EF-4142-931D-684DA033FE0D}] => (Allow) D:\Games\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{0302EA2C-2C88-4C68-8BC4-C486414C6275}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{655D0F0E-A538-45A5-83ED-0D949E232624}] => (Allow) D:\Games\Steam\SteamApps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{55CA69B3-FD1A-4886-909A-0C86C229B07F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{595038C8-42B8-42A8-9DF8-1D679DCC7DBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E36AEE6-C7C2-4509-B7D9-1BB0E1F03EB1}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{68BB8839-299B-4D34-A527-FF5F23ED4D04}] => (Allow) D:\Games\Steam\SteamApps\common\VanishingRealms\VanishingRealms.exe
FirewallRules: [{0273119C-7CAF-4396-A5AF-768B82E424E2}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{CACF1BA0-AB61-46E3-A4F6-E3FD55C94A29}] => (Allow) D:\Games\Steam\SteamApps\common\Job Simulator\JobSimulator.exe
FirewallRules: [{B63306D8-F01B-4802-A5E9-6F36E2474501}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{22654D19-A692-4892-84F9-A6C46B8C6DAD}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe
FirewallRules: [{60339C49-0A25-4CD0-83D0-DEE32E2FDB0B}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{E69CBCFB-4693-4382-AB15-14D323B3B0E1}] => (Allow) D:\Games\Steam\SteamApps\common\Virtual Desktop\Environment Editor.exe
FirewallRules: [{9193D3C6-6FBF-441D-BB2F-0C08BEB4E77C}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [{9DF8030F-3EF7-4A6C-918E-3D3DA0F83D6B}] => (Allow) D:\Games\Steam\SteamApps\common\AChairinaRoom\AChairInARoom_Greenwater.exe
FirewallRules: [TCP Query User{367DB655-BB17-4BC1-AE31-F20ED49E3A88}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [UDP Query User{44C3E241-DED9-4E29-9063-06F33DD095ED}D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) D:\games\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [TCP Query User{D16373C4-962B-46AE-87F9-922D3DA20533}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [UDP Query User{FBF4100B-242E-4171-930C-AF872ABC032A}D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) D:\games\ctrlaltstudio-viewer-alpha\slvoice.exe
FirewallRules: [TCP Query User{4D2FE12B-90B6-4D54-A289-A724E7B95289}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [UDP Query User{D3B9D8DA-2FFC-48E4-82B4-FB2E4BBDCA12}D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\vrporize\64\windowsnoeditor\vrporize_beta\binaries\win64\vrporize_beta-win64-shipping.exe
FirewallRules: [{ED38B62B-7340-44D8-ACD2-C203EDDA1151}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{A5F656B5-3F31-4FFC-BCC4-95FAB832FD48}] => (Allow) D:\Games\Steam\SteamApps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [TCP Query User{927C9C71-D614-4C26-B61A-A882E3817A70}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [UDP Query User{227C1F1C-3189-442E-84DC-6CC2E2E3E94B}D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [TCP Query User{9D6AA729-9DA7-4763-89DE-52AF6DFC31EF}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{4D15A1ED-0497-41FE-9D0E-FAD00BF9D30E}E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) E:\titanic honor and glory demo 2\titanic - honor and glory demo 2\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{AB34BC04-FF41-4337-9BD5-48D5A1B017E4}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{A54CB64D-E750-414A-A14B-A1C2AA0CC560}] => (Allow) D:\Games\Steam\SteamApps\common\Brookhaven\BrookhavenGame.exe
FirewallRules: [{1771F40C-6EE8-4EA8-BFB0-F8C879A7DA49}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [{425D082B-2A4C-4FC6-8E3C-B11A884517AF}] => (Allow) D:\Games\Steam\SteamApps\common\VRporize\64\WindowsNoEditor\VRporize_beta.exe
FirewallRules: [TCP Query User{43996D90-1975-4368-BED9-232501810761}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8F2DE0C-F2D8-4BFB-B7FA-5725E9CA96E2}C:\users\hoshi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hoshi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C2B64B6A-1A45-4904-B911-8F4163D80E33}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{628C846B-37A4-43FA-8300-C2ABD8505CE3}] => (Allow) D:\Games\Steam\SteamApps\common\Pierhead Arcade\Arcade.exe
FirewallRules: [{2B306573-B82C-45B6-B744-9BFF24454263}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{02897BD8-93C8-4E39-9236-8581E64CA400}] => (Allow) D:\Games\Steam\SteamApps\common\Overload\Overload.exe
FirewallRules: [{4243E46D-D91C-4899-B34D-2D0D9664912D}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{FAE9A318-685E-4CB8-A119-FC59DD4334CF}] => (Allow) D:\Games\Steam\SteamApps\common\RickAndMortyVR\RickAndMortyVR.exe
FirewallRules: [{DBC819B9-E417-416A-BA9A-674662BF83AB}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{F20DCC84-A9D8-40AA-AFE7-B206053EDF38}] => (Allow) D:\Games\Steam\SteamApps\common\Marvel's Guardians of the Galaxy The Telltale Series\Guardians.exe
FirewallRules: [{6633A870-73F0-4F52-919E-D7A72822C841}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{69BC39B0-41F0-419B-BB20-14A374665975}] => (Allow) D:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{82729D87-7959-4CA7-AA2F-9E5286114411}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [{C9C8859F-6322-41D1-AD05-B11D9DF4B04E}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast 2\Binaries\Win64\Outlast2.exe
