| Edenjung | 12.05.2017 09:09 |
Addition neu Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Leander (12-05-2017 10:03:14)
Gestartet von F:\downloads
Windows 10 Pro Version 1607 (X64) (2016-10-08 08:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-314425503-1263803708-1118067362-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-314425503-1263803708-1118067362-503 - Limited - Disabled)
Gast (S-1-5-21-314425503-1263803708-1118067362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-314425503-1263803708-1118067362-1002 - Limited - Enabled)
Leander (S-1-5-21-314425503-1263803708-1118067362-1000 - Administrator - Enabled) => C:\Users\Leander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0 A.D. (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\0 A.D.) (Version: r18915P-alpha - Wildfire Games)
Act of Aggression MULTI2 1.0 (HKLM-x32\...\Act of Aggression MULTI2 1.0) (Version: - )
Act of Aggression Update 14 MULTI2 1.0 (HKLM-x32\...\Act of Aggression Update 14 MULTI2 1.0) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.28890 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
Borderlands 2 GOTY version 1.8.2 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2 - 2K Games)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2016 (HKLM\...\Steam App 391040) (Version: - Codemasters)
Factorio (HKLM-x32\...\{2BCB3CEC-B168-450B-857D-408CA9E9F3C4}) (Version: 12.24.0000 - Your Company Name)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
GdZ WoT ModPack Version 0.9.17.0.06 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.17.0.06 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: Mass Effect 3 - )
Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft OneDrive (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\1893001152_is1) (Version: 2.0.0.3 - GOG.com)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: - )
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
SpellForce 2 Patch (x32 Version: 1.0.0 - JoWood) Hidden
Splinter Cell: Conviction - Deluxe Edition (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}_is1) (Version: 1.04.000 - Ubisoft)
Spotify (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version: - Petroglyph)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XVM Version 6.4.3 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.3 - XVM team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C14277FD74D4}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12FD3112-DD67-4F99-A131-5729DDC1C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {1406D884-61DC-4B4D-8B4F-5C027501E4F3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {2A043FF9-3775-45BE-96FE-1074721A002B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {31244610-8760-4B4E-8A8A-9EF7E29EEA23} - \Buhukhjoly -> Keine Datei <==== ACHTUNG
Task: {5ED3EE11-B80D-4F61-A462-97CDD74A7040} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-11] () <==== ACHTUNG
Task: {8FFE60D5-A499-4D75-B1F2-E0B9A7E0AE6A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-leander-hausmann@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {966282B4-8F3D-4636-875D-C1ED5539DE98} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
Task: {A87C61AC-122E-4289-B391-8B47E3B080B5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {B38B6170-5E59-4D10-8FD4-51AD70098688} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-02] (NVIDIA Corporation)
Task: {BF8866CF-CFB4-47CD-973E-1FBDD5DBDEE8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Leander\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DF58C814-98FC-4C83-94D0-C888DC80FAE5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 19:12 - 2016-09-01 19:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-31 17:16 - 2017-04-14 15:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-08 10:31 - 2016-07-08 21:28 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-08 20:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:12 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00022928 _____ () E:\Origin\QtWebEngineProcess.exe
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-09-20 19:38 - 2017-05-02 10:05 - 02493440 _____ () E:\Origin\libGLESv2.dll
2017-01-19 06:46 - 2017-01-19 06:46 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 67725936 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libcef.dll
2016-10-27 17:54 - 2017-04-20 18:41 - 00110192 _____ () C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 01929840 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libglesv2.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 00087152 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libegl.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00012288 _____ () E:\Origin\libEGL.DLL
2016-07-06 11:43 - 2016-07-06 11:43 - 00266240 _____ () E:\Origin\imageformats\qmng.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-06-25 15:08 - 2016-06-25 15:06 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.198.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{363E6FE3-05AA-4245-BEB8-2B4E8CD2424C}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{0B150D02-1977-45E3-8A17-A51A5EEFA337}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{23529468-A65B-4EDF-9CA3-1730D28A2974}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{A503D355-AD3C-4420-946D-6574FFE49D4A}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{454DAB07-9945-460C-95CC-22062FB7A43E}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{71FB9FAA-8E79-4D04-A687-8AD32BAE534D}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E59E606-789C-4809-A4FB-04E905F212D1}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{F60A8791-663B-40D8-BA96-C98817A64AB4}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [UDP Query User{DEDB94BE-05B1-46BD-B1F7-764FD9A02800}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [TCP Query User{7293833D-4038-421A-A6EC-056E91781B7B}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{6E3679F6-6E56-4056-A62C-38FFCEFA9179}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{A50E42BB-4B73-41AD-A196-95533DB7BD85}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{804DD275-645E-4943-BFDD-ECA62E362FB3}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F531007A-DDC5-401A-B50A-30A88787019E}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{610AD0C5-449A-4B7E-8BB3-B577DBB0B889}] => (Allow) LPort=8090
FirewallRules: [{BB1D5C61-C74E-4856-B047-4A23FCBCE604}] => (Allow) LPort=8090
FirewallRules: [{5114F9E0-C29A-4B77-B3F2-E9651D6ECDF5}] => (Allow) LPort=20443
FirewallRules: [{96C073AC-EF66-421E-A93D-0E2DF23E360E}] => (Allow) LPort=20443
FirewallRules: [{1E2E955A-14E9-4F49-AAD7-6C3DA314CA4C}] => (Allow) LPort=33333
FirewallRules: [{93EED35E-BBB6-41F8-8D82-697DC174FFC9}] => (Allow) LPort=33333
FirewallRules: [{B8BE5478-9D36-4ADC-877A-706BA989AAC6}] => (Allow) LPort=6881
FirewallRules: [{7740550A-9F38-4D94-8139-CEB616D8448B}] => (Allow) LPort=6881
FirewallRules: [{EE116E94-7F11-4821-B1A0-7BB23DD36CB3}] => (Allow) LPort=27022
FirewallRules: [{B830484E-1CD7-487F-A0E6-C21ECEAF026D}] => (Allow) LPort=27022
FirewallRules: [{F4688C96-87D0-4FAC-973C-6E499E6FBEFF}] => (Allow) LPort=7853
FirewallRules: [{E979BEA8-42F2-4775-A126-8E7B67205DE5}] => (Allow) LPort=7853
FirewallRules: [{7655A8CB-9A30-4F41-BF5A-5C52A3BE3097}] => (Allow) LPort=7852
FirewallRules: [{D889F872-9573-4B3D-A3D5-44E4E22C67AF}] => (Allow) LPort=7852
FirewallRules: [{EBB00AD9-6A87-4E2C-A94A-1F3B9A5855AE}] => (Allow) LPort=7850
FirewallRules: [{8778D438-EC2F-4402-8FBC-D8FFBF188188}] => (Allow) LPort=7850
FirewallRules: [{9516CF23-C46A-4412-A4F2-A7FA543C2317}] => (Allow) LPort=3478
FirewallRules: [{D1B835E9-5A11-4C44-BB99-25F1671675BC}] => (Allow) LPort=3478
FirewallRules: [{C62F6C43-5600-4898-8620-5B462A752663}] => (Allow) LPort=20010
FirewallRules: [{9FF63B17-486F-49BE-9D8F-52FB4CFFBFDE}] => (Allow) LPort=20010
FirewallRules: [{18464C8D-F6E0-4BD9-AE72-2C917722D61D}] => (Allow) LPort=443
FirewallRules: [{A6ABA7E4-4C5E-4D2F-826D-A603E9BB01D4}] => (Allow) LPort=443
FirewallRules: [{BD62661E-8F78-405C-A1C3-9DDF0021FC46}] => (Allow) LPort=80
FirewallRules: [{EAC0AF81-6235-4CF7-93F4-DB981D9EECC5}] => (Allow) LPort=80