FirewallRules: [TCP Query User{1AA0FBF9-4330-4FF4-85DF-789C47018191}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{473BDA27-3954-4B5C-8221-8377E36B9CD2}B:\cloud imperium games\patcher\cigpatcher.exe] => (Allow) B:\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{B6368D2F-877F-4CE7-86EA-42CD059F4519}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5EE59C3F-2D0D-4CED-840B-2BA998195FCA}B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) B:\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{C586A06C-0DA9-4744-80FD-2C40DC65522C}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{E575F97D-B64E-4E35-B30C-038822ECDED3}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [TCP Query User{69BFF41F-D1C1-4691-9FE1-B6DAE78B9AFD}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [UDP Query User{AD1889AD-5410-4C90-BFB2-372B345CE1D2}D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\island 359\island359\binaries\win64\island359_copy-win64-shipping.exe
FirewallRules: [{8A3B0A28-A44F-4C11-8E0D-3B16592AB8B4}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{945066F8-25B0-4FB2-8A01-FB556A39BF1C}] => (Allow) B:\Steam\steamapps\common\Battlezone\Launcher\battlezone.exe
FirewallRules: [{5E4A151B-2E94-4040-B1BB-8202B658D7E5}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E73C3B66-59DC-4ADE-B5B1-0CCB9E5F15F1}] => (Allow) D:\Games\Steam\SteamApps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{C9C602B9-4B3D-4FA5-9D6F-61E42E613097}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FB9ECD72-CABE-4824-9AAB-E4A6F0E35D84}] => (Allow) B:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EEB40E47-F1C4-4656-9C5C-2FEB1392B4DF}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [{9FCEF941-FA77-4150-BE2B-839A321CA27C}] => (Allow) B:\Steam\steamapps\common\Soundscape\Soundscape.exe
FirewallRules: [TCP Query User{62808090-BA71-4AE1-B049-85362774AAF2}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [UDP Query User{A2D3775C-19DD-4124-819B-5F534032CFA0}D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\games\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{7F75C914-E50D-40B1-BB92-746FC9CCEDD2}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{D59DAF58-5343-49CB-A91C-6C96689546F1}] => (Allow) B:\Steam\steamapps\common\Aeon\Aeon.exe
FirewallRules: [{62528508-75BE-47CA-9277-836908DF1719}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{3D3D0C0E-CC29-4785-BD54-CAF08252381C}] => (Allow) B:\Steam\steamapps\common\SUPERHOT VR\SUPERHOTVR.exe
FirewallRules: [{8DC2D8B5-DB4B-40D1-97AE-6D4D2CDA677E}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{EA82A72A-0783-4376-86DE-66D463A97A0C}] => (Allow) D:\Games\Steam\SteamApps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe
FirewallRules: [{35D7E367-0ED3-4F47-8441-3A6A3F3561DC}] => (Allow) D:\Programme\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{6E0600B2-815E-48A0-B4AD-A5EAB1543BDB}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{7AC56B85-1415-4007-8E96-1361E1FABDE3}] => (Allow) B:\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{D95A68C3-537C-40C1-A744-442B4D5879B8}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{EF2BBEFC-1876-4BFA-B930-628D8649EA01}] => (Allow) D:\Games\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{5C208156-3201-4BFD-9561-FF74F18CE96D}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [{651B32F7-67BE-427E-AED8-2E8B3D3929B7}] => (Allow) B:\Steam\steamapps\common\Karnage Chronicles\KarnageVR.exe
FirewallRules: [TCP Query User{F680A4FB-8640-40DB-AED3-5FF14EB3BE73}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [UDP Query User{9D8568A2-6021-4089-A7E5-B899BE3AA6A2}B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe
FirewallRules: [TCP Query User{5297F42D-5675-4819-B80D-1F8FE92D8792}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [UDP Query User{52D31D87-A22B-4B4E-AFFB-41D5FE61C3E7}D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\brookhaven\brookhavengame\binaries\win64\brookhavengame-win64-shipping.exe
FirewallRules: [TCP Query User{84A070A8-9FCE-4BA1-907C-311A264759F3}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{B261384C-83D2-4BBA-B1CB-1A09E9C005B8}B:\games\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) B:\games\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{149DCA28-7E08-4F6B-9642-4643C987479B}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{BF0B939D-91E1-4C1A-9C14-D46A9ADB71A3}] => (Allow) B:\Steam\steamapps\common\Dead Effect 2 VR\DeadEffect2.exe
FirewallRules: [{70A71F66-CF4A-4F7D-9E11-A0B39DB3DFBD}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [{B87CA62F-C948-4990-81A5-3C8273F90ECF}] => (Allow) B:\Steam\steamapps\common\johnwick\WindowsNoEditor\wick.exe
FirewallRules: [TCP Query User{733AD380-6942-42B0-96A4-4C928D10A842}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [UDP Query User{4FC4F02E-DA30-4A2F-ADC6-2421F3C86C51}B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\johnwick\windowsnoeditor\wick\binaries\win64\wick-win64-shipping.exe
FirewallRules: [{F173D9E2-CFC5-456C-B772-38970156E8B5}] => (Allow) D:\Programme\MAGIX\Video deluxe Premium\2017\Videodeluxe.exe
FirewallRules: [{58565BAD-4103-4768-A22D-6A83399860EE}] => (Allow) D:\Programme\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{B0F4AF05-3445-4E86-84ED-F9668F3EA52B}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{B6D46762-9437-4F7E-804C-595364ADB56E}] => (Allow) D:\Games\Steam\SteamApps\common\Cloudlands\Cloudlands.exe
FirewallRules: [{DD9EDFC0-4384-42B2-99D5-8C17E4DDD7AC}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{A0600D8F-500A-4A44-89C6-282349CAE307}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{536D9FE2-FE06-430D-8696-DC1327D02F34}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{5A496D68-2EF3-43AD-98E3-578B7BA30874}] => (Allow) D:\Games\Steam\SteamApps\common\The Gallery Call of the Starseed\TheGallery_EP1_OVR\TheGallery_EP1.exe
FirewallRules: [{B13220B0-F27B-4818-A76B-284143317672}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [{3543073A-B8AB-453D-A4D3-190625845506}] => (Allow) D:\Games\Origin\STAR WARS Battlefront II Closed Alpha\starwarsbattlefrontii.exe