FirewallRules: [{64A5B154-7769-44B4-9549-47171EE71E37}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{83F8ABB5-B4B5-42AB-A620-FDACC97B3177}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{30D54FAD-B268-4E6B-AAF3-517CBAFFEDDA}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{13C73473-1BE2-423F-AF27-F8D30B4D120D}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{55DCF095-2BB5-4EB8-9A32-FBCC7448E00C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{83B40331-014F-4BE3-90F7-B795E220BCBE}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{B9E26435-3C47-4A05-93A9-163D987FFDCA}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{53ADB0FD-4D0B-45EB-8522-464F17BD32F8}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{5164A686-3F2F-454E-BADB-2E431E72DE87}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{46E92748-1C10-4778-A30B-B1577ED01D6E}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{35A469B6-6105-496E-810B-9F145362C326}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{3067C56E-4D00-4160-A258-8FEB3EA55B83}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{9E1DC9A2-6215-4F13-9748-4087F8562633}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{E7B36AE3-1973-49B4-A085-10BF9236185D}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{D0E5DE4D-EEBB-49CC-855A-0A14EAD16844}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{E4B6618F-6905-4CFC-BCF5-7EE29CEE6C05}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{AEB33FC2-6539-4CE5-BFC0-E168AE351648}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{46DC66BA-1D67-4E48-A7C8-4A2C69558C35}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{E0991642-65BE-4F02-B224-1970117F206E}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{231B5321-184F-456B-B350-2B4119795246}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [UDP Query User{E2765E83-CE55-43C6-884E-5313E35B440C}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{41376B7B-43F2-4513-B074-B1C466E0EFBF}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{A3DF1BA5-4B57-4DAF-BAB5-472550973B66}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{A999C6FB-B122-406C-92D5-7739A568870B}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [UDP Query User{8020E4C2-4A83-480B-9E0D-CF035AE1BA17}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [TCP Query User{201ECC51-73A4-4DA4-A8BB-88ADE1FA6B9D}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{B433909A-59F6-49F7-A4A0-97E3DB467A26}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{4A00AF90-9AEA-4BFD-95D3-C8F014B8C457}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [UDP Query User{88A0C794-EB31-4288-9E1D-186D4A539C5C}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [TCP Query User{BF742393-0D2F-4EAA-9C64-B3A363DE6406}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{701ABC44-5E65-4A2C-895A-384EF7AEE232}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{ED02915B-B2A8-44EB-994B-93C6FD66B181}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{1FF8FA0D-91BA-4D21-8E29-85032456E89E}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{5A243388-E326-4A43-BF9D-7765BB2D91C9}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{E6A9B320-84C8-4564-9D97-B99B16F8CD65}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [TCP Query User{408C7B54-D730-48B7-8E29-D38AF2FD72B2}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{ECFA46CF-62F2-43EF-9C7C-3525BB39CE3C}] => (Allow) E:\Program Files (x86)\Hamachi\hamachi-2-ui.exe
FirewallRules: [{45D033D0-026B-4857-AAD2-C95FF33FC5B5}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{14E41967-9CF1-40FA-94FB-9C292FC8800E}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1E018E13-327E-43AE-8775-F7E47D4C482D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4B99F4D5-9C69-4C2B-8FBB-FF66C85AEAD3}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{F0D38FDA-25A4-49B5-9CC8-36FA7F585D38}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{4D1DD812-BD54-4735-B024-4B2DDE89A80E}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{EBF86DC0-414E-436A-A824-BFCAE71A0934}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{4D10EA7B-EB2C-44A8-9050-9AEB4EA85883}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{A3E69D28-305C-46FA-AF41-7721C91794C1}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{841ECE80-2317-4B0E-AF1C-E4B34D6FAEA9}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{432C154A-6E00-4A45-BA3A-B57F3B02DA5F}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{B45541EF-8D2F-4A34-927A-7008EC48BD3D}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{5DDD5A60-F33D-464F-8864-47C87E533AB7}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{263BF13D-45F7-4686-BEE1-14244A8BE335}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{89398CC9-CEC1-4341-9447-6CFCDE81399F}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{495439DA-0FC8-4998-B1DB-E5E76741DE10}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{CD9026BE-70EC-44E9-8891-A4A53D98A72E}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [TCP Query User{D6112A26-5EE4-459F-8876-3A9D9CD14881}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{7AF52A80-1ED0-4730-A543-071EB711ECAF}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{38D69740-06A7-4263-B280-015B5BF4E68F}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{98BB4733-E2C7-4841-B5C0-5F0E7ABA95BC}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{16D6DAAC-0544-41E9-8A9A-2105DEFBAC5D}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{CF236CDD-9E4A-4AD7-B642-DD472D5B41BC}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{9C475A95-C2BC-4C53-826F-59253B07597C}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{0AE8210C-C62F-4CF3-A8D8-7CEE8F89499D}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [TCP Query User{C4AA1A32-00E1-4703-BAB8-B88959BB341B}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{227FF8A4-7786-4CF5-838F-30342034D170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{A626A0DF-62EB-4254-86B4-6CD4782CAA56}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{3109808B-641B-424F-B3E0-E11216906791}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{8127BF89-577B-4998-ACA3-32F038530B36}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{FAE6032E-F4EE-414B-8AE6-1D055E841E2E}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{8A95DAA2-C8A5-4726-A744-AA4AF9E0C960}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0DB09C56-248D-458F-BA6A-9245B83C15A4}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{06EE8B04-710E-4C12-AADD-4F553C9FF06D}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{4C70084C-459B-480D-95CA-78342505265A}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{8281A504-113D-47ED-B426-C9210A46D40A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C93A92AC-3764-4535-9CF8-4FF0A75E3C1F}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DB64647D-CE28-4F0F-A22A-A66C4E557F93}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{4C4C95F4-CDD6-4842-A14E-6678E3DC2DB0}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{5DE164B0-C4FD-47E5-AB0B-AB0D80267E4E}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{4962F3E3-D443-4225-A5B0-A20A1279795C}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [UDP Query User{0B7C8258-2244-42B0-9987-A06B4A33EB16}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [TCP Query User{76C3519C-29F4-4278-B084-ECF45B83BC91}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [{1E2225EF-DB3D-45C5-97CD-7964840D30ED}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1A1528B9-07C9-487E-BAD9-C4BF4F94426C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E2F672A2-57F0-4A72-86E5-503CBB0C1040}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5D68CBFB-3C72-40E1-AA21-34BFF751BA13}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [UDP Query