FirewallRules: [TCP Query User{946362F4-2735-432C-A060-BD80CF30C175}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{36F60D16-C06C-4788-8120-C002ADB1A518}B:\games\overwatch\overwatch.exe] => (Allow) B:\games\overwatch\overwatch.exe
FirewallRules: [{50693B02-4980-454A-A2CD-C8AB00019487}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{D76891D4-8F80-44F1-A92E-A0FE7048C49A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\vive.exe
FirewallRules: [{05C68A71-80C1-403E-9342-74CDFA2EB76A}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{0BCB9B89-43C3-4687-A311-87DCF4725AC3}] => (Allow) D:\Games\Steam\SteamApps\common\Cmoar VR Cinema\oculus.exe
FirewallRules: [{D61C37A6-ACC2-4494-96D8-897F554884E1}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{AC54F4D6-CCD8-4350-81A7-4122051063DB}] => (Allow) D:\Games\Steam\SteamApps\common\Nock Hidden Arrow\Nock.exe
FirewallRules: [{724031A4-8631-4BA6-9B14-5C43D6C27B7A}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [{4F12E286-9A42-491E-BD48-5BE45805DF6F}] => (Allow) D:\Games\Steam\SteamApps\common\GORN\GORN.exe
FirewallRules: [TCP Query User{63EBF6ED-4320-4FD6-8349-76A314057E9B}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [UDP Query User{89DFC2DE-0D85-469A-8D40-ECEB29072155}D:\games\sansar\client\sansarclient.exe] => (Allow) D:\games\sansar\client\sansarclient.exe
FirewallRules: [{F6CFAD45-14D9-4F70-AE82-84915128CE6D}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{EB40392A-35B2-4B49-86CF-EB7327563DF7}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData.exe
FirewallRules: [{B5D68DF0-AF23-431D-B345-C5278F6310D2}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{D12E3BDC-FA1F-4993-B187-17D842A92D49}] => (Allow) B:\Steam\steamapps\common\Raw Data\RawData\Binaries\Win64\RawData-Win64-Shipping.exe
FirewallRules: [{EF42FFA6-F63B-4B18-B056-65AED7E3C817}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{949C85A8-693A-4505-9C65-2483077C2F59}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{118F724E-B0C9-484C-AA54-724951D58103}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{639D79C9-CEE6-4D37-9D37-41C7742D6476}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{113DDC4D-4A14-41D5-B79D-9286B9A6DE47}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{2EE7EFEE-59FF-4C8D-9838-2B2B9E00270C}] => (Allow) D:\Games\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{5EF4F8B9-60AD-42E1-AB4A-2035E242CEE5}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{C8894B04-9B96-490B-B2F2-A8DA33112482}] => (Allow) D:\Games\Steam\SteamApps\common\Conarium\Conarium.exe
FirewallRules: [{BC6E0C8F-343B-4209-8906-8701893745CD}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{E9AC4963-ED0F-429D-A657-A4247022DEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{5A22F760-CBCC-4E82-ACA1-F3E13E75C79E}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{97E90E47-6DFE-4D02-B6F7-2D529C9DCF92}B:\games\max payne 3\maxpayne3.exe] => (Allow) B:\games\max payne 3\maxpayne3.exe
FirewallRules: [{6478ACBE-A9BD-4004-99AE-5BC6F47E9A6E}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{78CF89E7-5691-4AD3-ACD0-EA5EF3E3ADB0}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{F994B6B6-3EF4-4BBE-AB52-770328BFBED1}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{FC8B8C65-D63E-454C-B8CA-8E5FEC275AC6}] => (Allow) D:\Games\Steam\SteamApps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{DA2A7636-FE20-4A55-8405-38F2A9800092}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{EA799577-B0B7-424D-81CE-CDFA03C9E253}] => (Allow) D:\Games\Steam\SteamApps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{2714EDEE-7A10-426D-9FD0-30151409B09B}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{1FEFAA6C-A74C-481F-8428-D872D4DF5A5A}] => (Allow) D:\Games\Steam\SteamApps\common\Serious Sam VR The First Encounter\Bin\x64\SamTFE_VR.exe
FirewallRules: [{943C1A90-26A3-46C8-B75A-6AB5FE4D9C63}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [{07764B6D-4A71-4707-862F-E2FCE2E941CD}] => (Allow) D:\Games\Steam\SteamApps\common\Space Hulk Deathwing\SpaceHulkGame.exe
FirewallRules: [TCP Query User{7E4F6977-CF90-458B-92F3-F84E646B614E}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [UDP Query User{BAD65C73-1242-446C-A7F2-425E8F1CA7C2}D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe
FirewallRules: [{789904E8-F71E-46A3-9B7B-76616E723997}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [{060AE121-401D-4ACC-8F5A-B5C264428BDC}] => (Allow) D:\Games\Steam\SteamApps\common\TheWaveVR\TheWaveVR.exe
FirewallRules: [TCP Query User{A10DC358-53EF-4B81-A409-6BE1CDA4CC1B}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [UDP Query User{4DA529DA-158D-45FE-9090-FE15CC0B46D7}D:\games\soldier of fortune\sof.exe] => (Allow) D:\games\soldier of fortune\sof.exe
FirewallRules: [TCP Query User{EB037A9C-4274-40DA-B348-5751821FEE09}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{64F17405-13C2-4CA1-BE0F-B4B4EBA822B8}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{039CE7D6-8615-4867-9B7D-5D77171CF046}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D5172F7E-49E6-4DDF-9DA9-AF66C81B5A55}] => (Allow) D:\Games\Steam\SteamApps\common\LethalVR\LethalVR.exe
FirewallRules: [{D2F00B33-3AA8-42D5-9B14-C767CFF32944}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [{AB5457CE-D7FE-4B34-B463-B155F14F96BD}] => (Allow) D:\Games\Steam\SteamApps\common\Dangerous Golf\Orlando.exe
FirewallRules: [TCP Query User{B77F38D4-CF61-44FA-BA53-BA1EFB7D5A95}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [UDP Query User{DE476809-6F31-461C-89B2-CFE16D7151EF}D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [TCP Query User{70925235-EB3E-41A8-AAEA-F7560E1D8AE9}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [UDP Query User{BB5A0FCE-F704-4643-91FA-E3AEF49E2C0C}D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\lethalvr\lethalvr\binaries\win64\lethalvr-win64-shipping.exe
FirewallRules: [{E3DCA5F5-CFB9-49E6-A6D2-1E04C6C5BE44}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{8AC401C8-0D9E-486D-AD97-16F5B10C104D}] => (Allow) D:\Games\Steam\SteamApps\common\The Unwelcomed\TheUnwelcomed_v1.27.exe
FirewallRules: [{1C79891E-9065-4FC7-BFEB-6D285BEED6DD}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{085103B3-52BB-4322-9116-5F92D990C16D}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe
FirewallRules: [{28C28A74-2BF9-4BBA-8801-DBE9B3113DD3}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{9BE9FEF8-B749-421F-AC97-368EC7D7282E}] => (Allow) D:\Games\Steam\SteamApps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe
FirewallRules: [{5707A4E9-4AB0-4ADC-95A6-8891A2D6147B}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{F4D66E58-5638-4F67-8A31-62AEA5572057}] => (Allow) B:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{8324771A-96C6-4F9B-90DA-195A875C5631}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{F03EA227-673C-4D1D-A045-93429F4F96CB}B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) B:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{F98C6DC3-DAF4-4D89-9EC0-32A20474D749}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{DEFC3B7B-4E63-430B-9F73-CED9B3360B00}] => (Allow) B:\Steam\steamapps\common\Rez Infinite\Rez-infinite.exe
FirewallRules: [{B04F755E-73A7-4B19-A716-0B4936931199}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{971CC691-F9C0-4BE8-BDED-8815C6A6245D}] => (Allow) B:\Steam\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe
FirewallRules: [{80DE5553-410B-43C9-8FEF-E43891C78DAF}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{D5BDF78C-85D8-4E56-926C-CC2D7364646A}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{63DFEBFC-390C-40DE-933A-9F2DADAD8AFD}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{57D0E3A8-0AB2-48D7-AB64-E3FC8289ABF8}] => (Allow) B:\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{03B14AAC-85A3-4E1E-AAE6-D67BB763AB8A}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{5534C200-0E52-4CCC-BA98-DF0D25966303}] => (Allow) D:\Games\Steam\SteamApps\common\Full Throttle Remastered\Throttle.exe
FirewallRules: [{319E1CFA-96F9-4765-B13D-2832EBC9F79E}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [{090C80C9-EF2A-4BCC-B274-DA738B85FF47}] => (Allow) D:\Games\Steam\SteamApps\common\Observer\TheObserver.exe
FirewallRules: [TCP Query User{D0852806-9B67-4849-B393-5BCFD73B4217}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [UDP Query User{732894AA-62DA-493F-BA78-A65544A6C539}D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\observer\theobserver\binaries\win64\theobserver-win64-shipping.exe
FirewallRules: [{214564AF-BBA3-4E81-B17D-1F06B5D3AFD0}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{0B95A94E-567C-43B4-B71B-3B85B8188330}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{B33FB518-0761-4C24-8867-F0B7B14F323F}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{B76F326A-FE12-49DD-99D3-B8B83F95A4A2}] => (Allow) D:\Games\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{CF53888A-5C8C-44A9-96E7-8D2A2C391893}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{E602716D-68E2-4725-97C8-C0555B0FF6BE}] => (Allow) D:\Games\Steam\SteamApps\common\Secret World Legends\ClientPatcher.exe
FirewallRules: [{835F90F4-C74A-48E4-BD7B-7B7F3EB26BB1}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{DE0ABF26-0839-44EA-9D69-ACA0A016BDA7}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B8FEEE15-4AA9-48C5-BA8F-0D61F0142CC5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BCD32AD3-5CF5-4EAA-B4BB-6B822714DD3E}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{2DE48180-C6D5-4C8B-B588-4E81E239B1A5}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{139CD6E0-7156-45DD-80E7-9F30BCC3DAEC}] => (Allow) D:\Games\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4896923D-EA5C-492C-84A1-6FBE349C275C}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{6EBE3F0D-A166-408B-8DFC-80271D263B06}] => (Allow) D:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{AA95A789-ABF7-49FA-BC2C-E8105DCD445E}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DBFA4C21-FBA5-440E-A8AF-C5E9777BABAE}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{56526727-9FF2-4767-8A86-67202932C05A}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F8C628C4-D6B5-414D-889E-EE364CFBC7D7}] => (Allow) D:\Games\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B2F7A213-0B26-408B-9612-A5BE7520ED6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3AE1DE3A-8510-4A06-AA23-71A1A52679DB}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{313E92A5-5595-4288-A364-63B4C3B819E5}B:\games\destiny 2\destiny2.exe] => (Allow) B:\games\destiny 2\destiny2.exe
FirewallRules: [{34DD1EF5-DC69-4975-B0F4-78E0875E130B}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{67B2ECF1-9635-4060-80A8-E1D5452EA396}] => (Allow) D:\Games\Steam\SteamApps\common\Sonic Mania\SonicMania.exe
FirewallRules: [{7A7CD880-69B3-4C3E-9647-5C3623C65E61}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{12B14AFB-878D-4FDA-A577-802F39490F85}] => (Allow) D:\Games\Steam\SteamApps\common\Comedy Night\Comedy Night.exe
FirewallRules: [{47916F8C-0CAE-45DA-A7B4-985DA7C8F929}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [{9458BBAC-9252-4758-829F-79275BB8B2F9}] => (Allow) D:\Games\Steam\SteamApps\common\Windlands\Windlands_Win_x64.exe
FirewallRules: [TCP Query User{BDFDC57C-8BC9-4E79-B023-615557F08A78}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [UDP Query User{3F3D8A05-33CD-47CF-84C2-F977A40F537D}D:\games\dune 2000\dune 2000\dune2000.exe] => (Allow) D:\games\dune 2000\dune 2000\dune2000.exe