User{202392AA-A968-4248-A7D2-E89A21AB0FB2}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1D4F8250-FC52-4B08-B928-06A42D16B04B}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{8D1E9DE8-3DB0-4D5D-B21B-5CADCCEA0594}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4756BC1A-F7A0-4FEA-8047-DB0BF0D88F5D}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B7CD1BBF-9584-4FBD-B019-17FE158AF96E}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9D152118-5E51-4B01-B605-1EFF028904F1}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8A8F74D-6E34-47D2-A809-EE8CF6BC4948}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{47957802-9E43-4DB9-91C2-647C001415BF}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{B5605940-609B-4608-BBD9-22D61E274A66}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{9C0E881A-423C-4E15-8034-77C16F83B1CF}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{5880BB55-F33C-4B42-AA9A-5D04DBF7D39E}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{48C5578A-880C-4D5E-968A-EBCAD580ADE0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3B9B126-5672-48D1-AB53-9EC369342CA0}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C0099489-29EC-4691-86D0-86F55907BE9B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{87AE35B6-47AA-4E55-82FC-795FD4865D9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{518FE2FE-9EAD-4E52-AAC0-2543C25C1B4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8196AAF5-56AA-4124-917C-D009DB72030B}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{ABB14CA1-12FC-486F-89AD-D848F4EA9CA3}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{401502F2-5401-4DA8-8513-CDFFE7DA6441}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{87AFFB7F-D444-467C-BE5F-DA85EB73349C}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{8721884A-4387-4F9F-8436-170F7C28AC79}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3B29A002-4BB0-40D3-9653-E9019F1AFD3F}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{475908F6-8937-416E-AC56-BB6B735B2528}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{BFE6EB55-A427-436C-B15E-F99D631EEC48}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{93240045-FB6A-4801-973C-E6321CC7C7D3}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{8489D365-3FC8-4298-A59E-1213B591FC77}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{D87EB848-16B5-4E35-A3EE-912F5717EC20}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{2041C5E3-C1B7-4AAA-8834-376B458AA5B0}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [TCP Query User{ECB8013E-C11C-45A1-AD3B-8495703CAC19}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [UDP Query User{15AED010-DC3D-40ED-A19B-BCD847FAA8D6}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{156F74D0-2DA7-4C0F-AB48-2F66E8A34C3F}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{6F72227E-4343-40DB-9056-09BAA5CCBBAC}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{25DEAD65-5919-4441-AF93-88B566540A0B}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{C3DF4918-582D-48F0-BAFD-408426F4DDA4}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{87A80444-B1C1-41E7-9987-8F2EBFA015E1}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{6FCFF811-A27A-4BE2-8E38-4F8AF3C43FEF}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [TCP Query User{878158FD-3144-498D-ADA4-3D95AB85E548}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{0B33F65E-7199-4CF2-BF2D-4DF92425ABE0}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{20E0C06F-6DA8-4BDC-87E1-F2651318E65D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{1D6DC50C-8BC9-4E19-BB12-3B7CB0336CC0}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{40E71661-696F-49A5-A063-1C06D60B18F4}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{36C79ED8-5196-4C17-8037-E0F3D5A6EDD6}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{18C8E291-A33D-421A-AA18-992210092ACC}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{30DBB7F3-49E0-4601-8B0C-FCC90D937869}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{527F8B85-38D2-4DC3-BCAF-449B099E6D3B}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{193012AA-0DC0-4541-852E-E5F37771F8DD}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D163D4F-4ED8-4D74-9B5B-C6824CA22D28}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{51A356BC-4D48-4935-B627-FD007378B9C7}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F7C97341-5BE9-4F84-9CF3-B8C3471C8A20}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [UDP Query User{2F1219D0-7B6E-4FA8-84C1-7DA793339AFA}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [TCP Query User{D0C9B2A8-9CE6-4C86-B167-B5803B4F7B57}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [UDP Query User{36848FAF-2D83-45E8-AE7F-1EC13D2E1FE7}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [TCP Query User{301D4E0D-B457-49DE-BFDA-411E3794F196}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [UDP Query User{57DC9114-DEBD-4CCE-BCF4-C4569381B841}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [TCP Query User{3F44D867-C77E-4ACE-BBE9-1C761D093296}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [UDP Query User{DCD57F8E-7F39-4410-8DC6-1F9095181258}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [TCP Query User{63D27EB1-11FD-480D-887C-72B7DB8153FA}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [UDP Query User{20ECECCF-6852-4DFF-8293-6D7DE4A2E93B}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [TCP Query User{7A6CAE1A-0EAF-41A6-9F6A-AAE58E7F26E3}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [UDP Query User{F36D404E-6AEF-46A1-8FD6-607089C31043}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [TCP Query User{904F730E-0A91-4A60-BFA7-4BB9E0A3C052}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [UDP Query User{9B48AEFE-9A21-4304-AAC0-264F693BC819}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [TCP Query User{D4986D90-1A30-4404-9990-D236A5801D80}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [UDP Query User{0AFEC170-0AC4-4988-8696-6AA1AF104372}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [{6A5928C7-BD51-4EA5-947D-BE3069A246AE}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E83C974-2F25-44CA-8A62-B016CB8E6AD3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{44FCAB8D-4DCA-4777-94D3-97E917C70419}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{299ECABA-43BF-43EB-8AA5-7A4146255A39}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{D50FC51A-0326-477C-9EA7-DF0F3864599D}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [UDP Query User{69B5EEFA-0DC5-4F2C-8783-30F45A2ADDFD}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [TCP Query User{FAE7C376-4513-44A1-98B2-674C6B305404}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{BFDE385F-BB59-45BD-9088-6F662412F464}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [TCP Query User{9A568C9B-6B94-48FF-B83F-50209A165AA1}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{B3A29930-3B4A-49DD-8D8B-C360106C7F18}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CD6E8607-95BF-428A-A66A-23E89D57AC9A}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{49DEE857-2BB1-4AE4-B910-52255A929239}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [TCP Query User{BF273DA2-ABDF-49EF-AC97-76BFB9EF15EA}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [UDP Query User{49FB96A8-143C-4F47-95FE-C29AC8D4DE41}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{DD98B784-9E4C-47A9-BC1E-9057F4581C10}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{425D8F68-8D9B-44D6-9943-C8BBF614BC73}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [{1BB09D4A-02F6-443D-B0B6-799EAB4B66CA}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{9DD32326-A4EE-483E-8A8A-BFDAAE5B766C}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{D56D9936-7DB6-4E15-AD42-3FF1D1D38390}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9E06866D-EF31-4EF5-83E0-D2DF04AB9CDD}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{093B8C02-538C-4351-B200-C6BAD15889CB}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3397FC1D-C706-46FC-A231-10B28D4CDDE9}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C1D93A8D-F609-42DD-A6F2-ACAFEE52B92C}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{19F675E8-444B-4E8A-B3BD-341D3016F81D}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{1EED93C3-6CEB-4D29-8DB1-FB6B22FB6CC1}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{40FDCA7C-E115-4ECF-B740-C3AEC4B08B75}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E41E29F-203B-4B2D-BADC-44074E695A9E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{6AED975D-8614-4EBD-94F4-4093DD721687}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{2324AB87-564F-4C0A-AE6B-513AA940F257}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [TCP Query User{15DB37B0-88D7-4C90-ABD5-FB70256139AE}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [UDP Query