FirewallRules: [{00EC267C-F337-4CA1-AC15-822CA9CCB469}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [{E86DD9EE-B256-4BBB-BE9C-C368494796F7}] => (Allow) D:\Games\Steam\SteamApps\common\PAVR Pre Alpha Demo\PA_UE4.exe
FirewallRules: [TCP Query User{CDF47A81-5308-4252-9667-38D9AB0D8061}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [UDP Query User{6F3E0A19-AC02-489E-89E6-5BF15BCCDDC2}D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\projectm dream\e1\binaries\win64\e1-win64-shipping.exe
FirewallRules: [{78F1101F-9872-4F30-919B-44FEF97AFA23}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{4A2A88E2-91E7-4949-88FC-A05F0BDAF2F7}] => (Allow) D:\Games\Steam\SteamApps\common\Mindshow\Mindshow.exe
FirewallRules: [{DA1AB053-B838-4905-9B9F-CAF4FFD52AB5}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{23A99FAD-E518-4010-83FE-710A6E211B96}] => (Allow) D:\Games\Steam\SteamApps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{24359B6A-EE2C-4D5C-ABA5-6BF6CAC91504}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AA6C628-7FB9-4F30-BB92-BDCF89F2181A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0B270495-D3DF-42B2-B552-52B9EE687746}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB7EE3A6-58A2-4ED9-90AD-3136049D6ED4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C89A8AB6-BCD9-4DC5-885F-DB0E8A508471}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{C3C6DF70-4CA9-430C-A8FF-FEEC9584346C}] => (Allow) B:\Games\Battlefield 3\bf3.exe
FirewallRules: [{61C7FA33-4FA8-496A-804E-6F769606FD0A}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{14F4F47C-8305-4C7A-B552-AA5062DF3F14}] => (Allow) B:\Steam\steamapps\common\NoLimits 2\64bit\nolimits2stm.exe
FirewallRules: [{81A6E9C9-CCA8-48DC-A19C-4425F738518E}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{794C269B-691B-4E72-847D-6BEAA1613019}] => (Allow) D:\Games\Steam\SteamApps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{2D1CC264-2E8C-4447-BF39-A770356FF620}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{6286C5FE-F448-4712-9198-65EA02C81ADC}] => (Allow) D:\Games\Steam\SteamApps\common\Vertigo\Vertigo.exe
FirewallRules: [{D2C7216F-2F71-4D31-BBFA-CB24B6010AD4}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{025100DE-0293-4589-A81C-417A0604AB7F}] => (Allow) B:\Steam\steamapps\common\DuckSeason\DuckSeason\DuckSeason.exe
FirewallRules: [{E3A69345-E1C6-435C-962C-6C54065DD035}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{9FE21E23-0DDA-4020-952F-D1EE6C97D97B}] => (Allow) D:\Games\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{5014089B-AA20-40A0-BF72-A740F366A674}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{142D2C28-298C-4B34-B67F-4CCA94E45CE1}] => (Allow) D:\Games\Steam\SteamApps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{7813EC58-1DAF-4FFE-976A-80172154651E}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{CF67956E-6D20-4DE6-9ACB-2A3B6DC3AB41}] => (Allow) B:\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{699458AF-2F8D-48F1-8B2B-BA8454D8236C}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{ABFA37DD-029F-4272-A197-06762C110EB8}B:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) B:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{089F274A-3139-40E8-8F03-1BE0BB9EAE7D}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [UDP Query User{2113B080-14B0-4BAE-9C02-A410FE21B061}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{C0292D33-04A7-4511-A144-216679F9FFD4}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{D922841A-A90B-4235-89DF-426FB99D355F}] => (Allow) D:\Games\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{0800D4EE-74FF-4BFD-8430-5E5ED922607B}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{CEACACE7-4640-4865-B504-F16A3ED17000}D:\games\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\games\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{9CDAE3DE-33F2-4E84-A6EA-809402CA701B}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{0B4B05AB-250A-412E-9969-0586E560F06E}] => (Allow) D:\Games\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{BC8A2FB2-90B9-47DB-A552-489AE165B13D}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{C3E2BBA9-A4B6-4FC8-9A79-8864D9775545}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{DA2A4F4D-F1E8-462A-B8EA-380E5D196DD2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{02761161-C56D-453C-85F6-7D6D33393B5D}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{D743BB1E-5935-428E-8603-2AFEE37DC980}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{25B1F3B6-3DE9-4F4E-8155-5B40B04FF2DC}] => (Allow) B:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{FD16AFE9-6DF5-46F2-8870-A99E4CBD85CD}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
FirewallRules: [{4C6250CC-10C1-41BF-A1E0-5BDDC0A4A700}] => (Allow) B:\Steam\steamapps\common\Bullets And More VR\BAM_VR.exe
FirewallRules: [{04E0654B-70ED-4D12-B684-4CB7D4993E59}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{1A91F9EF-32FC-4EC3-B532-86A5C8F47DD3}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2.exe
FirewallRules: [{1CD6EC4E-DB42-4E1F-A280-85FAB2B4E910}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{72AD212C-DF93-4D29-9A14-4523C338C1C9}] => (Allow) D:\Games\Origin\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{22DAA0F4-3266-4288-B433-C6A32096969D}] => (Allow) B:\Games\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{4C19C07C-0741-4575-BF05-AF2DCD6A8084}] => (Allow) B:\Games\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{CDB51593-B67F-452D-9637-4F62DCDECFC8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8E2234C0-B8AA-465F-890B-2D5670468E68}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