User{ACCFF4D0-DD59-4DE7-B054-51F559EA56D0}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [TCP Query User{FBE0A1C6-B21C-4BFE-8346-0DFDDF33D78D}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{B646017F-B7BB-4127-82EA-FF67E13AD123}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{C72C32BE-B2DE-45CA-AFDE-1806145DEB86}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{004F7B7C-A6F1-4462-87BA-6F3D2DBD1E74}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D1B49A33-DD34-4964-BFAB-DD58221DDD8B}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F12207C9-3026-4864-9ABF-60A8CD8F0416}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7160BD8C-9C3B-4C58-9889-16920C8FEE62}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F196D72C-4539-4C5B-880F-F9FCB4ACD1CF}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{12CB3CA0-E922-4D4A-A4F6-F036C54815E2}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{E6A50989-A8BC-4761-A9A3-CA9F6D3CA9D1}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{03929161-C492-4DDA-8479-383C3E1D3A4C}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B81F7015-08FB-4FDB-8E59-57C9366FE658}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FDA6D588-66B4-486F-8F02-A7C601490150}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{FC4219EA-BC7A-4703-8C7F-76A5434F437E}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{964F99B9-3BA8-4E75-BC5E-38EC749D6758}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [UDP Query User{73AD725E-DBA5-4CE4-977A-92A5AA873AA4}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [TCP Query User{D9A473E1-CC1A-449C-B4C3-A591FD532A6F}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{063CAED6-E620-4F62-B416-F9C647F227FF}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [{6C409CD5-F401-4968-869D-C365B73ECDE8}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{FBA6016C-33A6-4E45-BD6D-3809DC6E634D}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{898CB61A-66EE-44F4-8E06-4F951295A60E}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{93A2E88A-A380-4A2F-88FA-744883B130DA}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{06D7096D-7CFE-4468-825C-0992052CFB3E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [{B48A59B3-968B-4B66-B9AB-40550CA99D89}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [TCP Query User{47D5415F-4301-473E-A963-FEC9DB19A14C}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [UDP Query User{AE14DAF7-D4BB-489F-A2D7-E3D877951980}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [TCP Query User{36F35810-DD34-4A9E-88ED-68170018D7F2}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [UDP Query User{172F917F-8DD4-4D6D-9860-D8828F4CB896}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [TCP Query User{EAF18D17-E6E4-42BE-B905-F7E4E77352C7}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [UDP Query User{0A601DE9-F450-404C-9EAD-75B40F527FE6}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [TCP Query User{6FD75BE8-0C6F-42D2-A567-0CBF34D36AE9}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{30A8F9E1-7A11-4270-A306-0780762D6A88}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [{F03457E1-E54D-47DB-AEB3-83127504F64C}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{C3D0F4FA-D468-466C-BE4A-59096B576FE3}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [TCP Query User{943DF355-C27A-4068-A3D4-0A3705F24603}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [UDP Query User{9A1663EE-76D4-4F7D-8AAF-58EA2C874014}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [{3DA85164-269E-4B35-862B-752AF92B4F90}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{AEBEB0B7-47C3-4740-B7F3-F79EC6798755}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{78B1760B-B9BB-4267-B223-AE7FD30067FB}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{CA8C6DE2-CB3E-4427-AB0C-E0E015F7C811}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{05A14CB4-7793-4B6B-BBCE-FB0978B9CE7B}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5B0F65BE-AA73-4971-8647-7204FF7CB972}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B426D836-7060-4922-8B7C-2399AC1C579E}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{91151B08-6EE4-4970-B8B5-C5E1E0028DD0}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{98C51F64-44C6-4AB4-AE08-5ED553C501CB}] => (Allow) C:\Program Files (x86)\Bagsarah\Application\chrome.exe
FirewallRules: [{7915F66C-F927-4B15-A2B3-008EA3B89873}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/12/2017 09:58:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1114
Startzeit der fehlerhaften Anwendung: 0x01d2caf56e16160a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: bae5fa1b-ce62-457f-88aa-031bf0d39638
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x21b4
Startzeit der fehlerhaften Anwendung: 0x01d2caf56c50e439
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 081bb93e-706e-4ac7-b4f7-25ecff323d59
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1b5c
Startzeit der fehlerhaften Anwendung: 0x01d2caf56a05adab
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 4f210802-3077-45eb-8b75-e87a7490733d
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 08:59:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/11/2017 03:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x42c
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2def74b6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 039b6663-a808-4275-bf5a-4f9270f3be75
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:48:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/11/2017 03:47:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2ae98f1a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 23d05b44-7727-4077-a606-aa72c228a248
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:46:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.9.5.353, Zeitstempel: 0x584b331b
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5cc7
ID des fehlerhaften Prozesses: 0x1d3c
Startzeit der fehlerhaften Anwendung: 0x01d2ca522ffeeb9c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: 5757f0ce-0632-4e4c-821b-60110746984f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/11/2017 02:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0x01d2ca52213df2a6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 1cae2985-777f-4972-8ec9-e7f26ab5d3ba
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 02:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1454
Startzeit der fehlerhaften Anwendung: 0x01d2ca521dff7f75
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 2c3921a5-7fa1-4fb3-a2f5-bdd1bcbd7a10
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (05/12/2017 09:57:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 09:20:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NPASRE" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 21600000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2017 08:59:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (05/11/2017 04:31:15 PM) (Source: DCOM) (EventID: 10010) (User: LEANDER-PC)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/11/2017 04:29:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/11/2017 03:49:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/11/2017 03:47:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "NPASRE" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/11/2017 03:47:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
CodeIntegrity:
===================================
Date: 2017-05-11 14:11:59.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.489
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8153.38 MB
Verfügbarer physikalischer RAM: 5404.77 MB
Summe virtueller Speicher: 11225.38 MB
Verfügbarer virtueller Speicher: 8362.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.36 GB) (Free:9.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:976.56 GB) (Free:284 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.35 GB) (Free:203.52 GB) NTFS
Drive g: (Lokaler Datenträger ) (Fixed) (Total:232.33 GB) (Free:31.17 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C6ECC302)
Partition 1: (Active) - (Size=118.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C6ECC30A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
TDSS Bericht Code:
10:07:13.0991 0x0acc TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
10:07:13.0991 0x0acc UEFI system
10:07:28.0925 0x0acc ============================================================
10:07:28.0925 0x0acc Current date / time: 2017/05/12 10:07:28.0925
10:07:28.0925 0x0acc SystemInfo:
10:07:28.0925 0x0acc
10:07:28.0925 0x0acc OS Version: 10.0.14393 ServicePack: 0.0
10:07:28.0925 0x0acc Product type: Workstation
10:07:28.0925 0x0acc ComputerName: LEANDER-PC
10:07:28.0925 0x0acc UserName: Leander
10:07:28.0925 0x0acc Windows directory: C:\Windows
10:07:28.0925 0x0acc System windows directory: C:\Windows
10:07:28.0925 0x0acc Running under WOW64
10:07:28.0925 0x0acc Processor architecture: Intel x64
10:07:28.0925 0x0acc Number of processors: 4
10:07:28.0925 0x0acc Page size: 0x1000
10:07:28.0925 0x0acc Boot type: Normal boot
10:07:28.0925 0x0acc CodeIntegrityOptions = 0x00000001
10:07:28.0925 0x0acc ============================================================
10:07:28.0989 0x0acc KLMD registered as C:\Windows\system32\drivers\45480535.sys
10:07:28.0989 0x0acc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
10:07:29.0524 0x0acc System UUID: {8CCDA955-6497-7736-F726-DDFA77316200}
10:07:29.0937 0x0acc Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0937 0x0acc Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0948 0x0acc Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0951 0x0acc ============================================================
10:07:29.0951 0x0acc \Device\Harddisk0\DR0:
10:07:29.0952 0x0acc GPT partitions:
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {437027FD-0580-422F-8C72-A894757F2ECB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {43BAF697-AFF4-40FD-BE5B-6C59909053B8}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F18D0E99-3695-4F7B-B6BC-F6B10B831E5B}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {24ABC7D4-2AB8-4BAF-928D-EA62F06E72E6}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1D0AA000
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk1\DR1:
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xECB9000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2:
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7A120000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x7A152800, BlocksNum 0x6ECB5000
10:07:29.0952 0x0acc ============================================================
10:07:29.0954 0x0acc C: <-> \Device\Harddisk1\DR1\Partition1
10:07:29.0961 0x0acc D: <-> \Device\Harddisk2\DR2\Partition1
10:07:29.0982 0x0acc E: <-> \Device\Harddisk2\DR2\Partition2
10:07:30.0012 0x0acc F: <-> \Device\Harddisk2\DR2\Partition3
10:07:30.0014 0x0acc G: <-> \Device\Harddisk0\DR0\Partition4
10:07:30.0014 0x0acc ============================================================
10:07:30.0014 0x0acc Initialize success
10:07:30.0014 0x0acc ============================================================
10:07:50.0270 0x2064 ============================================================
10:07:50.0270 0x2064 Scan started
10:07:50.0270 0x2064 Mode: Manual; SigCheck; TDLFS;
10:07:50.0270 0x2064 ============================================================
10:07:50.0270 0x2064 KSN ping started
10:07:50.0513 0x2064 KSN ping finished: true
10:07:51.0349 0x2064 ================ Scan system memory ========================
10:07:51.0349 0x2064 System memory - ok
10:07:51.0350 0x2064 ================ Scan services =============================
10:07:51.0399 0x2064 1394ohci - ok
10:07:51.0401 0x2064 3ware - ok
10:07:51.0404 0x2064 ACPI - ok
10:07:51.0407 0x2064 AcpiDev - ok
10:07:51.0409 0x2064 acpiex - ok
10:07:51.0412 0x2064 acpipagr - ok
10:07:51.0415 0x2064 AcpiPmi - ok
10:07:51.0417 0x2064 acpitime - ok
10:07:51.0452 0x2064 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:07:51.0482 0x2064 AdobeFlashPlayerUpdateSvc - ok
10:07:51.0505 0x2064 [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
10:07:51.0525 0x2064 AdobeUpdateService - ok
10:07:51.0530 0x2064 ADP80XX - ok
10:07:51.0533 0x2064 AFD - ok
10:07:51.0580 0x2064 [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
10:07:51.0623 0x2064 AGSService - ok
10:07:51.0628 0x2064 ahcache - ok
10:07:51.0631 0x2064 AJRouter - ok
10:07:51.0633 0x2064 ALG - ok
10:07:51.0636 0x2064 AmdK8 - ok
10:07:51.0639 0x2064 AmdPPM - ok
10:07:51.0642 0x2064 amdsata - ok
10:07:51.0645 0x2064 amdsbs - ok
10:07:51.0647 0x2064 amdxata - ok
10:07:51.0650 0x2064 AppID - ok
10:07:51.0652 0x2064 AppIDSvc - ok
10:07:51.0655 0x2064 Appinfo - ok
10:07:51.0661 0x2064 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:07:51.0670 0x2064 Apple Mobile Device Service - ok
10:07:51.0673 0x2064 applockerfltr - ok
10:07:51.0675 0x2064 AppMgmt - ok
10:07:51.0678 0x2064 AppReadiness - ok
10:07:51.0682 0x2064 AppVClient - ok
10:07:51.0684 0x2064 AppvStrm - ok
10:07:51.0686 0x2064 AppvVemgr - ok
10:07:51.0689 0x2064 AppvVfs - ok
10:07:51.0691 0x2064 AppXSvc - ok
10:07:51.0694 0x2064 arcsas - ok
10:07:51.0696 0x2064 AsyncMac - ok
10:07:51.0699 0x2064 atapi - ok
10:07:51.0707 0x2064 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:07:51.0722 0x2064 atksgt - ok
10:07:51.0726 0x2064 AudioEndpointBuilder - ok
10:07:51.0729 0x2064 Audiosrv - ok
10:07:51.0731 0x2064 AxInstSV - ok
10:07:51.0734 0x2064 b06bdrv - ok
10:07:51.0737 0x2064 BasicDisplay - ok
10:07:51.0740 0x2064 BasicRender - ok
10:07:51.0744 0x2064 bcmfn - ok
10:07:51.0746 0x2064 bcmfn2 - ok
10:07:51.0749 0x2064 BDESVC - ok
10:07:51.0751 0x2064 Beep - ok
10:07:51.0781 0x2064 [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
10:07:51.0812 0x2064 BEService - ok
10:07:51.0816 0x2064 BFE - ok
10:07:51.0855 0x2064 [ 605DC7D0AC7B2985B63D18D67F6C8098, 3E74AEFDA40A2EF0039FF01DB75A875C99537CFB91A0167786700803A9B35AAB ] BIT C:\ProgramData\BIT\BIT.dll
10:07:51.0910 0x2064 BIT - detected UnsignedFile.Multi.Generic ( 1 )
10:07:52.0214 0x2064 BIT ( UnsignedFile.Multi.Generic ) - warning
10:07:52.0454 0x2064 BITS - ok
10:07:52.0458 0x2064 bowser - ok
10:07:52.0463 0x2064 BrokerInfrastructure - ok
10:07:52.0468 0x2064 Browser - ok
10:07:52.0473 0x2064 BthAvrcpTg - ok
10:07:52.0477 0x2064 BthHFEnum - ok
10:07:52.0479 0x2064 bthhfhid - ok
10:07:52.0482 0x2064 BthHFSrv - ok
10:07:52.0485 0x2064 BTHMODEM - ok
10:07:52.0489 0x2064 bthserv - ok
10:07:52.0491 0x2064 buttonconverter - ok
10:07:52.0494 0x2064 CapImg - ok
10:07:52.0496 0x2064 cdfs - ok
10:07:52.0499 0x2064 CDPSvc - ok
10:07:52.0502 0x2064 CDPUserSvc - ok
10:07:52.0508 0x2064 cdrom - ok
10:07:52.0511 0x2064 CertPropSvc - ok
10:07:52.0513 0x2064 cht4iscsi - ok
10:07:52.0516 0x2064 cht4vbd - ok
10:07:52.0518 0x2064 circlass - ok
10:07:52.0521 0x2064 CLFS - ok
10:07:52.0523 0x2064 ClipSVC - ok
10:07:52.0526 0x2064 clreg - ok
10:07:52.0533 0x2064 cmanvwhc - ok
10:07:52.0536 0x2064 CmBatt - ok
10:07:52.0538 0x2064 CNG - ok
10:07:52.0540 0x2064 cnghwassist - ok
10:07:52.0559 0x2064 CompositeBus - ok
10:07:52.0562 0x2064 COMSysApp - ok
10:07:52.0564 0x2064 condrv - ok
10:07:52.0567 0x2064 CoreMessagingRegistrar - ok
10:07:52.0571 0x2064 CryptSvc - ok
10:07:52.0574 0x2064 CSC - ok
10:07:52.0576 0x2064 CscService - ok
10:07:52.0579 0x2064 dam - ok
10:07:52.0582 0x2064 dc1-controller - ok
10:07:52.0585 0x2064 DcomLaunch - ok
10:07:52.0588 0x2064 DcpSvc - ok
10:07:52.0590 0x2064 defragsvc - ok
10:07:52.0592 0x2064 DeviceAssociationService - ok
10:07:52.0595 0x2064 DeviceInstall - ok
10:07:52.0598 0x2064 DevQueryBroker - ok
10:07:52.0600 0x2064 Dfsc - ok
10:07:52.0603 0x2064 Dhcp - ok
10:07:52.0606 0x2064 diagnosticshub.standardcollector.service - ok
10:07:52.0609 0x2064 DiagTrack - ok
10:07:52.0612 0x2064 disk - ok
10:07:52.0614 0x2064 DmEnrollmentSvc - ok
10:07:52.0617 0x2064 dmvsc - ok
10:07:52.0619 0x2064 dmwappushservice - ok
10:07:52.0622 0x2064 Dnscache - ok
10:07:52.0625 0x2064 dot3svc - ok
10:07:52.0627 0x2064 DPS - ok
10:07:52.0631 0x2064 drmkaud - ok
10:07:52.0633 0x2064 DsmSvc - ok
10:07:52.0636 0x2064 DsSvc - ok
10:07:52.0639 0x2064 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\Windows\System32\drivers\dtlitescsibus.sys
10:07:52.0646 0x2064 dtlitescsibus - ok
10:07:52.0649 0x2064 [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\Windows\System32\drivers\dtliteusbbus.sys
10:07:52.0656 0x2064 dtliteusbbus - ok
10:07:52.0658 0x2064 DXGKrnl - ok
10:07:52.0661 0x2064 EapHost - ok
10:07:52.0663 0x2064 ebdrv - ok