22-09-2017 06:16:02 Windows Update
22-09-2017 06:16:08 Windows Update
22-09-2017 06:33:10 Malwarebytes Anti-Rootkit Restore Point
22-09-2017 19:04:10 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/26/2017 04:23:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/26/2017 06:16:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/26/2017 06:15:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Hoshi\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/26/2017 06:11:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/26/2017 06:05:12 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/25/2017 08:56:32 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/25/2017 07:02:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/25/2017 04:33:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/25/2017 04:29:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/25/2017 04:29:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.


Systemfehler:
=============
Error: (09/26/2017 06:16:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/26/2017 06:16:48 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hoshi\AppData\Local\Temp\ehdrv.sys

Error: (09/26/2017 06:16:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/26/2017 06:16:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hoshi\AppData\Local\Temp\ehdrv.sys

Error: (09/26/2017 06:16:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/26/2017 06:16:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hoshi\AppData\Local\Temp\ehdrv.sys

Error: (09/26/2017 06:16:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/26/2017 06:16:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hoshi\AppData\Local\Temp\ehdrv.sys

Error: (09/26/2017 06:16:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/26/2017 06:16:25 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Hoshi\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-09-26 16:23:07.152
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 16:23:07.151
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 11:05:16.195
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 11:05:16.194
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:52:53.127
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:52:53.126
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:27:16.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:27:16.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:14:49.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-09-26 10:14:49.323
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16314.71 MB
Verfügbarer physikalischer RAM: 12184.22 MB
Summe virtueller Speicher: 32698.71 MB
Verfügbarer virtueller Speicher: 28191.65 MB

==================== Laufwerke ================================

Drive b: (Lokaler Datenträger) (Fixed) (Total:465.76 GB) (Free:118.85 GB) NTFS
Drive c: () (Fixed) (Total:223.03 GB) (Free:104.01 GB) NTFS
Drive d: () (Fixed) (Total:1464.84 GB) (Free:212.57 GB) NTFS
Drive e: () (Fixed) (Total:398.17 GB) (Free:71.36 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7D0DF0DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7D0DF0CB)
Partition 1: (Not Active) - (Size=1464.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 873A098D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 26.09.2017, 23:47   #20
burningice
/// Malwareteam
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Schritt: 1
Entfernen schädlicher Ausnahmen im Windows Defender

Drücke bitte die + R Taste und kopiere folgendes in das Ausführen Fenster:
Code:
ATTFilter
ms-settings:windowsdefender
  • Es öffnen sich die Windows Defender Einstellungen.
  • Öffne das Windows Defender Security Center
  • Gehe zu Viren- & Bedrohungsschutz > Einstellungen für Viren- & Bedrohungsschutz > Ausschlüsse hinzufügen oder entfernen
  • Entferne dort alle vorhandenen Ausnahmen.

Schritt: 2
FRST Fix
  • Markiere den Inhalt der folgenden Code-Box vollständig, mache einen Rechtsklick darauf und wähle "Kopieren":
    Code:
    ATTFilter
    Start::
E:\CDex-1.84.exe
E:\gcfsnr.zip
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
powershell: Get-mpPreference
emptytemp:
End::
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte automatisch aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt: Frage
Hast du noch irgendwelche Probleme mit deinem Rechner?

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 27.09.2017, 05:24   #21
Hoshi82
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


fixlog
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-09-2017
durchgeführt von Hoshi (27-09-2017 06:21:00) Run:3
Gestartet von C:\Users\Hoshi\Desktop
Geladene Profile: Hoshi (Verfügbare Profile: Hoshi & Mcx1-HOSHI-PC & OVRLibraryService)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
E:\CDex-1.84.exe
E:\gcfsnr.zip
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\ DisallowedCertificates: 9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 (U)
Task: {CCEA5BF9-67E9-44F9-8750-250CB46A4824} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
powershell: Get-mpPreference
emptytemp:

*****************

E:\CDex-1.84.exe => erfolgreich verschoben
E:\gcfsnr.zip => erfolgreich verschoben
HKU\S-1-5-21-1299527896-1211748070-1707534253-1000\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9AAF24A4D6CA8CCDF64BBF916CBC77512A9B0CA7 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCEA5BF9-67E9-44F9-8750-250CB46A4824} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCEA5BF9-67E9-44F9-8750-250CB46A4824} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt

========= Get-mpPreference =========



CheckForSignaturesBeforeRunningScan           : False
ComputerID                                    : 4123B229-DF9D-4C3E-8D91-664DAD014B8F
DisableArchiveScanning                        : False
DisableAutoExclusions                         : False
DisableBehaviorMonitoring                     : False
DisableBlockAtFirstSeen                       : False
DisableCatchupFullScan                        : True
DisableCatchupQuickScan                       : True
DisableEmailScanning                          : True
DisableIntrusionPreventionSystem              : 
DisableIOAVProtection                         : False
DisablePrivacyMode                            : False
DisableRealtimeMonitoring                     : False
DisableRemovableDriveScanning                 : True
DisableRestorePoint                           : True
DisableScanningMappedNetworkDrivesForFullScan : True
DisableScanningNetworkFiles                   : False
DisableScriptScanning                         : False
ExclusionExtension                            : 
ExclusionPath                                 : 
ExclusionProcess                              : 
HighThreatDefaultAction                       : 0
LowThreatDefaultAction                        : 0
MAPSReporting                                 : 2
ModerateThreatDefaultAction                   : 0
PUAProtection                                 : 0
QuarantinePurgeItemsAfterDelay                : 90
RandomizeScheduleTaskTimes                    : True
RealTimeScanDirection                         : 0
RemediationScheduleDay                        : 0
RemediationScheduleTime                       : 02:00:00
ReportingAdditionalActionTimeOut              : 10080
ReportingCriticalFailureTimeOut               : 10080
ReportingNonCriticalTimeOut                   : 1440
ScanAvgCPULoadFactor                          : 50
ScanOnlyIfIdleEnabled                         : True
ScanParameters                                : 1
ScanPurgeItemsAfterDelay                      : 15
ScanScheduleDay                               : 0
ScanScheduleQuickScanTime                     : 00:00:00
ScanScheduleTime                              : 02:00:00
SevereThreatDefaultAction                     : 0
SignatureAuGracePeriod                        : 0
SignatureDefinitionUpdateFileSharesSources    : 
SignatureDisableUpdateOnStartupWithoutEngine  : False
SignatureFallbackOrder                        : MicrosoftUpdateServer|MMPC
SignatureFirstAuGracePeriod                   : 120
SignatureScheduleDay                          : 8
SignatureScheduleTime                         : 01:45:00
SignatureUpdateCatchupInterval                : 1
SignatureUpdateInterval                       : 0
SubmitSamplesConsent                          : 1
ThreatIDDefaultAction_Actions                 : {6}
ThreatIDDefaultAction_Ids                     : {225451}
UILockdown                                    : False
UnknownThreatDefaultAction                    : 0
PSComputerName                                : 




========= Ende von Powershell: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16263798 B
Java, Flash, Steam htmlcache => 149344730 B
Windows/system/drivers => 65274 B
Edge => 0 B
Chrome => 363397997 B
Firefox => 378591726 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 18826 B
Hoshi => 449878468 B
Mcx1-HOSHI-PC => 0 B
OVRLibraryService => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 06:21:15 ====
Und bis jetzt scheint alles wieder normal zu laufen. Hatte auch schon ein paar Tagen keine Probleme mehr.

Alt 27.09.2017, 13:31   #22
burningice
/// Malwareteam
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean



Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg:

Wichtig: Entfernen der verwendeten Tools
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Malwarebytes Anti-Malware (gratis Version) und ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen.


Persönliche Empfehlungen
Das wichtigste zu erst:
  • Aktiviere unbedingt die automatischen Updates von Windows und stelle auch sicher, dass diese regelmäßig installiert werden.
  • Aktiviere immer eine Firewall - die in Windows integrierte reicht dazu vollkommen aus.
  • Verwende immer ein Antivirenprogramm und stelle sicher, dass es sich regelmäßig aktualisiert.

    Wenn du kein Geld ausgeben möchtest, empfehle ich dir auf Windows 8.1 bzw. Windows 10 einfach den Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die Microsoft Security Essentials.
    Ein ökonomischer Grundsatz lautet "Nichts ist kostenlos". So verwendet andere kostenlose Software wie Avira, AVG, Avast und dergleichen häufig Nutzerdaten als "Bezahlung" und wenden dabei ähnliche Techniken an, wie manche unerwünschte Programme, vor denen wir euch eigentlich schützen möchten. Darum sehen wir ihre Verwendung als kritisch: Virenschutz verkauft Nutzerdaten

    Wenn dir besserer Schutz etwas wert, empfehle ich dir eine der folgenden Lösungen:


Schutz vor unerwünschter Software
Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen?

Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de.
Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen

Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken.
Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil!



Tipps, um dein System sicherer zu machen
Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell.


Passwörter
Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen.
Ganz wichtig: benutze pro Account ein anderes Passwort!
Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau


Unterstütze uns und empfiehl uns weiter

Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne

Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür

Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen

Besuche und like unsere Facebook-Seite!


Danke für deine Mitarbeit und alles Gute!

Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 27.09.2017, 15:08   #23
Hoshi82
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


Es scheint alles wieder ok zu sein.

Vielen vielen Dank! Ihr macht eine super Arbeit ("musste" eure Hilfe schon einmal in Anspruch nehmen). Eine Spende gibs auf jeden Fall.

Alt 27.09.2017, 19:15   #24
burningice
/// Malwareteam
 
Windows 10 64bit : Verdacht auf Maleware - Standard

Windows 10 64bit : Verdacht auf Maleware


perfekt, herzlichen Dank und alles Gute!
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort
Seite 2 von 2 1 2

Themen zu Windows 10 64bit : Verdacht auf Maleware
administrator, browser, defender, explorer, firefox, google, helper, homepage, installation, maleware, mozilla, mp3, netgear, neustart, nvidia, prozesse, realtek, rundll, services.exe, software, starten, super, svchost.exe, system, windows, öffnet


« Windows 8.1 vor Tagen Email account gmx gekappert evtl. Trojaner an Bord | autochk.exe Schadsoftware? »


Ähnliche Themen: Windows 10 64bit : Verdacht auf Maleware


  1. Trojaner Verdacht, Win10 64bit
    Log-Analyse und Auswertung - 07.10.2017 (37)
  2. Rootkit verdacht unter win7 64bit ultimate
    Log-Analyse und Auswertung - 30.11.2015 (35)
  3. Verdacht auf sehr schadende Maleware.. was tun..?
    Log-Analyse und Auswertung - 29.06.2015 (1)
  4. Windows PC mit viel Maleware
    Plagegeister aller Art und deren Bekämpfung - 16.02.2015 (13)
  5. Verdacht auf Maleware - Internet funktioniert auf Desktop-PC nicht mehr.
    Log-Analyse und Auswertung - 21.09.2014 (3)
  6. Fenster Optionen nicht anklickbar Verdacht auf Maleware
    Log-Analyse und Auswertung - 05.08.2014 (9)
  7. Yahoo Account versendet Spam. Trojaner-Verdacht. Windows 7 64bit
    Log-Analyse und Auswertung - 24.06.2014 (15)
  8. Windows 7 64Bit+ Avast, Win32:Maleware.gen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (22)
  9. Verdacht auf Torpig: Mit MBAM massenweise Maleware u.ä. gefunden nach "Sinkhole-Warnung" des Providers
    Plagegeister aller Art und deren Bekämpfung - 01.12.2013 (9)
  10. Spyhunter 4, Maleware oder Maleware Security Suite?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (5)
  11. Laptop Windows 7 Professional (SP1) 64bit Verdacht auf "eyestye"
    Log-Analyse und Auswertung - 20.11.2012 (11)
  12. Pc verhält sich komisch. Viren/Maleware/Trojaner verdacht
    Log-Analyse und Auswertung - 19.09.2011 (9)
  13. Verdacht auf Rootkit-Verseuchung Windows 7 64bit
    Log-Analyse und Auswertung - 22.08.2011 (4)
  14. Maleware Verdacht: Recovery-Aufforderung mit Meldung "Festplatte beschädigt"
    Mülltonne - 16.06.2011 (1)
  15. Windows Maleware WindowsRecovery
    Log-Analyse und Auswertung - 14.05.2011 (48)
  16. windows fehler oder maleware ?
    Alles rund um Windows - 07.05.2011 (1)
  17. Windows Recovery Maleware
    Log-Analyse und Auswertung - 06.04.2011 (43)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 10 64bit : Verdacht auf Maleware - Schritt: 1 Bitte Anleitung korrekt lesen und Malwarebytes auf Version 3 upgraden, indem du die alte Version deinstallierst und dann die neue Version verwendest. Dann einen neuen Scan ausführen. Schritt: - Windows 10 64bit : Verdacht auf Maleware...
Archiv
Du betrachtest: Windows 10 64bit : Verdacht auf Maleware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131