10:07:52.0666 0x2064 EFS - ok
10:07:52.0669 0x2064 EhStorClass - ok
10:07:52.0671 0x2064 EhStorTcgDrv - ok
10:07:52.0675 0x2064 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:07:52.0681 0x2064 ElbyCDIO - ok
10:07:52.0684 0x2064 embeddedmode - ok
10:07:52.0686 0x2064 EntAppSvc - ok
10:07:52.0731 0x2064 [ 0E840AA66CAB02CBA9730C772BBE305B, 8862583E653D13D1D10A1A4A33704E4F70576E80370943AAFD1EAED6657A0104 ] epp E:\PROGRAM FILES (X86)\bin64\epp.sys
10:07:52.0751 0x2064 epp - ok
10:07:52.0756 0x2064 ErrDev - ok
10:07:52.0766 0x2064 [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
10:07:52.0785 0x2064 EtronHub3 - ok
10:07:52.0788 0x2064 [ 5476930AF190E6E2FAF7FA7112C2D4D7, 23D0F90169F9A12C37037D56C87368CA827CFEFA9D7A71341D83EB4D92E32188 ] EtronSTOR C:\Windows\System32\Drivers\EtronSTOR.sys
10:07:52.0798 0x2064 EtronSTOR - ok
10:07:52.0803 0x2064 [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
10:07:52.0815 0x2064 EtronXHCI - ok
10:07:52.0820 0x2064 EventSystem - ok
10:07:52.0823 0x2064 exfat - ok
10:07:52.0825 0x2064 fastfat - ok
10:07:52.0828 0x2064 Fax - ok
10:07:52.0830 0x2064 fdc - ok
10:07:52.0833 0x2064 fdPHost - ok
10:07:52.0835 0x2064 FDResPub - ok
10:07:52.0838 0x2064 fhsvc - ok
10:07:52.0841 0x2064 FileCrypt - ok
10:07:52.0843 0x2064 FileInfo - ok
10:07:52.0846 0x2064 Filetrace - ok
10:07:52.0848 0x2064 flpydisk - ok
10:07:52.0850 0x2064 FltMgr - ok
10:07:52.0853 0x2064 FontCache - ok
10:07:52.0857 0x2064 FontCache3.0.0.0 - ok
10:07:52.0890 0x2064 [ EB959B686074EA0D27A3AB42E8024D37, B85A59F2898AF536652FF65CE53822B11108E2241B34ABB693BDFC06C32DAE17 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
10:07:52.0925 0x2064 FoxitReaderService - ok
10:07:52.0930 0x2064 FrameServer - ok
10:07:52.0932 0x2064 FsDepends - ok
10:07:52.0934 0x2064 Fs_Rec - ok
10:07:52.0937 0x2064 fvevol - ok
10:07:52.0939 0x2064 gencounter - ok
10:07:52.0942 0x2064 genericusbfn - ok
10:07:52.0944 0x2064 GPIOClx0101 - ok
10:07:52.0947 0x2064 gpsvc - ok
10:07:52.0950 0x2064 GpuEnergyDrv - ok
10:07:52.0953 0x2064 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\Windows\System32\drivers\Hamdrv.sys
10:07:52.0965 0x2064 Hamachi - ok
10:07:52.0968 0x2064 HdAudAddService - ok
10:07:52.0970 0x2064 HDAudBus - ok
10:07:52.0973 0x2064 HidBatt - ok
10:07:52.0975 0x2064 HidBth - ok
10:07:52.0978 0x2064 hidi2c - ok
10:07:52.0980 0x2064 hidinterrupt - ok
10:07:52.0983 0x2064 HidIr - ok
10:07:52.0985 0x2064 hidserv - ok
10:07:52.0988 0x2064 HidUsb - ok
10:07:52.0991 0x2064 HomeGroupListener - ok
10:07:52.0993 0x2064 HomeGroupProvider - ok
10:07:52.0995 0x2064 HpSAMD - ok
10:07:52.0998 0x2064 HTTP - ok
10:07:53.0001 0x2064 HvHost - ok
10:07:53.0003 0x2064 hvservice - ok
10:07:53.0006 0x2064 hwpolicy - ok
10:07:53.0008 0x2064 hyperkbd - ok
10:07:53.0011 0x2064 i8042prt - ok
10:07:53.0013 0x2064 iagpio - ok
10:07:53.0016 0x2064 iai2c - ok
10:07:53.0018 0x2064 iaLPSS2i_GPIO2 - ok
10:07:53.0021 0x2064 iaLPSS2i_I2C - ok
10:07:53.0023 0x2064 iaLPSSi_GPIO - ok
10:07:53.0026 0x2064 iaLPSSi_I2C - ok
10:07:53.0028 0x2064 iaStorAV - ok
10:07:53.0031 0x2064 iaStorV - ok
10:07:53.0034 0x2064 ibbus - ok
10:07:53.0037 0x2064 icssvc - ok
10:07:53.0039 0x2064 IKEEXT - ok
10:07:53.0041 0x2064 IndirectKmd - ok
10:07:53.0045 0x2064 intelide - ok
10:07:53.0049 0x2064 intelpep - ok
10:07:53.0051 0x2064 intelppm - ok
10:07:53.0054 0x2064 iorate - ok
10:07:53.0056 0x2064 IpFilterDriver - ok
10:07:53.0059 0x2064 iphlpsvc - ok
10:07:53.0061 0x2064 IPMIDRV - ok
10:07:53.0064 0x2064 IPNAT - ok
10:07:53.0066 0x2064 irda - ok
10:07:53.0069 0x2064 IRENUM - ok
10:07:53.0071 0x2064 irmon - ok
10:07:53.0074 0x2064 isapnp - ok
10:07:53.0076 0x2064 iScsiPrt - ok
10:07:53.0079 0x2064 kbdclass - ok
10:07:53.0081 0x2064 kbdhid - ok
10:07:53.0084 0x2064 kdnic - ok
10:07:53.0086 0x2064 KeyIso - ok
10:07:53.0089 0x2064 KSecDD - ok
10:07:53.0091 0x2064 KSecPkg - ok
10:07:53.0094 0x2064 ksthunk - ok
10:07:53.0096 0x2064 KtmRm - ok
10:07:53.0101 0x2064 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\System32\drivers\L1C63x64.sys
10:07:53.0109 0x2064 L1C - ok
10:07:53.0112 0x2064 LanmanServer - ok
10:07:53.0115 0x2064 LanmanWorkstation - ok
10:07:53.0118 0x2064 lfsvc - ok
10:07:53.0121 0x2064 LicenseManager - ok
10:07:53.0124 0x2064 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:07:53.0130 0x2064 lirsgt - ok
10:07:53.0133 0x2064 lltdio - ok
10:07:53.0135 0x2064 lltdsvc - ok
10:07:53.0137 0x2064 lmhosts - ok
10:07:53.0141 0x2064 LSI_SAS - ok
10:07:53.0143 0x2064 LSI_SAS2i - ok
10:07:53.0147 0x2064 LSI_SAS3i - ok
10:07:53.0150 0x2064 LSI_SSS - ok
10:07:53.0152 0x2064 LSM - ok
10:07:53.0154 0x2064 luafv - ok
10:07:53.0157 0x2064 MapsBroker - ok
10:07:53.0242 0x2064 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
10:07:53.0323 0x2064 MBAMService - ok
10:07:53.0336 0x2064 [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:07:53.0347 0x2064 MBAMSwissArmy - ok
10:07:53.0350 0x2064 megasas - ok
10:07:53.0353 0x2064 megasas2i - ok
10:07:53.0355 0x2064 megasr - ok
10:07:53.0359 0x2064 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
10:07:53.0366 0x2064 MEIx64 - ok
10:07:53.0369 0x2064 MessagingService - ok
10:07:53.0373 0x2064 mlx4_bus - ok
10:07:53.0376 0x2064 MMCSS - ok
10:07:53.0378 0x2064 Modem - ok
10:07:53.0381 0x2064 monitor - ok
10:07:53.0384 0x2064 mouclass - ok
10:07:53.0386 0x2064 mouhid - ok
10:07:53.0389 0x2064 mountmgr - ok
10:07:53.0395 0x2064 [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:07:53.0403 0x2064 MozillaMaintenance - ok
10:07:53.0406 0x2064 mpsdrv - ok
10:07:53.0409 0x2064 MpsSvc - ok
10:07:53.0411 0x2064 MRxDAV - ok
10:07:53.0414 0x2064 mrxsmb - ok
10:07:53.0416 0x2064 mrxsmb10 - ok
10:07:53.0419 0x2064 mrxsmb20 - ok
10:07:53.0421 0x2064 MsBridge - ok
10:07:53.0424 0x2064 MSDTC - ok
10:07:53.0428 0x2064 Msfs - ok
10:07:53.0431 0x2064 msgpiowin32 - ok
10:07:53.0433 0x2064 mshidkmdf - ok
10:07:53.0436 0x2064 mshidumdf - ok
10:07:53.0438 0x2064 msisadrv - ok
10:07:53.0441 0x2064 MSiSCSI - ok
10:07:53.0443 0x2064 msiserver - ok
10:07:53.0446 0x2064 MSKSSRV - ok
10:07:53.0448 0x2064 MsLldp - ok
10:07:53.0451 0x2064 MSPCLOCK - ok
10:07:53.0453 0x2064 MSPQM - ok
10:07:53.0457 0x2064 MsRPC - ok
10:07:53.0460 0x2064 MsSecFlt - ok
10:07:53.0464 0x2064 mssmbios - ok
10:07:53.0466 0x2064 MSTEE - ok
10:07:53.0475 0x2064 [ 03B10F7E7244E6A41922394C3116929D, 2497D05048D4179F734092DA7A3D372B6F6E934E09E5C9DABDFA23C6DAD25E8A ] mt7612US C:\Windows\System32\drivers\mt7612US.sys
10:07:53.0495 0x2064 mt7612US - ok
10:07:53.0498 0x2064 MTConfig - ok
10:07:53.0500 0x2064 Mup - ok
10:07:53.0503 0x2064 mvumis - ok
10:07:53.0506 0x2064 NativeWifiP - ok
10:07:53.0509 0x2064 NcaSvc - ok
10:07:53.0512 0x2064 NcbService - ok
10:07:53.0514 0x2064 NcdAutoSetup - ok
10:07:53.0517 0x2064 ndfltr - ok
10:07:53.0519 0x2064 NDIS - ok
10:07:53.0522 0x2064 NdisCap - ok
10:07:53.0525 0x2064 NdisImPlatform - ok
10:07:53.0527 0x2064 NdisTapi - ok
10:07:53.0530 0x2064 Ndisuio - ok
10:07:53.0532 0x2064 NdisVirtualBus - ok
10:07:53.0535 0x2064 NdisWan - ok
10:07:53.0537 0x2064 ndiswanlegacy - ok
10:07:53.0540 0x2064 ndproxy - ok
10:07:53.0542 0x2064 Ndu - ok
10:07:53.0544 0x2064 NetAdapterCx - ok
10:07:53.0548 0x2064 NetBIOS - ok
10:07:53.0551 0x2064 NetBT - ok
10:07:53.0553 0x2064 Netlogon - ok
10:07:53.0556 0x2064 Netman - ok
10:07:53.0559 0x2064 netprofm - ok
10:07:53.0561 0x2064 NetSetupSvc - ok
10:07:53.0571 0x2064 NetTcpPortSharing - ok
10:07:53.0575 0x2064 NgcCtnrSvc - ok
10:07:53.0577 0x2064 NgcSvc - ok
10:07:53.0580 0x2064 NlaSvc - ok
10:07:53.0602 0x2064 [ 1B5804655497799161B5DCF919C7827C, F930FE7A13AC2645751CF559FBDED5FB4336DCF6D4AC11107566C526A3D5390D ] NPASRE C:\Users\Leander\AppData\Local\NPASRE\Snare.dll
10:07:53.0629 0x2064 NPASRE - detected UnsignedFile.Multi.Generic ( 1 )
10:07:53.0836 0x2064 NPASRE ( UnsignedFile.Multi.Generic ) - warning
10:07:53.0836 0x2064 Force sending object to P2P due to detect: NPASRE
10:07:54.0161 0x2064 Object send P2P result: true
10:07:54.0249 0x2064 Npfs - ok
10:07:54.0254 0x2064 npsvctrig - ok
10:07:54.0259 0x2064 nsi - ok
10:07:54.0264 0x2064 nsiproxy - ok
10:07:54.0271 0x2064 NTFS - ok
10:07:54.0276 0x2064 Null - ok
10:07:54.0287 0x2064 [ 219EB39D2F8CE26AA9A959DD53E68DE2, EBE3F231C7D564422A4E02C62276D6220E575F834B174E118D5B1A2582413CB1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:07:54.0297 0x2064 NVHDA - ok
10:07:54.0592 0x2064 [ 444B969DABB3F2D2176EF0BFAB42364F, 34468CC7A124D29130FE373BB987CB705C8767CD60F5B30CAD541F4B3F85BB55 ] nvlddmkm C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys
10:07:54.0847 0x2064 nvlddmkm - ok
10:07:54.0862 0x2064 nvraid - ok
10:07:54.0865 0x2064 nvstor - ok
10:07:54.0877 0x2064 [ 16006A9892E8AB4BFD4D555740E97CE1, 336364C97687380CC15B12EDDA0FD467084E8157AFA1B62A61F28AF37E923F76 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
10:07:54.0890 0x2064 NvTelemetryContainer - ok
10:07:54.0893 0x2064 OneSyncSvc - ok
10:07:54.0986 0x2064 [ D75A76EB38AD90E9AB34CAB1E50CE39E, 63345F673DD7CB590910C40C77D082EE47BF377F146E0C6D948E3CCD17512673 ] Origin Client Service E:\Origin\OriginClientService.exe
10:07:55.0029 0x2064 Origin Client Service - ok
10:07:55.0102 0x2064 [ 8901179D73E77060AD4EED7CB8924E10, 6ED27384A70499E3DF29ED43047E1D60E78F71D1A6820C5487C4621B42B0FFD5 ] Origin Web Helper Service E:\Origin\OriginWebHelperService.exe
10:07:55.0161 0x2064 Origin Web Helper Service - ok
10:07:55.0166 0x2064 p2pimsvc - ok
10:07:55.0169 0x2064 p2psvc - ok
10:07:55.0171 0x2064 Parport - ok
10:07:55.0174 0x2064 partmgr - ok
10:07:55.0177 0x2064 PcaSvc - ok
10:07:55.0180 0x2064 pci - ok
10:07:55.0183 0x2064 pciide - ok
10:07:55.0185 0x2064 pcmcia - ok
10:07:55.0187 0x2064 pcw - ok
10:07:55.0190 0x2064 pdc - ok
10:07:55.0192 0x2064 PEAUTH - ok
10:07:55.0195 0x2064 PeerDistSvc - ok
10:07:55.0197 0x2064 percsas2i - ok
10:07:55.0200 0x2064 percsas3i - ok
10:07:55.0225 0x2064 PerfHost - ok
10:07:55.0231 0x2064 PhoneSvc - ok
10:07:55.0234 0x2064 PimIndexMaintenanceSvc - ok
10:07:55.0238 0x2064 pla - ok
10:07:55.0241 0x2064 PlugPlay - ok
10:07:55.0243 0x2064 PnkBstrA - ok
10:07:55.0246 0x2064 PNRPAutoReg - ok
10:07:55.0248 0x2064 PNRPsvc - ok
10:07:55.0251 0x2064 PolicyAgent - ok
10:07:55.0255 0x2064 Power - ok
10:07:55.0257 0x2064 PptpMiniport - ok
10:07:55.0353 0x2064 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:07:55.0456 0x2064 PrintNotify - ok
10:07:55.0461 0x2064 Processor - ok
10:07:55.0464 0x2064 ProfSvc - ok
10:07:55.0467 0x2064 Psched - ok
10:07:55.0469 0x2064 QWAVE - ok
10:07:55.0472 0x2064 QWAVEdrv - ok
10:07:55.0474 0x2064 RasAcd - ok
10:07:55.0477 0x2064 RasAgileVpn - ok
10:07:55.0480 0x2064 RasAuto - ok
10:07:55.0482 0x2064 Rasl2tp - ok
10:07:55.0485 0x2064 RasMan - ok
10:07:55.0487 0x2064 RasPppoe - ok
10:07:55.0490 0x2064 RasSstp - ok
10:07:55.0492 0x2064 rdbss - ok
10:07:55.0497 0x2064 rdpbus - ok
10:07:55.0499 0x2064 RDPDR - ok
10:07:55.0504 0x2064 RdpVideoMiniport - ok
10:07:55.0506 0x2064 rdyboost - ok
10:07:55.0509 0x2064 ReFSv1 - ok
10:07:55.0513 0x2064 RemoteAccess - ok
10:07:55.0515 0x2064 RemoteRegistry - ok
10:07:55.0518 0x2064 RetailDemo - ok
10:07:55.0521 0x2064 RmSvc - ok
10:07:55.0523 0x2064 RpcEptMapper - ok
10:07:55.0526 0x2064 RpcLocator - ok
10:07:55.0529 0x2064 RpcSs - ok
10:07:55.0532 0x2064 rspndr - ok
10:07:55.0534 0x2064 s3cap - ok
10:07:55.0537 0x2064 SamSs - ok
10:07:55.0539 0x2064 sbp2port - ok
10:07:55.0542 0x2064 SCardSvr - ok
10:07:55.0545 0x2064 ScDeviceEnum - ok
10:07:55.0549 0x2064 scfilter - ok
10:07:55.0552 0x2064 Schedule - ok
10:07:55.0554 0x2064 scmbus - ok
10:07:55.0557 0x2064 scmdisk0101 - ok
10:07:55.0560 0x2064 SCPolicySvc - ok
10:07:55.0562 0x2064 sdbus - ok
10:07:55.0565 0x2064 SDRSVC - ok
10:07:55.0568 0x2064 sdstor - ok
10:07:55.0570 0x2064 SecDrv - ok
10:07:55.0573 0x2064 seclogon - ok
10:07:55.0575 0x2064 SENS - ok
10:07:55.0578 0x2064 Sense - ok
10:07:55.0581 0x2064 SensorDataService - ok
10:07:55.0584 0x2064 SensorService - ok
10:07:55.0586 0x2064 SensrSvc - ok
10:07:55.0589 0x2064 SerCx - ok
10:07:55.0591 0x2064 SerCx2 - ok
10:07:55.0594 0x2064 Serenum - ok
10:07:55.0596 0x2064 Serial - ok
10:07:55.0599 0x2064 sermouse - ok
10:07:55.0606 0x2064 SessionEnv - ok
10:07:55.0608 0x2064 sfloppy - ok
10:07:55.0611 0x2064 SharedAccess - ok
10:07:55.0616 0x2064 ShellHWDetection - ok
10:07:55.0619 0x2064 shpamsvc - ok
10:07:55.0621 0x2064 SiSRaid2 - ok
10:07:55.0624 0x2064 SiSRaid4 - ok
10:07:55.0633 0x2064 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:07:55.0650 0x2064 SkypeUpdate - ok
10:07:55.0653 0x2064 smphost - ok
10:07:55.0656 0x2064 SmsRouter - ok
10:07:55.0661 0x2064 SNMPTRAP - ok
10:07:55.0664 0x2064 spaceport - ok
10:07:55.0666 0x2064 SpbCx - ok
10:07:55.0669 0x2064 Spooler - ok
10:07:55.0672 0x2064 sppsvc - ok
10:07:55.0674 0x2064 srv - ok
10:07:55.0677 0x2064 srv2 - ok
10:07:55.0680 0x2064 srvnet - ok
10:07:55.0682 0x2064 SSDPSRV - ok
10:07:55.0685 0x2064 SstpSvc - ok
10:07:55.0688 0x2064 StateRepository - ok
10:07:55.0720 0x2064 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:07:55.0752 0x2064 Steam Client Service - ok
10:07:55.0756 0x2064 stexstor - ok
10:07:55.0759 0x2064 stisvc - ok
10:07:55.0761 0x2064 storahci - ok
10:07:55.0764 0x2064 storflt - ok
10:07:55.0767 0x2064 stornvme - ok
10:07:55.0770 0x2064 storqosflt - ok
10:07:55.0773 0x2064 StorSvc - ok
10:07:55.0775 0x2064 storufs - ok
10:07:55.0778 0x2064 storvsc - ok
10:07:55.0781 0x2064 svsvc - ok
10:07:55.0784 0x2064 swenum - ok
10:07:55.0786 0x2064 swprv - ok
10:07:55.0789 0x2064 Synth3dVsc - ok
10:07:55.0793 0x2064 SysMain - ok
10:07:55.0796 0x2064 SystemEventsBroker - ok
10:07:55.0799 0x2064 TabletInputService - ok
10:07:55.0801 0x2064 TapiSrv - ok
10:07:55.0804 0x2064 Tcpip - ok
10:07:55.0806 0x2064 Tcpip6 - ok
10:07:55.0814 0x2064 tcpipreg - ok
10:07:55.0818 0x2064 tdx - ok
10:07:55.0821 0x2064 terminpt - ok
10:07:55.0824 0x2064 TermService - ok
10:07:55.0826 0x2064 Themes - ok
10:07:55.0829 0x2064 TieringEngineService - ok
10:07:55.0832 0x2064 tiledatamodelsvc - ok
10:07:55.0835 0x2064 TimeBrokerSvc - ok
10:07:55.0837 0x2064 TPM - ok
10:07:55.0840 0x2064 TrkWks - ok
10:07:55.0843 0x2064 TrustedInstaller - ok
10:07:55.0847 0x2064 tsusbflt - ok
10:07:55.0850 0x2064 TsUsbGD - ok
10:07:55.0852 0x2064 tsusbhub - ok
10:07:55.0855 0x2064 tunnel - ok
10:07:55.0858 0x2064 tzautoupdate - ok
10:07:55.0861 0x2064 UASPStor - ok
10:07:55.0864 0x2064 UcmCx0101 - ok
10:07:55.0867 0x2064 UcmTcpciCx0101 - ok
10:07:55.0869 0x2064 UcmUcsi - ok
10:07:55.0872 0x2064 Ucx01000 - ok
10:07:55.0875 0x2064 UdeCx - ok
10:07:55.0877 0x2064 udfs - ok
10:07:55.0880 0x2064 UEFI - ok
10:07:55.0883 0x2064 UevAgentDriver - ok
10:07:55.0886 0x2064 UevAgentService - ok
10:07:55.0889 0x2064 Ufx01000 - ok
10:07:55.0892 0x2064 UfxChipidea - ok
10:07:55.0895 0x2064 ufxsynopsys - ok
10:07:55.0901 0x2064 UI0Detect - ok
10:07:55.0903 0x2064 umbus - ok
10:07:55.0906 0x2064 UmPass - ok
10:07:55.0909 0x2064 UmRdpService - ok
10:07:55.0912 0x2064 UnistoreSvc - ok
10:07:55.0917 0x2064 upnphost - ok
10:07:55.0920 0x2064 UrsChipidea - ok
10:07:55.0923 0x2064 UrsCx01000 - ok
10:07:55.0926 0x2064 UrsSynopsys - ok
10:07:55.0930 0x2064 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
10:07:55.0942 0x2064 USBAAPL64 - ok
10:07:55.0945 0x2064 usbaudio - ok
10:07:55.0948 0x2064 usbccgp - ok
10:07:55.0951 0x2064 usbcir - ok
10:07:55.0954 0x2064 usbehci - ok
10:07:55.0956 0x2064 usbhub - ok
10:07:55.0959 0x2064 USBHUB3 - ok
10:07:55.0962 0x2064 usbohci - ok
10:07:55.0965 0x2064 usbprint - ok
10:07:55.0968 0x2064 usbser - ok
10:07:55.0971 0x2064 USBSTOR - ok
10:07:55.0974 0x2064 usbuhci - ok
10:07:55.0976 0x2064 USBXHCI - ok
10:07:55.0979 0x2064 UserDataSvc - ok
10:07:55.0985 0x2064 UserManager - ok
10:07:55.0987 0x2064 UsoSvc - ok
10:07:55.0990 0x2064 VaultSvc - ok
10:07:55.0994 0x2064 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\Windows\System32\drivers\VClone.sys
10:07:56.0003 0x2064 VClone - ok
10:07:56.0005 0x2064 vdrvroot - ok
10:07:56.0008 0x2064 vds - ok
10:07:56.0011 0x2064 VerifierExt - ok
10:07:56.0014 0x2064 vhdmp - ok
10:07:56.0017 0x2064 vhf - ok
10:07:56.0034 0x2064 [ EF2270C2DF2B61FF1B8C422DC443CEFE, 30C74108BC0DE5884D64C7611CE8282CE556D9B42D7BE1FE569DE2067FBB4D5A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
10:07:56.0052 0x2064 VIAHdAudAddService - ok
10:07:56.0057 0x2064 [ 004175DA13E0372DA58F523104921631, 413A4C8169EDFDBAA58DA5FEDCBF1D0525F64A7AD34BAF17E29BCD14C1C189A7 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
10:07:56.0073 0x2064 VIAKaraokeService - ok
10:07:56.0076 0x2064 vmbus - ok
10:07:56.0078 0x2064 VMBusHID - ok
10:07:56.0081 0x2064 vmgid - ok
10:07:56.0084 0x2064 vmicguestinterface - ok
10:07:56.0087 0x2064 vmicheartbeat - ok
10:07:56.0090 0x2064 vmickvpexchange - ok
10:07:56.0093 0x2064 vmicrdv - ok
10:07:56.0095 0x2064 vmicshutdown - ok
10:07:56.0098 0x2064 vmictimesync - ok
10:07:56.0101 0x2064 vmicvmsession - ok
10:07:56.0103 0x2064 vmicvss - ok
10:07:56.0106 0x2064 volmgr - ok
10:07:56.0109 0x2064 volmgrx - ok
10:07:56.0113 0x2064 volsnap - ok
10:07:56.0116 0x2064 volume - ok
10:07:56.0119 0x2064 vpci - ok
10:07:56.0122 0x2064 vsmraid - ok
10:07:56.0124 0x2064 VSS - ok
10:07:56.0127 0x2064 VSTXRAID - ok
10:07:56.0130 0x2064 vwifibus - ok
10:07:56.0133 0x2064 vwififlt - ok
10:07:56.0136 0x2064 W32Time - ok
10:07:56.0139 0x2064 WacomPen - ok
10:07:56.0142 0x2064 WalletService - ok
10:07:56.0145 0x2064 wanarp - ok
10:07:56.0148 0x2064 wanarpv6 - ok
10:07:56.0151 0x2064 wbengine - ok
10:07:56.0154 0x2064 WbioSrvc - ok
10:07:56.0157 0x2064 wcifs - ok
10:07:56.0159 0x2064 Wcmsvc - ok
10:07:56.0163 0x2064 wcncsvc - ok
10:07:56.0165 0x2064 wcnfs - ok
10:07:56.0168 0x2064 WdBoot - ok
10:07:56.0171 0x2064 Wdf01000 - ok
10:07:56.0174 0x2064 WdFilter - ok
10:07:56.0177 0x2064 WdiServiceHost - ok
10:07:56.0180 0x2064 WdiSystemHost - ok
10:07:56.0183 0x2064 wdiwifi - ok
10:07:56.0186 0x2064 WdNisDrv - ok
10:07:56.0190 0x2064 WdNisSvc - ok
10:07:56.0193 0x2064 WebClient - ok
10:07:56.0196 0x2064 Wecsvc - ok
10:07:56.0200 0x2064 WEPHOSTSVC - ok
10:07:56.0203 0x2064 wercplsupport - ok
10:07:56.0206 0x2064 WerSvc - ok
10:07:56.0208 0x2064 WFPLWFS - ok
10:07:56.0212 0x2064 WiaRpc - ok
10:07:56.0215 0x2064 WIMMount - ok
10:07:56.0217 0x2064 WinDefend - ok
10:07:56.0223 0x2064 WindowsTrustedRT - ok
10:07:56.0226 0x2064 WindowsTrustedRTProxy - ok
10:07:56.0229 0x2064 WinHttpAutoProxySvc - ok
10:07:56.0232 0x2064 WinMad - ok
10:07:56.0243 0x2064 Winmgmt - ok
10:07:56.0246 0x2064 WinRM - ok
10:07:56.0263 0x2064 [ DBCC61A9F9C8582F9BE9528B8DABCA32, BF81B8BF11D7231754EBE2FD1EA52E89F961979635168CB0A7C271D954C43314 ] WinSAPSvc C:\Users\Leander\AppData\Roaming\WinSAPSvc\WinSAP.dll
10:07:56.0282 0x2064 WinSAPSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:07:56.0479 0x2064 WinSAPSvc ( UnsignedFile.Multi.Generic ) - warning
10:07:56.0570 0x2064 WINUSB - ok
10:07:56.0576 0x2064 WinVerbs - ok
10:07:56.0583 0x2064 wisvc - ok
10:07:56.0586 0x2064 WlanSvc - ok
10:07:56.0589 0x2064 wlidsvc - ok
10:07:56.0592 0x2064 WmiAcpi - ok
10:07:56.0598 0x2064 wmiApSrv - ok
10:07:56.0601 0x2064 WMPNetworkSvc - ok
10:07:56.0604 0x2064 Wof - ok
10:07:56.0609 0x2064 workfolderssvc - ok
10:07:56.0613 0x2064 WPDBusEnum - ok
10:07:56.0616 0x2064 WpdUpFltr - ok
10:07:56.0619 0x2064 WpnService - ok
10:07:56.0622 0x2064 WpnUserService - ok
10:07:56.0627 0x2064 ws2ifsl - ok
10:07:56.0630 0x2064 wscsvc - ok
10:07:56.0633 0x2064 WSDPrintDevice - ok
10:07:56.0637 0x2064 WSDScan - ok
10:07:56.0640 0x2064 WSearch - ok
10:07:56.0644 0x2064 wuauserv - ok
10:07:56.0647 0x2064 WudfPf - ok
10:07:56.0650 0x2064 WUDFRd - ok
10:07:56.0653 0x2064 wudfsvc - ok
10:07:56.0656 0x2064 WUDFWpdFs - ok
10:07:56.0659 0x2064 WUDFWpdMtp - ok
10:07:56.0662 0x2064 WwanSvc - ok
10:07:56.0666 0x2064 XblAuthManager - ok
10:07:56.0669 0x2064 XblGameSave - ok
10:07:56.0672 0x2064 xboxgip - ok
10:07:56.0676 0x2064 XboxNetApiSvc - ok
10:07:56.0679 0x2064 xinputhid - ok
10:07:56.0681 0x2064 ================ Scan global ===============================
10:07:56.0691 0x2064 [ Global ] - ok
10:07:56.0692 0x2064 ================ Scan MBR ==================================
10:07:56.0695 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:07:56.0718 0x2064 \Device\Harddisk0\DR0 - ok
10:07:56.0720 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:07:56.0782 0x2064 \Device\Harddisk1\DR1 - ok
10:07:56.0797 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
10:07:57.0022 0x2064 \Device\Harddisk2\DR2 - ok
10:07:57.0023 0x2064 ================ Scan VBR ==================================
10:07:57.0027 0x2064 [ 2D2BBD13BA1BEDC04FBA3D7249F12938 ] \Device\Harddisk0\DR0\Partition1
10:07:57.0030 0x2064 \Device\Harddisk0\DR0\Partition1 - ok
10:07:57.0033 0x2064 [ 362708809E74A2713E36FC9F5B297E3D ] \Device\Harddisk0\DR0\Partition2
10:07:57.0034 0x2064 \Device\Harddisk0\DR0\Partition2 - ok
10:07:57.0038 0x2064 [ BD797CF9878AC2F19C83F35D4D5D009E ] \Device\Harddisk0\DR0\Partition3
10:07:57.0038 0x2064 \Device\Harddisk0\DR0\Partition3 - ok
10:07:57.0043 0x2064 [ 0A1B6D47E7A6418A8295A62055AFB781 ] \Device\Harddisk0\DR0\Partition4
10:07:57.0045 0x2064 \Device\Harddisk0\DR0\Partition4 - ok
10:07:57.0049 0x2064 [ 07DFC2C889EEBF1B08CCAC6DE479CEEB ] \Device\Harddisk1\DR1\Partition1
10:07:57.0051 0x2064 \Device\Harddisk1\DR1\Partition1 - ok
10:07:57.0055 0x2064 [ DFE9FD3C8FD950C8F317651E482D0D33 ] \Device\Harddisk2\DR2\Partition1
10:07:57.0057 0x2064 \Device\Harddisk2\DR2\Partition1 - ok
10:07:57.0060 0x2064 [ C8A9648FA6FE513BB00D52EAA74ACAF5 ] \Device\Harddisk2\DR2\Partition2
10:07:57.0062 0x2064 \Device\Harddisk2\DR2\Partition2 - ok
10:07:57.0065 0x2064 [ 1CC5C0F5BDEBFD7606390B40EEBCE38F ] \Device\Harddisk2\DR2\Partition3
10:07:57.0066 0x2064 \Device\Harddisk2\DR2\Partition3 - ok
10:07:57.0067 0x2064 ================ Scan generic autorun ======================
10:07:57.0171 0x2064 [ B040D46C934F7DB15297E6ECA23EDAD3, CB09DE99F060F5C9E5FE5DBBD551869D3D035BBCDA11B387507B436002C0C10D ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
10:07:57.0300 0x2064 HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
10:07:57.0466 0x2064 Detect skipped due to KSN trusted
10:07:57.0466 0x2064 HDAudDeck - ok
10:07:57.0489 0x2064 [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:07:57.0516 0x2064 AdobeAAMUpdater-1.0 - ok
10:07:57.0517 0x2064 WindowsDefender - ok
10:07:57.0619 0x2064 [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
10:07:57.0671 0x2064 Malwarebytes TrayApp - ok
10:07:57.0677 0x2064 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
10:07:57.0684 0x2064 VirtualCloneDrive - ok
10:07:57.0731 0x2064 [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
10:07:57.0788 0x2064 Adobe Creative Cloud - ok
10:07:57.0812 0x2064 OneDriveSetup - ok
10:07:57.0814 0x2064 OneDriveSetup - ok
10:07:57.0847 0x2064 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Leander\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:07:57.0886 0x2064 OneDrive - ok
10:07:58.0021 0x2064 [ 5AC56F5BEBC027169A1588142A8F125A, 293D1A22B8D7645101AF4773479F8C6F3E920BF85A348253F6AB3FC8BB5CD36B ] C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
10:07:58.0144 0x2064 Spotify - ok
10:07:58.0258 0x2064 [ 5EAB2A65DCA8A6171A8789932F250A31, C3C0E159EE67C94637CCF1D957352938CA19D73B501558FF82CFE014283F0013 ] E:\Origin\Origin.exe
10:07:58.0314 0x2064 EADM - ok
10:07:58.0344 0x2064 [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:07:58.0379 0x2064 Spotify Web Helper - ok
10:07:58.0561 0x2064 [ 0B4431D8286AB24483CEBA4503DCB6B1, 70D54CDDC8CBFAEB11CABF7A1DEA69CBE420EFCA96381E8753AD9326407875EE ] F:\My Games\Wot\WargamingGameUpdater.exe
10:07:58.0627 0x2064 World of Tanks - ok
10:07:58.0782 0x2064 [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] F:\My Games\WOW\WargamingGameUpdater.exe
10:07:58.0847 0x2064 World of Warships - ok
10:07:58.0850 0x2064 World of Tanks (1) - ok
10:07:58.0881 0x2064 Prime95 - ok
10:07:58.0883 0x2064 Skype - ok
10:07:58.0884 0x2064 Waiting for KSN requests completion. In queue: 44
10:07:59.0902 0x2064 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x61100 ( enabled : updated )
10:07:59.0915 0x2064 Win FW state via NFP2: enabled ( trusted )
10:08:00.0013 0x2064 ============================================================
10:08:00.0013 0x2064 Scan finished
10:08:00.0013 0x2064 ============================================================
10:08:00.0026 0x1230 Detected object count: 3
10:08:00.0026 0x1230 Actual detected object count: 3
10:08:46.0511 0x1230 BIT ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0511 0x1230 BIT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:46.0511 0x1230 NPASRE ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0511 0x1230 NPASRE ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:46.0512 0x1230 WinSAPSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0512 0x1230 WinSAPSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop