| |
| |||||||
Log-Analyse und Auswertung: mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.12.2020, 18:11
| #1 |
 |  mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Ich habe heute ein Trojaner eingefangen, welches im Hintergrund anscheinend etwas installiert hat. Habe es leider zu spät bermerkt, so dass ein vollständiger installationsvorgang durchgeführt wurde. Direkt danach startete ein zweiter Installationsvorgang an, welches ich mit Taskmanager abbrechen konnte. Kurz darauf bekomme ich auch mehrere Meldungen von meinem Antivirus mit Win32:TrojanX-gen und Win32:Trojan-gen. Die entsprechenden Dateinen wurden von meinem AV auch gelöscht bzw. in Quarantäne verschoben. Ich habe in C:\ einen neuen Ordner gefunden namens UmsTqPwOUmsTqPwO und in C:\Windows\System32 die Dateien perfc007.dat, perfc009.dat, perfh007.dat und perfh009.dat gefunden Hab den Pc danach auf einen ältern Wiederherstellungspunkt wiedergesetzt und gerade läuft auch ein Antivirus Tiefen Scan. Im folgenden findet Ihr die Ergebnisse meines OTL Scans welches ich kurz vor dem Tiefen Scan durchgeführt habe. Danke im Voraus |
|
11.12.2020, 18:12
| #2 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Extras.txt
__________________OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.12.2020 17:26:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Downloads\Programs
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000407 | Country: | Language: DEU | Date Format: dd.MM.yyyy
15,95 Gb Total Physical Memory | 8,96 Gb Available Physical Memory | 56,16% Memory free
25,95 Gb Paging File | 16,04 Gb Available in Paging File | 61,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 231,56 Gb Total Space | 124,38 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive G: | 1863,01 Gb Total Space | 66,30 Gb Free Space | 3,56% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 14,59 Gb Free Space | 1,57% Space Free | Partition Type: NTFS
Computer Name: FRIDAY | User Name: ilias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- H:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Directory [WSL] -- wsl.exe --cd "%V" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- H:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Directory [WSL] -- wsl.exe --cd "%V"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{18A975F9-A60C-37D8-E30B-4BEF31AD3411}]
"GUID" = {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
"DISPLAYNAME" = AVG Antivirus
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\AVG\Antivirus\wsc_proxy.exe -- (AVG Technologies CZ, s.r.o.)
"REPORTINGEXE" = C:\Program Files\AVG\Antivirus\wsc_proxy.exe -- (AVG Technologies CZ, s.r.o.)
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Microsoft Defender Antivirus
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 21 7E 77 48 E5 35 D6 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D52345-1403-49F2-8BC9-DA69C497FD52}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0208A22B-0C03-4DF3-ACEB-04DDF745AAF1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{02C12C4E-1514-4540-9A40-F1F8C2258F11}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{030D7BC9-C9C5-4E89-A92B-7E7C3717D5DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04484E54-35CA-4CD2-8562-3B5E824836E4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{046D3204-C914-42BE-B56A-EF8AF9E48903}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0509F46A-5613-412A-9200-F761252C73ED}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0543F3AC-07FB-41C1-BE36-EA297CFD3258}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{06598DB5-C76B-472E-8977-16F3ECD792F0}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{06760A6B-4BD9-4C8D-88E0-16A7B261DC62}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{07389942-80F1-4123-B88F-79EE5A44E7F8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{093B834C-2C0F-4545-9DDE-8E835519F4C8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{09ABCFFD-E654-4863-91A7-CE227CEE67F4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0A15C446-9831-4EED-864A-21129DEB6130}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0A52F091-B959-4862-92B4-2E023793F300}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0A707DFE-79D6-47C7-BD8D-E7D7F3210BBD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0A74855A-7364-4283-B408-C6886CEA9A3B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0A788C13-0189-48F1-890B-E06369E7DEF4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0C23F0E1-76F2-4B50-B8A2-A9CE75A0C88A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0CA452AA-CCB6-4648-8DCF-A95F1C277B85}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0E762191-4784-4B9B-AD14-8880ECF23EFE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{0F605486-019C-4DFA-86B3-72B058759F14}" = rport=139 | protocol=6 | dir=out | app=system |
"{0F745A3D-2648-4DAE-BD4A-689129CEFA2A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{10713C94-AE25-4D74-B62C-F415C66B003C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{10C28EED-B248-4AAB-86B9-B421D124EE84}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{10EC20FD-6BEE-48EA-80AA-7F082D38C427}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{10FCB8AC-9F39-4C36-B92C-B176DAFEB1FC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1171263F-3B4D-4F31-92B1-6E00C2996E59}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{119A234C-0970-4EBD-A866-F675EDE4AD79}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{12059972-E222-4862-9C07-B4A00710AD2D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{123809A6-483D-4CE9-8C4C-F560C7D85A2D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{124C864A-F31E-4660-97A4-D564DB412703}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{12605487-706C-4A72-BC94-E80EBF4AAF28}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1274570E-F929-4371-9B91-92EECC0EE6B5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{133B78F4-D967-434D-8AA3-0C4B9C5C6155}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1342BC9F-73EA-45EA-8010-D95EA1C88D60}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{153D3772-D01F-4F04-8EA1-8EBFDB67F1B8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{16863DDD-CCA1-4238-8BCD-37E2342E2B68}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{16A61BCE-69A5-41A7-9112-EB1BEF2459AA}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1797903C-E973-4A1C-B756-B4DAA03E15FF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{17EDAB59-8FAE-4CAC-B3A0-8B61DB44A5DA}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{182D2CEB-4845-40E4-92E8-C0383931C817}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{18425415-E593-49D6-A15C-F904E8C0A79A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{18598FC2-DAA7-4C26-BF8B-715C396394E9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1920091C-16C5-4FF9-993D-411EA8E6C4F7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{19BEFEDA-6530-4BEF-890D-8B3E67C52AAD}" = lport=48010 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{1C26207A-A8E4-425D-BA45-8FF854AC8A93}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1C6DF141-7D53-4D23-B713-2926E4B84C2A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1E28815A-ECA4-437A-9A2F-B37B939AABCD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1EAF73EE-F1B3-4E40-AA00-08C3459BD57A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{1F455AEB-C2EC-4821-AC7F-5B3C8E74AADF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{20229675-488C-47A1-BA8C-872AFBECF00E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{20AB9A4B-E953-47E9-BF54-F581ECE229E4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{20F30550-43F8-4C2E-B616-093EA22D65F0}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2152E9D9-6A7F-493F-B133-CE52714DE524}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{21E8B3AD-84CE-474A-855E-F8E02505AA59}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2269EC4F-4351-4123-B082-BE1878E02837}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2271A30C-FF29-40D1-A7ED-738FED189A3D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{230FA1FA-90E8-4224-8C59-F2071BAAC89B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{23831084-6F55-47D7-BA70-611C57C47AFD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{23F1FCF6-D340-4C7F-9A6F-D95F60383A9C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{23F29C1B-7213-4FA1-AC0A-FCB8020E1E8D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2453CC66-2ED7-4451-A2C9-AE77792D4065}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{24BED14F-ACEF-4770-8337-FC704AC84BD3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{24D22571-BA95-4C02-9826-C7DE60DBE5E3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2584C026-7BF8-4B87-AFD8-3FB8CC57DD9F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{263E2E95-A836-46BB-9A1D-E14C5586B83B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{26C20AEF-BD2D-491B-A067-3F4851939276}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{26FAC9F2-0943-4189-AA21-96794B2D7AA3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{276A4A59-7174-48F5-AA3D-03A50C8AF9BF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{28D55537-8EF4-4913-B3FA-DDAEFB2B48FD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{290A0F71-7DB1-4C65-A87C-98C2EE42984D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{29282BB5-BA4A-4B01-93DD-CD614C4D2AFD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{295E8900-1F3D-4199-8804-E4E16139D308}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{298444CD-4F5D-44D1-A78B-81FD66B05E92}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2994E284-A0BC-489A-98BB-CFE4890338D8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2A00541F-E9DB-478B-A4FA-95502773AAC1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2A1FDF6D-CDA1-4662-9CAE-3F47407DAE2A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2B8F2737-5552-4C27-B5E7-5845D07C5AFB}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2BB73D0F-A28A-4629-97BC-F7FE2F91492A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2CBE5144-5521-4151-9959-2087CF58B131}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2CCC1F91-7F72-4D15-A2B8-1F47BC9D1233}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2D7BAD1D-1489-494A-A623-5F4C89A9D998}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2EC281BA-0F4B-4832-A162-5D977E5F9869}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{2FCFCC1F-96D6-4A8C-98BA-2F904F83E2D5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{303F2D41-08A8-4403-A031-E1D974750BB0}" = lport=137 | protocol=17 | dir=in | app=system |
"{313DD029-0170-4028-BBDF-AA39AF187908}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3257E1C0-E035-46F5-95C8-BB203AD797C2}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{32777281-C16F-49E4-9A3E-701C8217457B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{32E7A7CB-3833-435A-B181-94EC250C604A}" = lport=80 | protocol=6 | dir=in | app=h:\programme\uplay\games\assassin's creed origins\acorigins_plus.exe |
"{334F5ABA-96A5-4AF6-9598-FF64BD5F366B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{336BEA9B-BF7D-4E49-9F1E-C78BE0AA5B96}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{339DE54B-0F39-4DDF-81C8-FC7B884073BC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{34B503B2-F927-4F88-BEBB-F0B96AE1C509}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{350BD6AF-9EAC-4C89-B91D-3D17F6D47DF6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{35B9EF1D-D0EE-4943-AB6E-72A808688AEF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{36C1CE74-5400-4108-B20E-0BBCA1F1650C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3770FD15-5B33-40EA-BC19-EBAFDDC062F2}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3775C925-8205-41C2-8EAF-B263CA3B52B7}" = lport=80 | protocol=6 | dir=in | app=g:\programme\uplay\assassin's creed odyssey\acodyssey_plus.exe |
"{3838EDAA-0AB3-4C64-AA02-8EF5CCF57FF4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{38497A56-3196-4F86-8E1E-154F42FAA7D3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{387988D9-766F-4F3B-9ACB-D83BFC009280}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{38AB4A76-A973-4ED8-9E06-A528F73E2D5B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{39A4F60A-36B7-481E-AB97-7B92C07ECFF3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{39BBA9B3-BAA3-4BD5-87E8-CA01E36CCA0C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{39E5249B-6E84-4C31-898D-0D676F464C6D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3A320DA6-F912-4BFD-9707-23B2B11A84C8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3AC845A9-026F-4A02-BAF2-F9A7A36A906E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3BD60476-133B-46E8-8229-5F5C294AE233}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3BE2B281-98E5-420C-9BF4-2755FAC94BB3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3C381993-E7FB-45E1-92E7-E1B39F25D249}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3C458199-E8D5-47D4-915D-E0B6CE784E49}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3F4F6B64-901A-4B25-A468-933AE8507EB4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{3F8A1CCA-C298-4DE8-AEFD-5645D6A5F716}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{4000C567-593B-4444-86F1-5E5F982FA105}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{423E12D6-0D79-4E08-A4E7-F6B5A7DAC5EE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{43F0F9CF-1D18-4803-9485-013AE8D61DB5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4437032A-A84D-4446-B2E4-E376156E3FA7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{457DE54F-6E38-4D34-A3FF-26B8F93FAF54}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{46571334-AA20-4217-B4BE-21EAC4F4F5A3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{47167BB2-DB19-4F8E-8FA5-668C7A962FE5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{48367F9E-45A5-4807-BE8C-AB0C8E92A225}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4A237A44-59C5-4F4A-9A5C-3C4626B02DBC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4A6CF62E-A374-46CC-81BD-2A1D8B6BE888}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4A74DA9F-7EEB-400A-B3C4-B7F5813C70A7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4A8C8987-CF43-4A57-87FD-4E57785D198A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4AE806B5-B721-4A9C-8671-042F75B34908}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4B39B479-9339-4477-9AD5-609D8A5FDC7A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4B9F807B-689A-4BFD-A730-96BEE239A564}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BACDBCD-84E1-4E91-BECB-24970AEBA7B3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4C3E6C68-643D-44E2-976C-BFD6AF83879C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4D17AEAA-F858-4C0B-B8F8-34AB17A584B3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4DC846C7-943A-4A2F-BBEB-282F08D8B471}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4E2DF05E-A687-4151-8D16-D9AB53B9BD15}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{4E3AE518-57EC-4907-A69B-C468C65FF1C5}" = lport=9103 | protocol=17 | dir=in | app=h:\programme\uplay\games\assassin's creed origins\acorigins_plus.exe |
"{4FECC383-A40A-4AA9-BE82-C59619A370C9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{500043C5-D2D9-4AAA-8B5E-369AAC125985}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{50F77767-A997-4E4B-9BB3-A7ABD9A4BA6A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{517540C0-A4FB-4936-A8C6-F37E53040F77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51DA6998-7245-4E88-9A56-133C5B3EA00C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5207F52F-EA83-49A3-892A-4FDE46C054AE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{53CE5125-FDC2-43E6-AF58-223CAA2A4F8F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{54074D1C-D06B-48BB-B0B7-40EF4849A32F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{540C48AD-2635-4F95-984C-9949129C1BF7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{54C21C80-B054-4099-9E76-19F198F065A6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{55BB64EC-2EDC-47EB-8ECA-30F8F8F3BD59}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5647784A-286B-4287-8A4C-9B43D2EE6427}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{56E60533-054A-4BCB-AA39-5AC520E4A2B9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{59362B8C-B63A-4A98-9866-4521F6D1F8E1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{59F2FD82-6BD0-4139-B874-7786F3222AA7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5AB0CA45-9DFA-4418-ABE0-00DC1FC6FBCD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5AB6FA1F-282A-4D03-971B-1613B37D69A8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5AF7EE4C-8E9D-4337-97DC-117C775BCD98}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{5B775EF8-5344-4800-B3B7-96CC205070A0}" = rport=138 | protocol=17 | dir=out | app=system |
"{5BF11EAD-2B25-42E7-A719-BF214DB6160F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6233A909-02E2-4441-BC45-52BC23EC49D7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{629EFD93-35A6-465D-9455-023C587B7286}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{646E9AE4-288F-4E98-985B-9B2649DA747E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{649204E0-8FF7-4482-8C16-50A502B7CEBD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6499315F-D645-4164-9B5E-3225EFA52C36}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{64FC1124-B27C-474A-8240-0C8C5E57C0F9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{659FB545-E6E0-48BE-9F29-587E522B878A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6653C6AB-652C-4448-8389-D476501673A1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{665FF16B-2402-4E78-B20C-E59C3093A21F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6715DBFF-A385-4979-9B78-06E0D1236B05}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{68FD928D-20E7-4559-9911-4A450FA2EBC0}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6AF6A2BA-1AD8-47FA-BABB-FF472A23F98A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6BA14A00-0E55-4FDD-8176-A60B0AB0312D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6C1B6F87-D969-4350-9DB7-08B8A2A55420}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6CEE1229-C96D-42E3-A191-A00B1746C818}" = lport=80 | protocol=6 | dir=in | name=xampp |
"{6D288172-E941-444A-A18C-5A01735E9554}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6D32D14C-1F7B-4B3A-BC9A-BA7751CE1E77}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6F44C766-B4AC-4496-A149-1E8B8E03704A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6F8BC16D-0C27-4E81-9291-716E336845E4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6FB6C9E9-9468-4C07-96AE-96C234EC9D1C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{6FF09F31-68B5-4FD6-81BE-467020294980}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{70A148D2-EC84-44BE-925F-5C7869E7FCBE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{70E69257-630E-4CAE-B394-50B2A5F8C725}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{71652B94-8D03-4E8D-9E5E-FDD09E09ABD9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{71DA14A0-C1F9-4CC4-9CB7-07CF6916E11A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{722CBD6E-4BCB-424F-8C33-D0ADB0E76605}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{72B9AA28-1076-48FE-A2A6-D2FA815D8A1F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{73111904-FC32-442C-A1C5-83F271630428}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7321BAE3-5279-4D84-9610-C887763C5789}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7343CF5D-79DD-43C0-8907-36C42B2E86C9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7478E4D0-0C93-4335-A355-A0018E660F60}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{74C2CC5F-B2F4-4DDB-B72F-1375AC1384DC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{74DCAE55-5ECE-478A-8C6A-735820525C5B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7531BF36-52D3-4554-92E0-D96C89A2F611}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |
"{7558928D-63E2-4718-8141-71ABF2DD86BD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{75A4087C-E563-4D0C-BE60-23630E43E14D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7763BD91-1F1D-451A-8570-2F7E3F7F0CC1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{776C6B29-8999-42F1-BE34-377AD0295116}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{77BD1EB1-2F04-4064-831E-40FFAC211787}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{77F7029E-5DCF-4924-94D9-4C69E885973D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{78868E05-8EBC-4917-8C8B-235F9DD08690}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{78A8E1DE-41CD-4B12-88FC-D3C4ABB2BB31}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{797DB6DE-990F-4A71-98EA-BC44E09B35E8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{79F958CA-7658-464F-AD6D-B57E92AA87C6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7B5A16C2-03C8-437A-91F8-888B020401E3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7B648AB0-9D5D-46C0-8E93-9202F0CD8A68}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7B7C164C-7698-4937-91FA-16DDF623FDA5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7C027969-982F-45C9-B03F-DC52E1E072F7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7C1B9F43-4F85-498B-BFA2-4BD1D7FFE53C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7DDDC26B-89AF-4329-B0AA-6A8A9A433C26}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7E58BA1D-4BE8-421C-A119-1A6DACD770D6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7EEB199B-2474-4FEC-B4E8-048D4D2C9A89}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7F59DC3F-D8CA-44E9-8B27-B93CAAFF1978}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7FAA19FA-AB6A-47E1-9A83-F95DEB13A8DE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{7FC16E3D-3728-41B6-BD87-6D12E5AA0026}" = lport=138 | protocol=17 | dir=in | app=system |
"{80513380-7748-4F98-99FB-00A23CC8642B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8155DD57-9746-4846-BA26-CBDF93926B2E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{826571B4-AD43-4555-9565-606B8D1C96EC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8423AC61-EF99-49B1-9750-C1B3F6F6CE8A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{84613B71-181C-452F-9D00-FC53A6FCA31A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{85726FFC-5921-4D01-B508-29DE0D40AE02}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{862F156B-60DB-4A0A-BDDC-BE25873846FC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{86F7C0F0-59DB-4B3A-B91A-8AC234D2AB57}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{883691ED-79C4-4C55-9930-47E727FCDE9A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8844F677-8A28-4AFF-BB8D-36C715E786C2}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{89D7626B-8331-4775-86F8-598C41A2A979}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8A95BADA-C539-4E36-878D-0FC83CD039B8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8B411965-2AD6-4417-9959-B62A7EB5D536}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8B8F9B53-6D76-44B0-BE8D-07F2270C5231}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8C18C03E-BC22-4418-B6F6-E53BD9D37C35}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8C445951-DDA3-4012-BE57-33CD2FB1BC45}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8C9C5FBA-EBCA-4298-97F2-829568403AF9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8D6AE2D4-FDAA-4DA8-AFA5-CB78C1F54278}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8E6323E3-7481-48B8-A6C5-6929545D4348}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8F8A5180-FD08-4631-A7A9-F8AEE9AD3819}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{8FA726A7-61BE-46AE-97CB-B60C29471293}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{901609A1-24C2-42D2-B02E-EB0B6C6A2583}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{902CCB86-526F-4C35-A60E-B9BD8CC82DBF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{905132DB-173B-437D-80BE-866B249D805D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9052F49F-751D-4D4F-A699-C55374F0720D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{91E6759A-758A-4EDB-A369-ABC3CF8F54D4}" = lport=80 | protocol=6 | dir=in | app=h:\programme\uplay\games\assassin's creed syndicate\acs.exe |
"{92A762F5-71D4-480C-AFFD-1EFF1A88F178}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{933EA8E6-CCE8-44B7-A944-BC63F2ED99A2}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9609A2A0-7545-490D-AC7E-7E25F002EF59}" = rport=445 | protocol=6 | dir=out | app=system |
"{960C54B6-8DD6-4DFB-B0D4-92D81F808828}" = rport=137 | protocol=17 | dir=out | app=system |
"{9651F030-D1E6-406B-9897-5AFAEAA1D429}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9790BAF2-101E-43A0-93C2-14420C73258F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{97930381-2451-46F2-8BE4-EBD7D24DB8F9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9829E6ED-D0BC-4852-9D05-01066CFD3374}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{98579FAF-90A3-4459-B8EB-3439AFD0B49A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{98987678-49BC-402B-9256-DF66E18CF71B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{98F98AB7-E277-48D9-8E6A-9AFC802B5D22}" = lport=445 | protocol=6 | dir=in | app=system |
"{9958AF36-41DB-4526-9502-98B57ED63366}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9984CACD-8722-4B4C-B1DA-11C721DEDF47}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9A60008D-F16F-4924-BC50-FA10EB101101}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9B45757D-38B2-42EE-B25A-71F52AD796C2}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9B5B8FA4-5ECC-457A-AA48-802BF2D8CB1C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9CA6CD96-9658-48B7-AD9E-C252EAD2BDB0}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9CC8AC29-BAB1-4AB8-A2A5-E8B21E4FB5C3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9DE3BFB7-4066-4458-BF82-A0243E23C031}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9DF5ADAB-A78C-4288-B7EE-DF82177F59B3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{9EEDB966-BC01-4CEB-A48B-5B13F80EB056}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A07A76B5-06AE-4357-8E27-D51E507B9B69}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A53CDD86-DF9D-44BE-B309-210A6879869B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A654C92C-F202-4402-B02B-6A3C9F1AF739}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{A73D8F82-E203-4943-9274-7A2F72FB2C7A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A8CDC7C0-9AC6-45C1-A50B-EED3CEE41834}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A9A16F19-6878-4356-A6F3-18D2BCFAD9DB}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{A9EDA5FF-316F-4637-8DD2-5E7F3AAA517E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AA259895-23A8-4638-805D-1EAE06BBD5BD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{ACB11644-9D84-4B56-B781-54000F97F9C4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AE129111-D405-483C-A43B-D7CC4F8BC550}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AEB75F9E-16D9-4742-B600-2D32FDE8EB5D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AF340386-CB3C-4705-9B50-4D34F517D474}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AF357AE8-BC03-45B0-BECE-CDF254A86EF5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AF67C518-4FDD-43BE-9120-548D932849CF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{AF68E724-E020-4F6B-A026-349C1CBAE12A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B0C52258-1F31-4AA7-B8E3-5F132240EF7C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B0F494FC-3211-4705-AFBE-7654896D98E9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B1409BBA-4E37-4333-8582-923CCD4B8F6A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B22319EB-71F4-4854-A694-EDCFEBA84A68}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B2C82F77-17A0-4AE4-9247-49EF80A32AAE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B46BBFF9-7472-4B08-9610-97AE3165D0B9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B4AF0129-BEC0-4F98-BDA8-1550049EDA37}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B634680D-29BE-4184-A686-8962295DB8A6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B78BB03D-0D62-4625-BC5C-E32EB9C89524}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B8797BCB-C345-4B3B-A17A-2EE6D335825E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B88AB3AA-20E5-4627-AB4B-422CFA83741C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{B8B1B2D3-A1CC-4A25-81D6-9F6CB9BD8CF8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BBCC23F3-D543-4DD2-B1A5-B645643123DA}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BBDA2AA3-D30A-457A-AB0F-711DA960A60B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BBE9D50C-E652-49EB-95AE-3DC9DEF3F34E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BCB17D5B-80F3-491E-BD8F-8C25CB2414D0}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BD0CF392-6D73-46CD-BFB9-2533CE95C359}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BE45E5F6-7D71-49CB-B397-5D94566B33E9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BE712C6E-F468-4FF1-B449-B8DB94B7959B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BED43A43-1E1A-4537-8F06-F9F718D4EB25}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BEF1DFA3-B825-4095-A67F-D60864226C19}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BFE7515F-4EBE-4095-B3C4-425AA1C2B023}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{BFF448E9-8CA7-4533-B79D-B34ACA0BFB46}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C088EBAE-FE2F-4A7C-909B-02D15FBC8F5F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C0DA0D50-A282-4DC2-8A66-27B4F788726F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C18C1CE6-3C94-4FB2-8677-DA1B98781729}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C1FDFAA9-2D0C-4B7F-AA22-BAC16DDDD975}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C64AAD90-8DDC-4102-9548-3652A9401107}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C6FDECDC-7BFF-4398-8779-A9B1C976F477}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C8546D42-67C4-4930-89C5-51C4F26FCDA1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{C97A7AEA-DD0A-410B-9332-8E0A4E070F54}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CB953820-00B6-4890-82B1-6C9F9F24AD29}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CC471296-97B6-42E9-843A-4D70F078F6FD}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CD0CCEB7-0155-49CB-8D4E-3C743676BC69}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CD26041B-8C5B-478A-94BE-E7F46A9CD02B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CDF246BE-D52A-4BB3-9026-D9BE252CE1D5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CE301B76-1CDB-4C47-8CC8-5964812A5726}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CE44F4A0-E747-4270-8107-E059216C635F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{CF11565B-CA51-46C3-B677-BF0296848677}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D0B2F476-A286-4D72-8277-9F48849E5DCE}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D14AC5A1-CFFB-4C41-A210-9096E8E8B3A6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D151D9B4-69AB-49C6-A1CC-7FA20CE42159}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D2D0D84F-2713-4D48-97BE-49BAD0D7AC65}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D4E33953-CB8D-4DDA-B0B7-49ABFF98376C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D80B3F1C-FFDF-4BF6-A95C-79ED20D657EF}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D81723F0-799E-4FA9-93F9-019325772670}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D8B799AF-57B3-49FF-9C5C-16BB4ADC87F6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D947EB54-FD26-4F6B-A8C7-76E4347CBE25}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{D94D92B1-A4A3-493F-A0FE-FCA8B2ECB72B}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{DB080CB2-DBAC-4FAF-8A4C-F091CA7930DB}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{DB9FB736-7271-42F1-9A19-7EF4F35004CC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{DBF265BF-89D1-40AA-8EDB-CF49F29C1CD7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{DFCE7B1B-A0C3-41A0-9BF8-D76045534B4E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E0879C28-E438-4948-A68B-16ABF9E34825}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E2B7545F-F8F2-452A-883D-DA1B8C5C14D7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E3D3BC2D-89CF-4FEA-AC34-BD0FB1C1FB3F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E4677943-4809-41F4-AA1B-7386B1BDD8B9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E468DEC2-9E1F-4D14-9280-C5A2C0673B6D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E4FB5E86-94A6-4F5B-A384-FC9908DE3B5E}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E585C08C-AAC7-47CB-8D65-2F8A060309BA}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E6DF3F11-D621-470A-ACA7-9CBD8414951F}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E71EE8D8-F343-4C28-BBA1-2DD299F0BFB8}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E8304080-290B-4617-BEA2-D55A0AEDE061}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E886355F-7504-4955-AA73-98021821A3DC}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E89AF2BA-C7D6-427E-94CD-3446AE5C0C9D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{E9269052-FE64-44E4-BC31-5899E47CD50D}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{EA2AF9DB-AAA8-4DF3-9B52-DA1C4A622B99}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EA430E3D-8104-430A-9386-205BCD166483}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EB0F0988-50AF-47AE-A132-581E29BDFB74}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EB3603CA-F786-4711-A74E-6F18A7528218}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EB3B11F7-4173-4169-8173-339E6B283E16}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EBA797CB-F355-4959-9BF9-C83F057924C5}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EC40403D-65B3-4FCF-A61E-80BE788EFBF6}" = lport=139 | protocol=6 | dir=in | app=system |
"{EC77EBAF-554C-484F-B364-6F46243BA51A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{ED9A5ABA-A271-4E82-B252-EAE99C1109DB}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EE8904A4-275D-44CB-AEFA-0C97458FF105}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EED15B78-6086-4DCF-8A6F-9813B27CDF21}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EF463F9B-102D-4A1E-B0E0-5C6BBE8948F1}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{EF6D7BBD-12E2-4087-AC19-13221B5D0E52}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F01F9145-2B89-445F-A4C7-BFF41E98F682}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F09514B6-1E6A-4487-A0FC-3D491B3D295E}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F0FCA94B-2DAD-4164-9C10-0E45B0803F47}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{F1D5B639-4A0E-43AE-B1D1-EE1C57E2EFE7}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F238437D-94F2-4657-BF0E-886F77F217A4}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F24147DC-5C0D-4118-A2F9-BFEEEBA9F80D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F46FFAAC-EF19-4E2B-89D4-3D0706A201D9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F5327578-8ABD-45BD-9777-06FD91D43380}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F599E881-A26A-45D1-9AD7-78148130619C}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F5C7F79B-0FCB-4B42-9243-43E0C169AE84}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F65F57DA-48F1-4403-A469-1A816C1EDA68}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F6F33401-293B-4F8D-AAFC-7B6F5C4E1948}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F743F4E2-991E-47D5-8AF3-EDC27E70BF31}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F78DB957-7379-4E96-9018-A21CCD7D0C0A}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F7F54016-1A1E-4830-89AF-F9A8CEDFC8C6}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F8441524-0FC2-4B58-8620-D25FBB8BF5A9}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{F86E22EB-8CF4-4705-8200-9E7F85B8D54D}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{FA40DA03-697A-4BC8-802C-189E111B7521}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{FCDF7798-1206-4109-B228-EE7ED48C787F}" = lport=9103 | protocol=17 | dir=in | app=g:\programme\uplay\assassin's creed odyssey\acodyssey_plus.exe |
"{FCECE2A5-8655-4E13-9A61-DD278CD8E7B3}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{FD3AAC5E-2BC2-487C-8C2B-91792EE0E69E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\outlook.exe |
"{FE266EC5-971A-484B-9BF3-17CDCCC25B90}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{FF505FD8-7377-45E3-82C7-4F85D5F92858}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
"{FFA17206-E769-43F6-BDCF-D33465CE9A83}" = lport=9009 | protocol=6 | dir=in | name=allow 9009 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016BDD9B-A569-4860-917C-AB0951818E59}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization vi\launchpad\launchpad.exe |
"{0226AC2D-A837-499C-8D92-7E04E218312A}" = dir=out | name=@{microsoft.bingweather_4.46.23151.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{06A786FC-BF23-471D-B45B-51B43383FD68}" = dir=out | name=@{microsoft.storepurchaseapp_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{07713F05-D133-43B3-B75E-527B4A6C5C88}" = dir=out | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{08285F87-8A2B-483D-B1BD-E1BA126F051F}" = dir=out | name=microsoft pay |
"{08539CC7-1EE9-41E8-8D30-5E5E3CB4EEC6}" = dir=in | name=onenote for windows 10 |
"{0A2DC5BC-7C07-440D-B47D-359A0BB4A057}" = dir=out | name=@{microsoft.zunemusic_10.20092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0C4A2D6A-4D0D-4092-B870-3149E7B024B2}" = dir=out | name=@{microsoft.zunevideo_10.20092.14511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0CB9A455-D46F-4547-9FE8-622FA8E434F2}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{0E191866-05B0-4805-98CB-F06F8BFF74CE}" = dir=out | name=@{microsoft.windowsmaps_10.2011.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{0E4B8310-D4C6-45AD-BAD6-FACE249BD8E7}" = dir=in | app=g:\programme\steamlibrary\steamapps\common\allods online my.com\allods online de\bin\launcher.exe |
"{0F109C04-2AD2-4D0C-BF4F-076C686BADFD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0F15FEC3-0EE0-4F41-8556-1A7064B2A426}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\allods online my.com\allodsmycomsteamloader.exe |
"{0F9EDB70-D78E-4F08-A9E5-257FF4CF1225}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{1036D65D-031A-4AA4-B916-84A6302A73EF}" = dir=out | name=@{microsoft.getstarted_9.13.33161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{10D42B82-D1BB-4016-B299-9F4C7700DCBC}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\wreckfest\wreckfest.exe |
"{1134D6E0-3173-4FAB-BF1F-109C6188C905}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1393DCA5-64A8-41BB-880E-9E4646DFD0AA}" = dir=out | name=xbox game bar |
"{139DE86F-AFC7-4B73-B0B2-CCFDD92486E3}" = dir=in | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{16F04710-90A9-48D1-907E-480C549A1774}" = dir=out | name=@{microsoft.windowscalculator_10.2010.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{1730AC81-1750-4CD0-96BE-7F8654C94C2F}" = protocol=17 | dir=in | app=g:\programme\uplay\watch_dogs2\bin_plus\watchdogs2.exe |
"{17E93FC6-DC97-416B-81A7-829F8BA7CA57}" = dir=in | app=h:\program files (x86)\plex\plex media server\plex dlna server.exe |
"{180CCB2A-7E38-4C63-9DEA-4E4ADA2EECBD}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{182E4102-68EC-4AF3-AB20-E3B9C3A8CC3D}" = dir=out | name=skype |
"{1970723B-F2F0-4E31-8CA0-0590E9F26530}" = dir=out | name=@{microsoft.desktopappinstaller_1.4.3161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{1BD59888-7DE8-4216-8E19-6C89DF3077D3}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{1CA5645B-04B2-4F5B-9A73-25A7639C0009}" = dir=out | name=microsoft solitaire collection |
"{1D197497-63F4-4DE3-AC23-64C39D724C89}" = dir=in | name=@{microsoft.yourphone_1.20104.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{1E82349B-7870-44A1-800B-4DE6C661A138}" = dir=in | app=g:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{1EA491F0-DF46-4055-BF07-392277A2DA36}" = dir=in | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1EC0934D-2B47-41B2-818C-B1CE30C9C5D3}" = dir=out | name=@{microsoft.lockapp_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{20D38CE1-E254-4B11-90EB-5C159DBAC589}" = dir=out | name=@{microsoft.todos_2.32.33291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.todos/resources/app_name_ms_todo} |
"{225B8CFD-7DE9-4977-A108-BD0A7D72D525}" = dir=in | name=microsoft solitaire collection |
"{23424473-5315-410B-B146-2B0775CD8C7C}" = dir=in | name=cortana |
"{25BB3974-B8E4-4BA5-BBC9-14912A20DAA5}" = dir=out | name=@{microsoft.lockapp_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{26D9079D-3FEE-4597-A932-FAC89CA9FBDC}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{27DEAD8C-1074-4CD3-8356-145D2B147ED3}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\beamng.drive\beamng.drive.exe |
"{27E26B33-9D2B-4BB8-A2C1-D463F93EAACA}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{288D04AC-3308-4DCC-8F01-00886BB77447}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2AC5B5D0-D899-45DE-AC66-D8CB82A91829}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{2E132007-944D-4A53-A460-99376130BDCF}" = dir=in | app=h:\programme\uplay\games\assassin's creed liberation hd\ac3lhd_32.exe |
"{2E2DF32B-C6D1-4364-A769-D3178BE1E7FA}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe |
"{2E743466-C370-4A5B-9AD4-0332285BA91D}" = dir=in | app=h:\program files (x86)\plex\plex media server\plex tuner service.exe |
"{319B8D5A-CE8D-43A7-8808-B7494A3E9CBE}" = dir=out | name=ncsiuwpapp |
"{32E35034-D783-4E00-B60C-E02ABA9D3DD0}" = dir=out | name=onenote for windows 10 |
"{346034A4-C411-4F0C-B02B-BB42FF38A6C8}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{3724F6E2-8E64-4DBC-96F1-88C07D1B8DF2}" = dir=in | name=netflix |
"{37DB9966-F0C0-4EE4-BA2A-D91CA1A99BF7}" = dir=out | name=onenote for windows 10 |
"{3A55B6DA-6786-4059-8F30-4FB4DA5A3345}" = protocol=17 | dir=in | app=g:\programme\uplay\watch dogs legion\bin\watchdogslegion.exe |
"{3B565DF7-53BD-43FC-8DD2-C304EF8B3C84}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{3E3FA7C2-6680-41C9-9CB6-0F45DD65BEA8}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\among us\among us.exe |
"{3E48FF0C-D3A6-4744-9400-5430D50AEDFA}" = dir=in | name=skype |
"{3EDC1276-8EF2-4B44-9685-7303162F0D85}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe |
"{3F9DE2F1-CA4E-4A33-BE9C-556A650C4FD9}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\dead by daylight\deadbydaylight.exe |
"{3FF6B4AD-7853-4B57-BCEA-D166B30CD6B4}" = protocol=17 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer_service.exe |
"{413B53A1-3E13-4B32-BD59-751DC44218C2}" = dir=out | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{41AFF113-3D49-43FE-8D12-9F8B39755813}" = protocol=6 | dir=in | app=g:\programme\uplay\watch_dogs2\bin\watchdogs2.exe |
"{41EC163D-FBDF-4BF9-9A08-7F846DA6F645}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{422C03B4-BED2-4086-8BD2-E2F2248EC75E}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4238A560-8AA9-4999-B7FF-B21258D3FBA4}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{430AECD8-FAC2-4280-B941-E64A501BCE3F}" = dir=out | name=cortana |
"{4586B0FE-F101-4DD4-9CA2-527D242F0920}" = dir=out | name=xbox game bar plugin |
"{462C5AB3-3E0F-4878-BB90-92A82954EC08}" = dir=in | name=xbox game bar |
"{48001033-9119-43D6-9926-41E0131D1A27}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{4821384B-6F20-48B0-BEA0-2B2AA2BFE209}" = dir=out | name=@{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{49AEFF8E-0466-4C8A-A8E9-C50855040A36}" = dir=in | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{4A6BA015-1596-4A95-B131-340F084CDF2E}" = dir=in | app=c:\program files (x86)\gigabyte\appcenter\gcupd.exe |
"{4AEA242F-4724-44BF-B58D-C0CF88E42BF6}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\beamng.drive\beamng.drive.exe |
"{4C736B25-C183-4110-B110-2EB260B94125}" = dir=out | name=@{microsoft.zunemusic_10.20092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4D0021A3-43E0-4E3C-870A-D680DA94072A}" = dir=out | name=@{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{4DBDD82D-D712-4224-9F83-DB375D1178A7}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\payday 2\payday2_win32_release.exe |
"{4DD71E7C-2548-439D-9CC7-B1C66A89500D}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{4E19996F-8EED-4377-A3AA-6195A832F5B0}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{4EAF0110-442D-4731-94CE-84C37A6A3D5C}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{54C5FD28-8A46-4E7C-A3FB-E0D12918EE3D}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{5752B291-ACAA-438B-B16F-0D008BFC8417}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{5888BB5C-B506-4FF1-8D9D-1AB20C13E101}" = protocol=58 | dir=out | app=system |
"{5899171C-B1D3-4286-ACCF-446E76D692E1}" = dir=out | name=@{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{58A21FAB-DFDD-411B-A8B9-419ED7A05CE2}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{5C12FE61-258E-412D-B7CA-4DE887A2BA6C}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\call of duty black ops iii\blackops3.exe |
"{5C2085E4-6F47-484B-8AC8-63243BE559D8}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{5CE0DB93-2883-406F-AA47-2FF549D73668}" = dir=out | name=xbox tcui |
"{5D8A2C99-F7DA-4243-96CF-20C03F2BD064}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{5E24B4FE-8DBA-4FD1-BB93-2A951450AAF5}" = dir=in | name=@{microsoft.desktopappinstaller_1.4.3161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{5EC72408-9005-4CBF-BB03-FA5A0AD6C0E4}" = protocol=58 | dir=in | app=system |
"{5ECD9456-BAE5-49CF-80BE-202009E6D589}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\wreckfest\wreckfest_x64.exe |
"{5FD4D251-712B-43BD-9FCC-AB1A942FA6A1}" = protocol=6 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer.exe |
"{62720B79-55E6-48DD-8888-2A89E24C950B}" = dir=out | name=@{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{6417D02F-1236-4E39-8ABD-2979B9D09303}" = dir=out | name=xbox game bar plugin |
"{6466400F-23B6-4DAE-A260-956355B62CB9}" = dir=out | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{65BBB087-658F-4FD4-9381-0C485A85CC7F}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{674561F6-6745-45AE-8FCA-48BA4FFD15D7}" = dir=in | name=microsoft solitaire collection |
"{67AF3586-FFFC-4F4B-9FBD-744D151BF6C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{68785FF3-F573-4BD0-9F78-9DA7311D2148}" = dir=in | name=@{microsoft.zunevideo_10.20092.14511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{68CF966A-3018-43ED-9B8C-6CDD16748FDF}" = dir=out | name=amazon music |
"{6A914D08-6884-447C-8286-DF37B76294AA}" = dir=out | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{6AB88638-B0AF-4021-9D7A-ABA0FBA7FAA7}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{6ACBF067-C968-48A5-98BC-DCF3E49983E5}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\payday 2\payday2_win32_release.exe |
"{6AE5D535-0227-4F86-9653-7F5AD6B17498}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{6B92393A-49C8-4152-9950-3CB147776CA3}" = dir=in | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{6BF11FC8-7540-4B84-B931-63112997DDEB}" = dir=out | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{6C26076E-B9AF-42D2-A2F7-ED9DA5A0CC78}" = dir=in | name=@{microsoft.yourphone_1.20111.125.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{703AA02F-A5AA-4D5F-9DB7-7BB8407B2931}" = dir=in | app=h:\program files (x86)\plex\plex media server\plex media server.exe |
"{70AE13B4-E1BA-4CD2-8431-EB57A13D22BF}" = dir=out | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{715084A9-3B08-4B5F-8780-BB62BF73D198}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{71C259EB-8369-4AEE-84C0-C6AD4C83E469}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{73A037D6-AA68-4BE5-8023-093CF12D6DF0}" = protocol=6 | dir=in | app=g:\programme\uplay\watch_dogs2\eac.exe |
"{7459A16F-9FB3-48D1-9DB9-C03F81F2E16A}" = protocol=17 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.66.77.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{760C9839-A253-438A-8887-F6A0D7AF45BA}" = dir=out | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{786BC53E-C1B7-4BA8-B66F-4164F14B8546}" = dir=in | name=edgedevtoolsplugin |
"{787848F6-2191-4031-8669-47B55C16BC6E}" = dir=out | name=edgedevtoolsplugin |
"{79D86693-D51E-4262-9828-8AECD1943FAD}" = dir=out | name=@{microsoft.storepurchaseapp_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{7AB82544-1B57-4300-B527-D54877A16F59}" = dir=out | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{7AD85ACA-0D91-4770-A511-8946D0A5A20A}" = dir=in | app=g:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{7AFAEA7D-0589-457B-BD9B-855699C3DDB9}" = dir=out | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{7BA34BAB-84FC-4E05-AC16-280CFA7378B1}" = dir=in | app=g:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{7BD39D05-D215-4CFF-9BF9-307CF80BE827}" = dir=out | name=@{microsoft.zunevideo_10.20092.14511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7D2D1975-15EE-40D2-B2DC-F8F2C1D5830C}" = dir=out | name=@{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{7E5A5078-A793-442A-BA71-FDC0F35C4340}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{7E9EEBB3-B284-4B0C-A4DC-736344DC2978}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\sid meier's civilization vi\launchpad\launchpad.exe |
"{7F8AA965-8883-4DCB-A9EF-298E2DF8FE19}" = protocol=6 | dir=in | app=h:\programme\uplay\games\watch_dogs\bin\watch_dogs.exe |
"{808A97C9-19E5-4AC4-A947-DD934A1E62B5}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{80C37001-2052-42A7-9980-0B4C71F85BB2}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{8509D49A-6B35-4FC5-9E46-FABB2C219A61}" = dir=in | name=onenote for windows 10 |
"{871E0FCB-7659-4244-98CA-FA1F2963080F}" = dir=out | name=nvidia control panel |
"{87A71489-6C6E-4ED1-B67A-50FCE55F4216}" = dir=out | name=amazon prime video for windows |
"{884ADA83-A667-4B8B-A28F-6FC912E29B66}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steam.exe |
"{884CC68A-3CCA-4347-9985-CF9CE45A6EBA}" = dir=in | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{8856F5CB-6A89-40D7-8FD9-950AC6D634F6}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{8953D7FC-E6A6-478A-90A0-192C1EC81428}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{89C27047-0265-4D30-A9B3-A2F700E38227}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\allods online my.com\allodsmycomsteamloader.exe |
"{89C5EC4C-D64A-4540-BBA9-785E3C2FF6D5}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{89CB9AD8-FED3-43B2-B285-836A7495805A}" = protocol=17 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer.exe |
"{8BDA71B4-F631-434A-8C1A-DC63131CE5D5}" = dir=out | name=windows feature experience pack |
"{8D82BEE0-7808-4500-9F5D-FE0200F345B6}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{8DFFB167-17D3-41EF-9C8A-4ACDA96A67A9}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{8EBB9437-8FCE-467D-B48C-307A52B6DF4E}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{909974B3-FA4F-4159-8484-196A6C18A110}" = dir=in | app=h:\programme\uplay\games\assassin's creed liberation hd\ac3lhd_64.exe |
"{93196550-C506-41C0-8052-73A348B6CC42}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{936E0D70-C796-467B-8944-9AAC910BED39}" = dir=out | name=windows_ie_ac_001 |
"{938962E1-ED51-403D-BD4E-090DA32FE30B}" = dir=out | name=windows feature experience pack |
"{93AE7A1A-D3F5-4BF9-A032-23E68995E3E1}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{947DD9A7-E8AF-4B0A-AEDE-CDDF4E59D5CA}" = dir=out | name=microsoft pay |
"{94C3C4B4-BD1A-44EF-B14E-E41495A88F7E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{956F87C5-6305-4071-8323-D42AAC462F81}" = dir=in | name=edgedevtoolsplugin |
"{95812E4C-0D15-4176-8DE2-FA95ACFEA11F}" = dir=in | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{99FAD3C6-6EB7-4D84-A89C-4C15D449238F}" = dir=in | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{9A0F51AA-C58D-48BE-BA0A-572DE26B23D6}" = protocol=6 | dir=in | app=c:\program files\windowsapps\amazonmobilellc.amazonmusic_8.0.0.0_x86__kc6t79cpj4tp0\amazon music helper.exe |
"{9A9F9476-3878-49CC-9F33-01C399BA9E8A}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\among us\among us.exe |
"{9B39CC8B-6878-46ED-A39A-6A38417F03D1}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{9B884AAF-A314-48E4-8061-33E96AE7FEF6}" = dir=out | name=@{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{9E1C9D18-A17E-4822-A5ED-68713DAB55DF}" = protocol=17 | dir=in | app=g:\programme\uplay\watch_dogs2\eac.exe |
"{9E7048E4-683C-4D76-B648-029A012DCEF1}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{9F1C4D51-EF49-4254-8A72-4CB575A32822}" = dir=in | app=h:\program files (x86)\plex\plex media server\plexscripthost.exe |
"{A1BE7037-E86F-4206-9621-F052DC08B154}" = dir=out | name=@{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{A21B38AD-4976-4F94-A93E-1350888A32CE}" = protocol=17 | dir=in | app=h:\programme\uplay\games\watch_dogs\bin\watch_dogs.exe |
"{A37F0574-8815-43DD-9B7A-B51DE6101B90}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{A3A5CAEE-A7A2-4239-BEE5-60DDA98BCE85}" = protocol=17 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.66.77.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{A3A87C31-624B-4300-876C-63C70765A23E}" = dir=in | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{A4C491AB-9C55-4D6B-81B8-8ABF16EEA7B6}" = protocol=17 | dir=in | app=h:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{A6142C16-1DDC-479F-8A9C-26F5F003AE73}" = dir=in | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A7D1A36E-F96C-4D31-B74B-10F46D758F89}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{A95F6B91-1FC3-436D-AFB1-12183EA2A51E}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{A96FDFE4-FAE8-4838-B2D0-28702693F6D7}" = dir=out | name=@{microsoft.yourphone_1.20111.125.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{A9E4729F-4531-4D79-B77A-095B27885C7F}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{AA0671F6-F75D-4E5A-A5B4-FEF6621B93A2}" = dir=out | name=@{microsoft.windowscalculator_10.2009.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{AAE1B9FB-406D-48DC-8E91-2981C53D3D03}" = dir=in | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{AB2E7005-675B-486A-A07A-B1C781A0646C}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{ABA7653C-CA3C-4FEB-9698-65CC5D935B67}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\tomb raider\tombraider.exe |
"{ADF955C6-C458-4D8A-A099-66B2C92B85FE}" = dir=out | name=ncsiuwpapp |
"{AE11FAE6-E03E-4947-BCCF-9018418F9260}" = dir=out | name=microsoft solitaire collection |
"{AE161101-E3A0-4C33-8403-A40B62AE832E}" = dir=in | name=cortana |
"{AE30BA02-BBE3-4D29-9340-B4201DBC048D}" = dir=out | name=@{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{AE8BA026-9403-4FD7-92DD-EC445DEF32AA}" = dir=in | name=@{microsoft.zunemusic_10.20092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AEA1637E-FDF7-41EA-B318-52980F992E5C}" = dir=in | name=@{microsoft.desktopappinstaller_1.4.3161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{AEE1DF78-731F-49A9-9064-990E95B5CC82}" = dir=in | app=c:\program files (x86)\gigabyte\appcenter\apcent.exe |
"{AF4C50D8-18FD-415D-8465-8DB2041121CD}" = dir=out | name=@{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{AF9718C3-BFEE-430B-BF40-9C36EC88A8CE}" = dir=out | name=office |
"{B10A27C3-5699-4820-AD43-5DD38AC6C2B0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B3092905-0718-4140-8BE8-E3CCE0356976}" = dir=in | name=@{microsoft.zunevideo_10.20092.14511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B3506CE9-057A-423F-B740-69463DA6553F}" = protocol=6 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.66.77.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{B43D0E78-8AE4-4B35-B180-937FA915E441}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{B483D0BD-9B6B-4716-8D3D-69EDAA86417E}" = dir=out | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{B5E38287-9854-4133-806D-0F7B8E00062B}" = protocol=1 | dir=in | app=system |
"{B6C9EBE8-8DB2-4EDA-BB19-BA910A898A53}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\assassin's creed unity\acu.exe |
"{B6F06ACE-1105-46BB-BF21-DA188A49E134}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\dead by daylight\deadbydaylight.exe |
"{B769692B-4E38-42C0-B5A8-AB58A649F489}" = protocol=17 | dir=in | app=g:\programme\uplay\watch_dogs2\bin\watchdogs2.exe |
"{B8007968-D965-461D-A9F5-5BE9A48339EF}" = protocol=17 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer_service.exe |
"{BB070AAD-6B52-42EC-8E38-934E6DA54915}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\besiege\besiege.exe |
"{C0D74F91-3E05-4D16-AA01-5FBB01D3447D}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\assassin's creed unity\acu.exe |
"{C0F307DD-7F9F-4D8B-861F-23BA801A3ECE}" = protocol=6 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer.exe |
"{C118424B-21BF-4BAD-BE84-BEF93867C465}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{C271ABFC-434D-4914-9361-C575F25CCF70}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\wreckfest\wreckfest_x64.exe |
"{C47E1AED-02B5-4A9C-9382-83B7EDFEA7DD}" = protocol=58 | dir=in | app=system |
"{C5C8287C-866C-4D01-8126-F4CB1BD1BE61}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{C60C5437-4AA9-4558-BEE2-BDA2200AC77A}" = protocol=6 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer_service.exe |
"{C6F39370-68AB-499F-9E8A-AFC6B7EBB7D3}" = dir=out | name=edgedevtoolsplugin |
"{C83C367C-2433-47F5-AB78-FC02F48F049C}" = dir=out | name=xbox game bar |
"{C842A5DE-0D43-41F2-B624-C7579A943852}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{C88A5877-DA68-4B05-ADFD-3F8C4BF2963A}" = dir=in | name=@{microsoft.todos_2.32.33291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.todos/resources/app_name_ms_todo} |
"{C91EA612-7CE3-49FC-B74B-072ECBF5CE04}" = dir=out | name=@{microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C9C5ABCF-5AA4-4F84-A697-7F42C466AA45}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe |
"{CA10E080-9D2B-416E-A6CB-7B16CDF33CB9}" = dir=out | name=netflix |
"{CACD8413-E65B-4060-AADE-CDFC27486E73}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\call of duty black ops iii\blackops3.exe |
"{CADEAA8D-FA7F-4178-95D9-71841612D3A4}" = protocol=6 | dir=in | app=g:\programme\uplay\watch dogs legion\bin\watchdogslegion.exe |
"{CAF55EB5-ED8F-4DBF-935A-049BB0A09848}" = protocol=1 | dir=out | app=system |
"{CBE8EC1F-AB28-469E-B059-D5697B02C384}" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\batman arkham knight\binaries\win64\batmanak.exe |
"{CC067E32-4E89-4D7A-BAF4-659B4E9E6320}" = dir=out | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{CD276B12-4AD6-4F46-A620-C869659E279C}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\besiege\besiege.exe |
"{CD655D27-EE12-4F43-8349-411302EE893C}" = dir=in | app=g:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{CE258CEE-6668-4C68-8F90-15FDDE53F61F}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\tomb raider\tombraider.exe |
"{CEF61FFE-680B-4713-A775-4F0F0E398F34}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2009.29132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{D020BEF7-D1FE-490F-B28A-185678BBC212}" = protocol=17 | dir=in | app=c:\program files\windowsapps\amazonmobilellc.amazonmusic_8.0.0.0_x86__kc6t79cpj4tp0\amazon music helper.exe |
"{D0CCB80E-0E4D-4A87-AB33-5E9DC12F9E1C}" = dir=in | name=@{microsoft.xboxapp_48.70.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{D29B1773-DF3C-4B19-83BB-C2662BC9AD64}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{D2C949DA-8081-4F46-B782-2710E335F9A6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D4A3137A-4F0B-40F7-A90A-62EF6CAA7D38}" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\wreckfest\wreckfest.exe |
"{D610A223-8F39-4297-A060-938E9F899430}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{D619D246-E916-4FE4-8167-8C3899C9457B}" = dir=in | app=c:\program files (x86)\gigabyte\appcenter\gcupd.exe |
"{D95D2CC7-B930-4B92-97B3-935A622F8F01}" = protocol=17 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer.exe |
"{D9E3A425-38D4-44E4-A10D-27492E3C80AC}" = protocol=6 | dir=in | app=g:\program files (x86)\teamviewer\teamviewer_service.exe |
"{DAE1B244-2654-4C22-9C03-8F75C38131C2}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{DB59FEB2-CCAC-4507-9008-8D0C2AA99F67}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{DC9A95E3-DBDF-4F82-A168-6FB17B8D016E}" = dir=out | name=skype |
"{E25D0CD7-ED3B-4BBE-B991-2AF39D30381F}" = dir=in | app=c:\users\ilias\appdata\roaming\zoom\bin\zoom.exe |
"{E2C20904-1B54-4106-B6E9-805ABDA3B212}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{E39F3FA4-DC54-4A25-B0A9-A31712ED2CC0}" = dir=in | name=@{microsoft.zunemusic_10.20092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{E48051BD-EE50-4560-8952-446B1986705E}" = protocol=6 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.66.77.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{E5450A86-AE43-4381-A7AA-802D68B53755}" = dir=out | name=@{microsoft.yourphone_1.20104.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{E66859C3-FD3D-4924-9E80-213AFA364A4C}" = protocol=6 | dir=in | app=g:\programme\uplay\tom clancy's the division\thedivision.exe |
"{E7C50A8B-B6D6-4AC0-8017-6E39440D7D53}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2010.15012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{E7EEB068-763A-4981-A3E5-DE54CAD90DE7}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.19041.423_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{E89F7144-8877-45F2-A916-4AA8F78DDAA4}" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{E976AB1A-A71D-4AB4-9805-96D1F282EDCE}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{EC66CB68-409C-458E-B106-0032E7714A26}" = dir=out | name=@{microsoft.desktopappinstaller_1.4.3161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{EDBF839D-8A11-4F71-91C5-E9128B5F2772}" = dir=out | name=windows feature experience pack |
"{EF6BD5E2-8357-478E-BE90-5B51401E7CB3}" = dir=in | app=c:\program files (x86)\gigabyte\appcenter\apcent.exe |
"{EFAE99FC-CB5F-4626-A1DC-60EB7DD1716D}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{EFBB43D7-2E2E-44CD-A46C-B12453FABA1E}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{EFD9942B-8C50-46C8-99E4-C6E365BCE00E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{F0CDF1A2-FDF0-4259-9D24-D3D7DE1C4954}" = dir=out | name=xbox tcui |
"{F1F0335B-277C-4164-B066-58E9CDC3B6F0}" = dir=out | name=@{microsoft.windowsmaps_10.2011.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{F38374B4-828E-4A8D-A692-C271AA9A55C8}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{F41113D0-7C62-40B8-85F7-0E3B1F443DE8}" = dir=out | name=office |
"{F4FC2456-6F33-408E-9004-4F4EACA24F08}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{F5F9DD23-9136-413B-819C-3F4ECF609960}" = dir=in | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{F6401DCF-0AA0-4BF1-B4AD-1CC1B5DFBF32}" = protocol=6 | dir=in | app=g:\programme\uplay\watch_dogs2\bin_plus\watchdogs2.exe |
"{F69665A2-2B24-4355-9E06-3569D87CC5EB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{F6FA9F55-0F79-4BB4-BF7A-4D09054EE9AF}" = dir=in | name=skype |
"{F702703B-4DA4-4B05-B868-91E81CAA1A73}" = dir=out | name=nvidia control panel |
"{F705945F-32C5-497A-BCE1-961AD30B39FB}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{F74A1A1C-242D-4E85-8701-AF017716FC30}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.19041.423_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{F76E4037-31D3-4DDC-B1C4-9B2C371286E9}" = dir=out | name=cortana |
"{F9EAB72B-A536-41BA-BE21-129719743A02}" = dir=out | name=@{microsoft.bingweather_4.46.22742.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{FEDA2D42-5EA6-4BB3-8643-AEFE04041A4E}" = dir=in | name=xbox game bar |
"{FF145146-04D8-4EF2-A3A3-60393312A3E1}" = dir=out | name=@{microsoft.getstarted_9.12.32951.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{FF5FE488-404A-4CDA-930F-3038EE1D679C}" = dir=out | name=@{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"TCP Query User{1970B036-0320-4B58-A5FF-3622E74BCA3D}C:\program files (x86)\tautulli\tautulli.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tautulli\tautulli.exe |
"TCP Query User{1CCD513A-D05F-4DE7-A964-668BC97CDAB0}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe" = protocol=6 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe |
"TCP Query User{2E6A6070-CCAA-4D83-AD54-64E3807CF8D6}H:\programme\uplay\games\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=h:\programme\uplay\games\far cry 3\bin\farcry3.exe |
"TCP Query User{40F2E5B1-7CF1-4854-AF42-1CE0155D5BD1}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=h:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe |
"TCP Query User{4F2987B9-E54F-437F-9DFD-281A1E1C3B46}G:\program files (x86)\samsung dex\samsungdex.exe" = protocol=6 | dir=in | app=g:\program files (x86)\samsung dex\samsungdex.exe |
"TCP Query User{5C47F3BA-2A49-43C9-BC11-F28D23192A1E}H:\programme\rockstar games\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=h:\programme\rockstar games\grand theft auto v\gta5.exe |
"TCP Query User{68AC0099-9881-45D0-B2D9-ABF26FD4B350}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe" = protocol=6 | dir=in | app=g:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe |
"TCP Query User{698DF1BC-393E-47C6-A19C-3D96345DF257}G:\program files\epic games\totalwarsagatroy\troy.exe" = protocol=6 | dir=in | app=g:\program files\epic games\totalwarsagatroy\troy.exe |
"TCP Query User{750959BD-167F-4B3C-BD44-1C66A5629413}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe" = protocol=6 | dir=in | app=g:\program files (x86)\the sims 4\game\bin\ts4_x64.exe |
"TCP Query User{77F09BE0-845B-47AA-9824-EDF96A67788D}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe" = protocol=6 | dir=in | app=g:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe |
"TCP Query User{8038F798-E538-458B-BBAB-6CA4DFF7C523}G:\program files (x86)\the knight\rage 2\rage2.exe" = protocol=6 | dir=in | app=g:\program files (x86)\the knight\rage 2\rage2.exe |
"TCP Query User{A9E1CF12-2656-4B8A-B67C-984D441B4176}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe" = protocol=6 | dir=in | app=c:\users\ilias\appdata\local\gamecenter\gamecenter.exe |
"TCP Query User{B5941CD9-D6B7-49F0-AF8F-CC74E054C46D}G:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=g:\program files\videolan\vlc\vlc.exe |
"TCP Query User{BD216EDE-6A0C-4278-99C8-AAF8D861B52B}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe" = protocol=6 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe |
"TCP Query User{C7E780B7-2916-459A-80A3-24A4EF243FB2}G:\program files\rockstar games\red dead redemption 2\rdr2.exe" = protocol=6 | dir=in | app=g:\program files\rockstar games\red dead redemption 2\rdr2.exe |
"TCP Query User{CFB02508-51DD-4E0E-8A27-92D516143BF9}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{D52E00C1-A812-4F43-AC0B-BAB8C9BA21CD}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe" = protocol=6 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe |
"TCP Query User{D8A56D9E-7FEF-45BA-B9F9-E1C610676C98}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe" = protocol=6 | dir=in | app=c:\users\ilias\appdata\local\gamecenter\gamecenter.exe |
"TCP Query User{E4199A6A-DA0D-4C3C-A320-770B4F3EC150}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe" = protocol=6 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe |
"TCP Query User{F0C934A0-B3F4-4D9A-8F2B-6B0502AF23A6}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe" = protocol=6 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe |
"TCP Query User{F608652E-A605-410E-BAD2-43FA5CFA1C82}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe" = protocol=6 | dir=in | app=g:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe |
"UDP Query User{0A45418E-3CD3-4C46-8909-FBB139EF5281}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe" = protocol=17 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe |
"UDP Query User{151EC62C-A23F-4B62-A3EB-CB86CEF63310}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe" = protocol=17 | dir=in | app=c:\users\ilias\appdata\local\gamecenter\gamecenter.exe |
"UDP Query User{2D0544CE-01CA-4DF4-8D2F-07BD0A60961E}G:\program files (x86)\the knight\rage 2\rage2.exe" = protocol=17 | dir=in | app=g:\program files (x86)\the knight\rage 2\rage2.exe |
"UDP Query User{2D31F209-16D4-4065-8A6B-F9060FA67C89}G:\program files\rockstar games\red dead redemption 2\rdr2.exe" = protocol=17 | dir=in | app=g:\program files\rockstar games\red dead redemption 2\rdr2.exe |
"UDP Query User{3B8323FA-69CD-4EE7-8D1C-962EDD08C87E}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe" = protocol=17 | dir=in | app=g:\program files (x86)\the sims 4\game\bin\ts4_x64.exe |
"UDP Query User{3FCD227C-6102-4281-AF42-8CAE65421532}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe" = protocol=17 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe |
"UDP Query User{45A82BE5-0D8A-4F77-A1A7-FD259C7392B2}G:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=g:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4AF40930-0DE9-441E-93A1-DDF69FDD44D7}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe" = protocol=17 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe |
"UDP Query User{6666A672-8D84-4AC9-B4E1-FB0ABA950E00}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe" = protocol=17 | dir=in | app=g:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe |
"UDP Query User{6D966027-33B3-464D-9857-3D40F1877D2C}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=h:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe |
"UDP Query User{88B41455-C7B7-4CE1-BC17-D9D8CEF77A8F}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=h:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe |
"UDP Query User{94E85D38-CF7A-431C-A846-71475413A649}C:\program files (x86)\tautulli\tautulli.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tautulli\tautulli.exe |
"UDP Query User{A08F555D-810C-4C70-BE2C-8909612E1DBB}H:\programme\rockstar games\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=h:\programme\rockstar games\grand theft auto v\gta5.exe |
"UDP Query User{A49FFB1E-EE35-4232-A6DB-8145D49ABAB3}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe" = protocol=17 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe |
"UDP Query User{BE74110F-2F42-4B2A-9457-39F695E4E51D}G:\program files\epic games\totalwarsagatroy\troy.exe" = protocol=17 | dir=in | app=g:\program files\epic games\totalwarsagatroy\troy.exe |
"UDP Query User{C88135CA-F1E0-4687-802E-BB3F76F8D211}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe" = protocol=17 | dir=in | app=g:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe |
"UDP Query User{DC2926A0-F60F-4B0E-851F-5F2782E74326}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe" = protocol=17 | dir=in | app=c:\users\ilias\appdata\local\gamecenter\gamecenter.exe |
"UDP Query User{E50D1F95-3391-4B8D-AF5A-CE0EF2D76C22}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe" = protocol=17 | dir=in | app=g:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe |
"UDP Query User{E56AFF91-3832-4A59-97F1-585242CE710C}H:\programme\uplay\games\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=h:\programme\uplay\games\far cry 3\bin\farcry3.exe |
"UDP Query User{F33D234D-9ABB-434E-ACAB-B36E95094B76}G:\program files (x86)\samsung dex\samsungdex.exe" = protocol=17 | dir=in | app=g:\program files (x86)\samsung dex\samsungdex.exe |
"UDP Query User{FEE53804-1CD7-4EA2-AFC6-846750D3EC76}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe" = protocol=17 | dir=in | app=g:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886A906-0625-4A43-930D-AA92F6665AF4}" = Patriot Viper M2 SSD RGB
"{18E72D39-392C-419D-9B86-C4C633B4CED9}" = Windows Subsystem for Linux Update
"{1A0D1F90-8D1F-4922-8546-D1F84501C46A}" = VNC Viewer 6.20.529
"{1B4EDD59-90CE-4BDE-8520-630981088165}" = Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F64180261F0}" = Java 8 Update 261 (64-bit)
"{2B5DAA91-E0C9-4307-90B7-5688E910C894}" = VMware Workstation
"{2D790347-9563-49DA-AAAD-A5D26B69C993}" = LibreOffice 7.0.2.2
"{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}" = ENE_EHD_M2_HAL
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{37BB1766-C587-49AE-B2DB-618FBDEAB88C}" = Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A9B7FBF-A3F4-4F69-8398-83E03F5EE94A}" = LibreOffice 6.4 Help Pack (German)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DA1B230-D82E-4A24-9237-363E2E1E2695}" = ENE RGB HAL
"{90160000-007E-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-008C-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0407-1000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{967E7483-38D0-40E3-A44C-BAC69E0DC853}" = Intel(R) Network Connections 23.5.0.0
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 460.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.20.5.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 38.0.5.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.19.0218
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 38.0.5.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk" = NVIDIA FrameView SDK 1.1.4923.29214634
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.38.40
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub" = NVIDIA ABHub
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor" = NVAPI Monitor plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver" = NvModuleTracker
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.20.5.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 4.13.0.0
"{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}" = ENE_DRAM_RGB_AURA42
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{CF703694-01C6-4062-B797-84DB215662BC}" = ENE_EHD_SSS_HAL
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{EACF146B-01D2-4185-B773-9604A0E5902A}" = HP Officejet J4500 Series 14.0 Rel. 6
"{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}" = Epic Games Launcher Prerequisites (x64)
"{FEE3E3CD-2A6C-464E-8424-DE7512D4A5D0}" = KeePassXC
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AMD Catalyst Install Manager" = AMD Software
"AVG TuneUp" = AVG TuneUp
"CCleaner" = CCleaner
"Cheat Engine_is1" = Cheat Engine 7.2
"CPUID ROG CPU-Z_is1" = CPUID ROG CPU-Z 1.92
"Gigabyte Speed" = Gigabyte Speed v10.21
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Mozilla Firefox 83.0 (x64 de)" = Mozilla Firefox 83.0 (x64 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"O365ProPlusRetail - de-de" = Microsoft 365 Apps for Enterprise - de-de
"OpenVPN" = OpenVPN 2.4.9-I601-Win10
"PROSetDX" = Intel(R) Network Connections 23.5.0.0
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 252950" = Rocket League
"Steam App 284160" = BeamNG.drive
"Steam App 289070" = Sid Meier's Civilization VI
"Steam App 381210" = Dead by Daylight
"TAP-Windows" = TAP-Windows 9.24.2
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.91 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0EA45DD4-A825-420C-AFED-C659EFE3B84F}" = Balanced
"{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}" = Python 3.8.3 Test Suite (32-bit)
"{0f770e99-3916-4b0c-8f9b-83822826bcbf}" = Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14A8B424-0141-4E46-A1E2-548DF8349BB7}" = Python 3.8.3 Utility Scripts (32-bit)
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}" = GigabyteFirmwareUpdateUtility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26B2CC8C-1492-437D-B27A-655AFB3647DE}" = Python 3.8.3 Standard Library (32-bit)
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}" = Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127
"{3250CB33-9B5C-42CF-A215-23E95EA5F75E}" = J4500
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3994d355-238a-4612-af93-26d13deddef1}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1" = Win32DiskImager version 1.0.0
"{406A47EE-C4AE-4944-BADE-1B543A443873}" = Python Launcher
"{40c376bf-c3a0-439b-8353-f69a3bac10d6}" = Plex Media Server
"{43a03b9c-4770-409c-a999-587b60700b63}" = Launcher Prerequisites (x64)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ADFAA3D-1670-4161-A64A-83535B6D78C6}" = Python 3.8.3 pip Bootstrap (32-bit)
"{526B21BC-E7BE-4CC9-AF49-20F7F11B9113}" = ProtonVPNTap
"{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}" = Python 3.8.3 Tcl/Tk Support (32-bit)
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}" = Samsung DeX
"{5EFC6C07-6B87-43FC-9524-F9E967241741}" = Grand Theft Auto V
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}" = Game Boost
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7258BA11-600C-430E-A759-27E2C691A335}_is1" = GOG GALAXY
"{731F6BAA-A986-45A4-8936-7C3AAAAA760B}" = Teams Machine-Wide Installer
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7598e74a-915c-4911-918c-ca4b2c296122}" = AMD_Chipset_Drivers
"{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}" = EasyTune
"{7FDA2F0E-B522-48AD-8792-4BAAA4B5DA1C}" = 4500_Help
"{8064EF1E-3243-4307-A04F-BB64FF06A8DF}" = ProductContext
"{80EC3CEE-2940-42A1-A776-B5D810D39F1E}" = AMD PCI Driver
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 9.2.2
"{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}" = OEM Application Profile
"{8DE31A48-E744-4526-AE09-B9A4002CE770}" = Plex Media Server
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{9237DDE8-1DF1-4FA7-AAF9-95458ABC26E0}" = BPDSoftware
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94530A73-5D44-431B-B1F0-FEBA96C90390}" = Stopping Plex
"{964575C3-5820-4642-A89A-754255B5EFE1}" = EasyTuneEngineService
"{988F14B8-79A8-475D-BAC7-83F96AD3D821}" = AMD PSP Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}" = ENE_EHD_SSS_HAL
"{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}" = AMD Ryzen Balanced Driver
"{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}" = Epic Games Launcher
"{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}" = SIV
"{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}" = AMD SBxxx SMBus Driver Alpha
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-0804-1033-1959-001824406920}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Deutsch
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}" = Promontory_GPIO Driver
"{BAF129CE-5C13-4383-9807-A44055644E08}" = Python 3.8.3 Documentation (32-bit)
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}" = ENE RGB HAL
"{bc458b5f-1945-4287-8fae-353650fd3109}" = Samsung DeX
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{c6c5a357-c7ca-4a5f-9789-3bb1af579253}" = Launcher Prerequisites (x64)
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D0512FFD-6194-4D2E-967E-25B82A3322FF}" = ENE IO Driver
"{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}" = Python 3.8.3 Executables (32-bit)
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3A7FDC5-BA4E-44FC-8822-800226B81C71}" = Python 3.8.3 Core Interpreter (32-bit)
"{d491dd9d-2eda-4d75-b504-1a201436e7fd}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}" = APP Center
"{d8516682-de60-4332-ad6f-49373754b677}" = ENE_EHD_M2_HAL
"{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}" = GService
"{E105BB34-826A-4DF7-8F35-07DDEE1E47A0}" = BPDSoftware_Ini
"{e31cb1a4-76b5-46a5-a084-3fa419e82201}" = Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127
"{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}" = AMD GPIO2 Driver
"{EA35D9DB-86A9-4705-9D15-7FE33E261450}" = Python 3.8.3 Development Libraries (32-bit)
"{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}" = Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127
"{ebb7013c-0b03-497c-bed1-1e48e806a593}" = Patriot Viper M2 SSD RGB
"{EC7FE03D-239A-4E36-9907-0E327922D2A2}" = bpd_scan
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek Audio Driver
"{F2074AC4-1897-470C-A160-EF5C74F76763}_is1" = Password Tech Version 3.1.0
"{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}" = ENE_DRAM_RGB_AURA42
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6678473-0198-46D0-A88F-2A247E6FA03C}" = Minecraft Launcher
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FD5DFEEE-C563-4D04-B3F4-E5C7D5F5B1E9}" = ProtonVPN
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}" = RGB Fusion
"Advanced SystemCare_is1" = Advanced SystemCare
"AMD_Chipset_IODrivers" = AMD Chipset Software
"AORUS ENGINE_is1" = AORUS ENGINE
"Audacity_is1" = Audacity 2.4.2
"AVG Antivirus" = AVG AntiVirus FREE
"Detroit: Become Human_is1" = Detroit: Become Human
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}" = GigabyteFirmwareUpdateUtility
"InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}" = Game Boost
"InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}" = EasyTune
"InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}" = EasyTuneEngineService
"InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}" = SIV
"InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}" = APP Center
"Internet Download Manager" = Internet Download Manager
"IObitUninstall" = IObit Uninstaller 9
"LEGO DC Super-Villains_is1" = LEGO DC Super-Villains
"Mafia: Definitive Edition_is1" = Mafia: Definitive Edition
"Marvel's Avengers_is1" = Marvel's Avengers
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"Notepad++" = Notepad++ (32-bit x86)
"NpcapInst" = Npcap
"ProtonVPN 1.17.6" = ProtonVPN
"PunkBusterSvc" = PunkBuster Services
"Razer Cortex_is1" = Razer Cortex
"Red Dead Redemption 2" = Red Dead Redemption 2
"Rockstar Games Launcher" = Rockstar Games Launcher
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam" = Steam
"TeamViewer" = TeamViewer
"The Sims 4_is1" = The Sims 4
"Uplay" = Ubisoft Connect
"Uplay Install 1651" = Assassin's Creed Chronicles China
"Uplay Install 1875" = Assassin's Creed Syndicate
"Uplay Install 2010" = Far Cry Primal
"Uplay Install 2688" = WATCH_DOGS2
"Uplay Install 273" = Assassin's Creed IV Black Flag
"Uplay Install 274" = Watch_Dogs
"Uplay Install 3353" = Watch Dogs Legion
"Uplay Install 3539" = Assassin's Creed Origins
"Uplay Install 46" = Far Cry 3
"Uplay Install 5059" = Assassin's Creed Odyssey
"Uplay Install 54" = Assassin's Creed III
"Uplay Install 568" = Tom Clancy's The Division
"Uplay Install 625" = Assassin's Creed Liberation HD
"Uplay Install 895" = Assassin's Creed Rogue
"Wireshark" = Wireshark 3.4.0 64-bit
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6f6f2a2d-6475-4359-bc65-b2cf464bd085}" = Python 3.8.3 (32-bit)
"{F2074AC4-1897-470C-A160-EF5C74F76763}_is1" = Password Tech Version 3.2.0 (Aktueller Benutzer, 64 Bit)
"2a4703e6-0b98-56dd-80dd-5248bb27b192" = HuBBa 1.3.90
"Allods Online DE (DE)" = Allods Online DE
"DG0-DC Universe Online Live" = DC Universe Online Live
"Discord" = Discord
"GameCenter" = MY.GAMES GameCenter
"OneDriveSetup.exe" = Microsoft OneDrive
"Raspberry Pi Imager" = Raspberry Pi Imager
"Tautulli" = Tautulli
"Teams" = Microsoft Teams
"WeMod" = WeMod
"WhatsApp" = WhatsApp
"ZoomUMX" = Zoom
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.08.2020 16:39:47 | Computer Name = X | Source = VSS | ID = 13
Description =
Error - 16.08.2020 16:39:47 | Computer Name = X | Source = VSS | ID = 8193
Description =
Error - 16.08.2020 23:56:10 | Computer Name = X | Source = Microsoft-Windows-User Profiles Service | ID = 1552
Description = Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre).
Prozessname: C:\Program Files\AVG\Antivirus\AVGSvc.exe, PID: 4296, ProfSvc PID:
1512.
Error - 16.08.2020 23:56:10 | Computer Name = X | Source = Microsoft-Windows-User Profiles Service | ID = 1552
Description = Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre).
Prozessname: C:\Program Files\AVG\Antivirus\AVGSvc.exe, PID: 4296, ProfSvc PID:
1512.
Error - 16.08.2020 23:56:10 | Computer Name = X | Source = Microsoft-Windows-User Profiles Service | ID = 1552
Description = Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre).
Prozessname: C:\Program Files\AVG\Antivirus\AVGSvc.exe, PID: 4296, ProfSvc PID:
1512.
Error - 16.08.2020 23:56:32 | Computer Name = X | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_d6c3f1519bae0514\MFC80U.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 17.08.2020 00:57:54 | Computer Name = X | Source = .NET Runtime | ID = 1026
Description =
Error - 17.08.2020 10:32:11 | Computer Name = X | Source = Microsoft-Windows-User Profiles Service | ID = 1552
Description = Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre).
Prozessname: C:\Program Files\AVG\Antivirus\AVGSvc.exe, PID: 3512, ProfSvc PID:
1688.
Error - 17.08.2020 10:32:36 | Computer Name = X | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_d6c3f1519bae0514\MFC80U.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 17.08.2020 14:15:46 | Computer Name = X | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_d6c3f1519bae0514\MFC80U.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 10.10.2020 15:02:35 | Computer Name = X | Source = DCOM | ID = 10005
Description =
Error - 10.10.2020 15:41:03 | Computer Name = X | Source = DCOM | ID = 10010
Description =
Error - 11.10.2020 05:14:04 | Computer Name = X | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.23 registriert werden. Der Computer mit IP-Adresse 192.168.178.20
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 11.10.2020 08:38:45 | Computer Name = X | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.23 registriert werden. Der Computer mit IP-Adresse 192.168.178.20
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 11.10.2020 15:12:38 | Computer Name = X | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
der Anfangsadressen verweigerte.
Error - 11.10.2020 15:31:37 | Computer Name = X | Source = DCOM | ID = 10005
Description =
Error - 12.10.2020 12:06:34 | Computer Name = X | Source = DCOM | ID = 10005
Description =
Error - 13.10.2020 08:00:50 | Computer Name = X | Source = DCOM | ID = 10005
Description =
Error - 13.10.2020 19:54:39 | Computer Name = X | Source = DCOM | ID = 10005
Description =
Error - 14.10.2020 13:15:21 | Computer Name = X | Source = Service Control Manager | ID = 7043
Description = Der Dienst AVG Antivirus konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
< End of report >
[/CODE] |
|
11.12.2020, 18:13
| #3 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen OTL.txt
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.12.2020 17:26:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = H:\Downloads\Programs 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.19041.0) Locale: 00000407 | Country: | Language: DEU | Date Format: dd.MM.yyyy 15,95 Gb Total Physical Memory | 8,96 Gb Available Physical Memory | 56,16% Memory free 25,95 Gb Paging File | 16,04 Gb Available in Paging File | 61,83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 231,56 Gb Total Space | 124,38 Gb Free Space | 53,71% Space Free | Partition Type: NTFS Drive G: | 1863,01 Gb Total Space | 66,30 Gb Free Space | 3,56% Space Free | Partition Type: NTFS Drive H: | 931,51 Gb Total Space | 14,59 Gb Free Space | 1,57% Space Free | Partition Type: NTFS Computer Name: X | User Name: Y | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day ========== Processes (SafeList) ========== PRC - File not found PRC - H:\Downloads\Programs\OTL.exe (OldTimer Tools) PRC - H:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com) PRC - H:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe (GOG.com) PRC - H:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe (GOG.com) PRC - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (GOG.com) PRC - H:\Program Files (x86)\GOG Galaxy\python\python.exe (Python Software Foundation) PRC - H:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe () PRC - H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (Plex, Inc.) PRC - H:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation) PRC - H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.) PRC - G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) PRC - G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) PRC - G:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH) PRC - G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe (GIGABYTE Technology Co.,Ltd.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\PubPlatform.exe (IObit) PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js) PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation) PRC - G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.) PRC - G:\Program Files (x86)\PDF24\pdf24.exe (geek software GmbH) PRC - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Razer Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe () PRC - C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) PRC - C:\Programme\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) PRC - C:\Programme\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (DEVGURU Co., LTD.) PRC - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer Inc) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) PRC - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (IObit) PRC - G:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (IObit) PRC - C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe () PRC - H:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) PRC - C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) PRC - C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (Microsoft) PRC - C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\yarl\_quoting.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\multidict\_multidict.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_parser.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_frozenlist.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_helpers.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_writer.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_websocket.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\etree.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\pyext\_message.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\html\clean.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\_elementpath.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\yarl\_quoting_c.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\multidict\_multidict.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\internal\_api_implementation.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\websockets\speedups.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_parser.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_frozenlist.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_helpers.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_writer.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_websocket.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\_yaml.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_parser.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\yarl\_quoting_c.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\psutil\_psutil_windows.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_frozenlist.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_helpers.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_writer.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_websocket.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\multidict\_multidict.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\yarl\_quoting_c.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\multidict\_multidict.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_parser.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_frozenlist.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_helpers.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_writer.cp37-win32.pyd () MOD - C:\Users\Y\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_websocket.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\libcef.dll () MOD - H:\Program Files (x86)\GOG Galaxy\libGLESv2.dll () MOD - H:\Program Files (x86)\GOG Galaxy\swiftshader\libGLESv2.dll () MOD - H:\Program Files (x86)\GOG Galaxy\sqlite.dll () MOD - H:\Program Files (x86)\GOG Galaxy\pcre.dll () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_parser.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_parser.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\expat.dll () MOD - H:\Program Files (x86)\GOG Galaxy\xdelta3.dll () MOD - H:\Program Files (x86)\GOG Galaxy\swiftshader\libEGL.dll () MOD - H:\Program Files (x86)\GOG Galaxy\libEGL.dll () MOD - H:\Program Files (x86)\GOG Galaxy\zlib.dll () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\yarl\_quoting.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\yarl\_quoting.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_frozenlist.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\psutil\_psutil_windows.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_helpers.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_frozenlist.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_writer.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_helpers.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_websocket.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\multidict\_multidict.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\multidict\_multidict.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_writer.cp37-win32.pyd () MOD - H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_websocket.cp37-win32.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\bz2.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd () MOD - H:\Program Files (x86)\Plex\Plex Media Server\sqlite3_plex.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\tag.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\TeVii.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc310.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\opencv_core310.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\pion.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\soci_core.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\miniupnpc.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\hdhomerun.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_thread.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\fmt.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_timer.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_regex.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_locale.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_iostreams.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_filesystem.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_date_time.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\boost_chrono.dll () MOD - H:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mpeg4_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mp3_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\libx264_encoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\hevc_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\h264_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\flv_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\dca_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\aac_decoder.dll () MOD - \\?\C:\Users\Y\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\ac3_encoder.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\23e9ba92b02663afc33f1a7e4f49545b\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\1fe1464b2cb159c9fbe49db59596be77\UIAutomationProvider.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\21c3dfc5500d46cdaca3c8fd49129f5e\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c53a93e360cdec5a6b2422401e7a8c32\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\12a0b8a4c9e37033f96c2892b3b19eac\UIAutomationTypes.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c0e32ab5785c5df139bab7755ccf80a0\System.Xml.Linq.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\09314f84b0a7bec5fc70f721fa5b05b9\System.Xaml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\1cc2deb740912c523a0155a5b0c5c7f6\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d15ddac8ada82d7c24bc4c5adc861335\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\a81d76da54869a9af6dbcaac7e168224\PresentationFramework.Aero2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\71b50bc60de4b8c052e9a5b1a7b79af2\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\00359ca24f0d0c417315ea525a3f0bd8\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2f1746ab1f00e550090146d74890c4ce\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\292491532cd5f50586e378cc6f62f970\System.Drawing.ni.dll () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node () MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node () MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\0a22e17ee5c73cdab64fc5e3f8ed7e56\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\48fbd098873eae92cf4bda5b7cf7a6ba\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\a94f452eecde0f07e988ad14497426a5\System.ni.dll () MOD - C:\Windows\SysWOW64\umpdc.dll () MOD - C:\Windows\SysWOW64\WindowManagementAPI.dll () MOD - C:\Windows\SysWOW64\TextShaping.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\1c960778124fb2c275142764edfbee19\mscorlib.ni.dll () MOD - C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe () MOD - C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe () MOD - C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll () MOD - G:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl () MOD - G:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl () MOD - G:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl () MOD - C:\Programme\Patriot\Aac_Patriot Viper M2 SSD RGB\AacHal_x86.dll () MOD - C:\Programme\Patriot\Aac_Patriot Viper M2 SSD RGB\pcie_dll_x86.dll () MOD - C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll () MOD - G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll () MOD - G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll () ========== Services (SafeList) ========== SRV:64bit: - (nvagent) -- C:\Windows\SysNative\NvAgent.dll (Microsoft Corporation) SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) SRV:64bit: - (AVG Tools) -- C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (AVG Technologies CZ, s.r.o.) SRV:64bit: - (AVG Antivirus) -- C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) SRV:64bit: - (AvgWscReporter) -- C:\Program Files\AVG\Antivirus\wsc_proxy.exe (AVG Technologies CZ, s.r.o.) SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:64bit: - (hns) -- C:\Windows\SysNative\HostNetSvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usosvc.dll (Microsoft Corporation) SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (WebManagement) -- C:\Windows\SysNative\WebManagement.exe (Microsoft Corporation) SRV:64bit: - (vmcompute) -- C:\Windows\SysNative\vmcompute.exe (Microsoft Corporation) SRV:64bit: - (LxssManagerUser) -- C:\Windows\SysNative\lxss\LxssManager.dll (Microsoft Corporation) SRV:64bit: - (LxssManager) -- C:\Windows\SysNative\lxss\LxssManager.dll (Microsoft Corporation) SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation) SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:64bit: - (AarSvc) -- C:\Windows\SysNative\AarSvc.dll (Microsoft Corporation) SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation) SRV:64bit: - (DispBrokerDesktopSvc) -- C:\Windows\SysNative\DispBroker.Desktop.dll (Microsoft Corporation) SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation) SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UserDataSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UnistoreSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UdkUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (OneSyncSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (MessagingService_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (LxssManagerUser_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicesFlowUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CDPUserSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (cbdhsvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CaptureService_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BluetoothUserService_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (AarSvc_e5bc6) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation) SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation) SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation) SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc_e5bc6) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (CredentialEnrollmentManagerUserSvc) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation) SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation) SRV:64bit: - (SshdBroker) -- C:\Windows\SysNative\SshdBroker.dll (Microsoft Corporation) SRV:64bit: - (AssignedAccessManagerSvc) -- C:\Windows\SysNative\assignedaccessmanagersvc.dll (Microsoft Corporation) SRV:64bit: - (UevAgentService) -- C:\Windows\SysNative\AgentService.exe (Microsoft Corporation) SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (UdkUserSvc) -- C:\Windows\SysNative\windowsudk.shellcommon.dll (Microsoft Corporation) SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation) SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation) SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation) SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation) SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation) SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation) SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation) SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (ss_conn_launcher_service) -- C:\Windows\SysNative\Samsung\EasySetup\ss_conn_launcher.exe (Samsung Electronics Co., Ltd.) SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation) SRV:64bit: - (AppVClient) -- C:\Windows\SysNative\AppVClient.exe (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation) SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation) SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation) SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation) SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationBrokerSvc) -- C:\Windows\SysNative\deviceaccess.dll (Microsoft Corporation) SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation) SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation) SRV:64bit: - (TroubleshootingSvc) -- C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation) SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation) SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation) SRV:64bit: - (RtkAudioUniversalService) -- C:\Windows\SysNative\RtkAudUService64.exe (Realtek Semiconductor) SRV:64bit: - (MixedRealityOpenXRSvc) -- C:\Windows\SysNative\MixedRealityRuntime.dll (Microsoft Corporation) SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation) SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation) SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:64bit: - (autotimesvc) -- C:\Windows\SysNative\autotimesvc.dll (Microsoft Corporation) SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation) SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation) SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation) SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation) SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation) SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation) SRV:64bit: - (debugregsvc) -- C:\Windows\SysNative\debugregsvc.dll (Microsoft Corporation) SRV:64bit: - (DeveloperToolsService) -- C:\Windows\SysNative\DeveloperToolsSvc.exe (Microsoft Corporation) SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe () SRV:64bit: - (sshd) -- C:\Windows\SysNative\OpenSSH\sshd.exe () SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation) SRV - (GalaxyClientService) -- H:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe (GOG.com) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MicrosoftEdgeElevationService) -- C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.57\elevation_service.exe (Microsoft Corporation) SRV - (NVDisplay.ContainerLocalSystem) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) SRV - (GalaxyCommunication) -- C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (GOG.com) SRV - (GoogleChromeElevationService) -- C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe (Google LLC) SRV - (CleanupPSvc) -- C:\Programme\AVG\TuneUp\TuneupSvc.exe (AVG Technologies CZ, s.r.o.) SRV - (PlexUpdateService) -- H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (Plex, Inc.) SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe () SRV - (Rockstar Service) -- H:\Programme\Rockstar Games\Launcher\RockstarService.exe (Rockstar Games) SRV - (avgbIDSAgent) -- C:\Programme\AVG\Antivirus\aswidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TeamViewer) -- G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (ProtonVPN Service) -- H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe () SRV - (ProtonVPN Update Service) -- H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (AarSvc) -- C:\Windows\SysWOW64\AarSvc.dll (Microsoft Corporation) SRV - (edgeupdatem) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) SRV - (edgeupdate) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation) SRV - (FvSvc) -- C:\Programme\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe (NVIDIA) SRV - (NvContainerLocalSystem) -- C:\Programme\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation) SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation) SRV - (RzKLService) -- G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.) SRV - (PDF24) -- G:\Program Files (x86)\PDF24\pdf24.exe (geek software GmbH) SRV - (RzActionSvc) -- C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Razer Inc.) SRV - (EasyAntiCheat) -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Ltd) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (BTAGService) -- C:\Windows\SysWOW64\BTAGService.dll (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation) SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation) SRV - (EasyTuneEngineService) -- C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) SRV - (ss_conn_service) -- C:\Programme\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) SRV - (ss_conn_service2) -- C:\Programme\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (DEVGURU Co., LTD.) SRV - (Razer Game Manager Service) -- C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer Inc) SRV - (AdvancedSystemCareService13) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) SRV - (ucldr_battlegrounds_gl) -- C:\Programme\Common Files\Uncheater\ucldr_battlegrounds_gl.exe (Wellbia.com Co., Ltd.) SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.4-0\NisSrv.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.4-0\MsMpEng.exe (Microsoft Corporation) SRV - (IObitUnSvr) -- G:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe (IObit) SRV - (DeviceAssociationBrokerSvc) -- C:\Windows\SysWOW64\deviceaccess.dll (Microsoft Corporation) SRV - (OpenVPNServiceLegacy) -- C:\Programme\OpenVPN\bin\openvpnserv.exe (The OpenVPN Project) SRV - (OpenVPNServiceInteractive) -- C:\Programme\OpenVPN\bin\openvpnserv.exe (The OpenVPN Project) SRV - (HwmRecordService) -- C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) SRV - (MixedRealityOpenXRSvc) -- C:\Windows\SysWOW64\MixedRealityRuntime.dll (Microsoft Corporation) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (OcButtonService) -- C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) SRV - (VMwareHostd) -- G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv2.exe ( ) SRV - (Gservice) -- C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (Microsoft) SRV - (cFosSpeedS) -- C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH) SRV - (gadjservice) -- C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe () SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (ose64) -- c:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (passthruparser) -- C:\Windows\SysNative\drivers\passthruparser.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (pvhdparser) -- C:\Windows\SysNative\drivers\pvhdparser.sys (Microsoft Corporation) DRV:64bit: - (l2bridge) -- C:\Windows\SysNative\drivers\l2bridge.sys (Microsoft Corporation) DRV:64bit: - (vhdparser) -- C:\Windows\SysNative\drivers\vhdparser.sys (Microsoft Corporation) DRV:64bit: - (hvsocketcontrol) -- C:\Windows\SysNative\drivers\hvsocketcontrol.sys (Microsoft Corporation) DRV:64bit: - (hnswfpdriver) -- C:\Windows\SysNative\drivers\hnswfpdriver.sys (Microsoft Corporation) DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\nvlddmkm.sys (NVIDIA Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (avgVmm) -- C:\Windows\SysNative\drivers\avgVmm.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgNetHub) -- C:\Windows\SysNative\drivers\avgNetHub.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgSP) -- C:\Windows\SysNative\drivers\avgSP.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgbidsh) -- C:\Windows\SysNative\drivers\avgbidsh.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgStm) -- C:\Windows\SysNative\drivers\avgStm.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgMonFlt) -- C:\Windows\SysNative\drivers\avgMonFlt.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgRdr) -- C:\Windows\SysNative\drivers\avgRdr2.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgbuniv) -- C:\Windows\SysNative\drivers\avgbuniv.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgRvrt) -- C:\Windows\SysNative\drivers\avgRvrt.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgKbd) -- C:\Windows\SysNative\drivers\avgKbd.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgElam) -- C:\Windows\SysNative\drivers\avgElam.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgSnx) -- C:\Windows\SysNative\drivers\avgSnx.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgbidsdriver) -- C:\Windows\SysNative\drivers\avgbidsdriver.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgArPot) -- C:\Windows\SysNative\drivers\avgArPot.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgArDisk) -- C:\Windows\SysNative\drivers\avgArDisk.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (VMSVSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation) DRV:64bit: - (VMSVSF) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation) DRV:64bit: - (VMSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation) DRV:64bit: - (vmsmp) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation) DRV:64bit: - (VmsProxy) -- C:\Windows\SysNative\drivers\VmsProxy.sys (Microsoft Corporation) DRV:64bit: - (VMSNPXYMP) -- C:\Windows\SysNative\drivers\VmsProxyHNic.sys (Microsoft Corporation) DRV:64bit: - (VMSNPXY) -- C:\Windows\SysNative\drivers\VmsProxyHNic.sys (Microsoft Corporation) DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation) DRV:64bit: - (VfpExt) -- C:\Windows\SysNative\drivers\vfpext.sys (Microsoft Corporation) DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation) DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:64bit: - (Telemetry) -- C:\Windows\SysNative\drivers\IntelTA.sys (Microsoft Corporation) DRV:64bit: - (npcap_wifi) -- C:\Windows\SysNative\drivers\npcap.sys (Insecure.Com LLC.) DRV:64bit: - (npcap) -- C:\Windows\SysNative\drivers\npcap.sys (Insecure.Com LLC.) DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation) DRV:64bit: - (MsQuic) -- C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation) DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation) DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation) DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation) DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation) DRV:64bit: - (MsSecFlt) -- C:\Windows\SysNative\drivers\mssecflt.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (ss_conn_usb_driver2) -- C:\Windows\SysNative\drivers\ss_conn_usb_driver2.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (e1rexpress) -- C:\Windows\SysNative\drivers\e1r68x64.sys (Intel Corporation) DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation) DRV:64bit: - (P9Rdr) -- C:\Windows\SysNative\drivers\p9rdr.sys (Microsoft Corporation) DRV:64bit: - (lxss) -- C:\Windows\SysNative\drivers\lxss.sys (Microsoft Corporation) DRV:64bit: - (inpoutx64) -- C:\Windows\SysNative\drivers\inpoutx64.sys (Highresolution Enterprises [www.highrez.co.uk]) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (EneTechIo) -- C:\Windows\SysNative\drivers\ene.sys () DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (AMDPCIDev) -- C:\Windows\SysNative\drivers\AMDPCIDev.sys (Advanced Micro Devices) DRV:64bit: - (tapprotonvpn) -- C:\Windows\SysNative\drivers\tapprotonvpn.sys (The OpenVPN Project) DRV:64bit: - (amdpsp) -- C:\Windows\SysNative\drivers\amdpsp.sys (Advanced Micro Devices, Inc. ) DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc) DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation) DRV:64bit: - (amdgpio3) -- C:\Windows\SysNative\drivers\amdgpio3.sys (Advanced Micro Devices, Inc) DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation) DRV:64bit: - (NvModuleTracker) -- C:\Windows\SysNative\drivers\NvModuleTracker.sys (NVIDIA Corporation) DRV:64bit: - (smbdirect) -- C:\Windows\SysNative\drivers\smbdirect.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (UevAgentDriver) -- C:\Windows\SysNative\drivers\UevAgentDriver.sys (Microsoft Corporation) DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation) DRV:64bit: - (AppvVemgr) -- C:\Windows\SysNative\drivers\AppvVemgr.sys (Microsoft Corporation) DRV:64bit: - (AppvVfs) -- C:\Windows\SysNative\drivers\AppvVfs.sys (Microsoft Corporation) DRV:64bit: - (AppvStrm) -- C:\Windows\SysNative\drivers\AppVStrm.sys (Microsoft Corporation) DRV:64bit: - (NDKPing) -- C:\Windows\SysNative\drivers\NDKPing.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (spaceparser) -- C:\Windows\SysNative\drivers\spaceparser.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation) DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation) DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation) DRV:64bit: - (portcfg) -- C:\Windows\SysNative\drivers\portcfg.sys (Microsoft Corporation) DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation) DRV:64bit: - (CimFS) -- C:\WINDOWS\SysNative\drivers\cimfs.sys () DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (Acx01000) -- C:\Windows\SysNative\drivers\Acx01000.sys (Microsoft Corporation) DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation) DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation) DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:64bit: - (VirtualRender) -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation) DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation) DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation) DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation) DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation) DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation) DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation) DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation) DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation) DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation) DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation) DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (MediaTek Inc.) DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation) DRV:64bit: - (xusb22) -- C:\Windows\SysNative\drivers\xusb22.sys (Microsoft Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation) DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation) DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation) DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation) DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation) DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc) DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation) DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (vmkbd3) -- C:\Windows\SysNative\drivers\vmkbd.sys (VMware, Inc.) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vsock) -- C:\Windows\SysNative\drivers\vsock.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (NAL) -- C:\Windows\SysNative\drivers\iqvw64e.sys (Intel Corporation ) DRV:64bit: - (AmdTools64) -- C:\Windows\SysNative\drivers\AmdTools64.sys (Advanced Micro Devices) DRV:64bit: - (SteamStreamingMicrophone) -- C:\Windows\SysNative\drivers\SteamStreamingMicrophone.sys () DRV:64bit: - (SteamStreamingSpeakers) -- C:\Windows\SysNative\drivers\SteamStreamingSpeakers.sys () DRV:64bit: - (cFosSpeed) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV - (cpuz145) -- C:\Windows\Temp\cpuz145\cpuz145_x64.sys (CPUID) DRV - (BEDaisy) -- C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys () DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\nvlddmkm.sys (NVIDIA Corporation) DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation) DRV - (ProtonVPNSplitTunnel) -- H:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys (Proton Technologies AG) DRV - (xhunter1) -- C:\Windows\xhunter1.sys (Wellbia.com Co., Ltd.) DRV - (gdrv) -- C:\Windows\gdrv.sys (GIGA-BYTE TECHNOLOGY CO., LTD.) DRV - (gdrv2) -- C:\Windows\gdrv2.sys (GIGA-BYTE TECHNOLOGY CO., LTD.) DRV - (IURegistryFilter) -- G:\Program Files (x86)\IObit\IObit Uninstaller\Drivers\win10_amd64\IURegistryFilter.sys (IObit) DRV - (IUFileFilter) -- G:\Program Files (x86)\IObit\IObit Uninstaller\Drivers\win10_amd64\IUFileFilter.sys (IObit) DRV - (IUProcessFilter) -- G:\Program Files (x86)\IObit\IObit Uninstaller\Drivers\win10_amd64\IUProcessFilter.sys (IObit) DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation) DRV - (VirtualRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation) DRV - (UfxChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation) DRV - (UrsChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation) DRV - (UrsSynopsys) -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation) DRV - (genericusbfn) -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation) DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation) DRV - (umbus) -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation) DRV - (UEFI) -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation) DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation) DRV - (AscRegistryFilter) -- C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys (IObit) DRV - (AscFileFilter) -- C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys (IObit) DRV - (AMDRyzenMasterDriver) -- C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\AMD\Ryzen\AMDRyzenMasterDriver.sys (Advanced Micro Devices) DRV - (iobit_monitor_server) -- C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys (IObit) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 87 B0 87 F8 07 36 D6 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 49 00 00 00 F0 A4 1E F7 9B 1B 1E 5D 99 E0 53 22 62 59 BA FF DD 33 A0 27 D4 13 5D 81 E0 E7 EA 0E 76 AE 31 B7 D1 87 FF BB EB EE 9B C1 9B EB 1D 16 89 69 1B DE C5 A4 CD 0C E9 A2 E8 C2 03 67 DF AC E7 60 19 7B E4 8E 7F 21 73 B5 90 0D AA 02 00 00 00 0E 00 00 00 48 73 37 56 45 77 35 6B 49 46 67 25 33 64 [Binary data over 200 bytes] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.261.2: C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.261.2: C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11: G:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 83.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 83.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc3@internetdownloadmanager.com: H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020.04.29 22:19:06 | 000,087,398 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 83.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 83.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Y\AppData\Roaming\IDM\idmmzcc5 [2020.05.29 20:06:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017.12.20 15:58:30 | 000,030,386 | ---- | M] () [2020.05.29 19:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Extensions [2020.05.29 19:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\SystemExtensionsDev [2020.05.30 10:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\j0np2f1s.default\extensions [2020.12.04 16:09:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\extensions [2020.05.29 20:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++1a36b675-46c3-4c8c-a033-9b0a8ba9626c^userContextId=4294967295 [2020.12.11 17:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++1a36b675-46c3-4c8c-a033-9b0a8ba9626c^userContextId=4294967295\idb [2020.05.29 20:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++2a40d587-32fb-4799-b455-f605c2cce222^userContextId=4294967295 [2020.12.11 17:20:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++2a40d587-32fb-4799-b455-f605c2cce222^userContextId=4294967295\idb [2020.05.29 19:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++56b4dcfc-861d-4131-b203-e399579bbf6e^userContextId=4294967295 [2020.12.11 13:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++56b4dcfc-861d-4131-b203-e399579bbf6e^userContextId=4294967295\idb [2020.05.29 20:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++68f3b5cd-d65f-4ea4-b6c9-f9269d7062e3 [2020.12.11 17:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++68f3b5cd-d65f-4ea4-b6c9-f9269d7062e3\idb [2020.05.29 20:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++68f3b5cd-d65f-4ea4-b6c9-f9269d7062e3^userContextId=4294967295 [2020.12.11 17:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++68f3b5cd-d65f-4ea4-b6c9-f9269d7062e3^userContextId=4294967295\idb [2020.05.29 20:02:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++70016862-8675-44cf-ac3b-80e1c7dd283f^userContextId=4294967295 [2020.12.11 17:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++70016862-8675-44cf-ac3b-80e1c7dd283f^userContextId=4294967295\idb [2020.05.29 20:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++a54443e8-d7bd-4f74-92e0-9afad78115e5^userContextId=4294967295 [2020.12.11 17:20:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++a54443e8-d7bd-4f74-92e0-9afad78115e5^userContextId=4294967295\idb [2020.05.29 20:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++d00b2b24-a4ba-4bb3-9101-3dd77df5c597^userContextId=4294967295 [2020.12.11 17:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++d00b2b24-a4ba-4bb3-9101-3dd77df5c597^userContextId=4294967295\idb [2020.05.29 20:02:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++d1bc35a3-51fb-4c31-81a2-9ffb7a7f7d16^userContextId=4294967295 [2020.12.11 17:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++d1bc35a3-51fb-4c31-81a2-9ffb7a7f7d16^userContextId=4294967295\idb [2020.05.29 20:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++efaf5c90-0ee1-402a-bc1d-a7eb27ee4961^userContextId=4294967295 [2020.12.11 17:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\Firefox\Profiles\ue9r639e.default-release\storage\default\moz-extension+++efaf5c90-0ee1-402a-bc1d-a7eb27ee4961^userContextId=4294967295\idb [2020.05.29 20:02:36 | 007,483,728 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\@porn-blocker.xpi [2020.10.01 19:33:39 | 000,181,325 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\@testpilot-containers.xpi [2020.11.17 17:50:55 | 001,745,655 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\https-everywhere@eff.org.xpi [2020.05.29 20:02:37 | 000,217,770 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi [2020.11.05 19:13:36 | 006,857,292 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020.10.09 13:54:02 | 001,240,482 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020.11.08 11:36:43 | 000,674,795 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\keepassxc-browser@keepassxc.org.xpi [2020.11.14 17:03:06 | 000,090,013 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2020.11.20 09:33:55 | 002,801,972 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\uBlock0@raymondhill.net.xpi [2020.06.20 11:53:38 | 000,156,498 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\{6547f9b8-7695-4fc9-b57b-fb7aa9fec4c3}.xpi [2020.12.04 16:09:50 | 000,105,692 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\{9efc0280-b125-400e-b53d-2d09d7effab4}.xpi [2020.05.29 20:02:38 | 000,101,809 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\{b4eda7b1-2bbe-4961-b336-aaad77d87a47}.xpi [2020.05.29 20:02:34 | 000,183,197 | ---- | M] () (No name found) -- C:\Users\Y\AppData\Roaming\mozilla\firefox\profiles\ue9r639e.default-release\extensions\{ef8616e0-e2f1-471b-9c47-5d09149b6d2b}.xpi ========== Chrome ========== CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche\4.0.8.8_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm\1.31.2_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\5.1.0_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2020.11.17_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjljknijpnfibppaijefibndmiabonep\2019.117.1623.1_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji\1.6.0_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj\2.0.15_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.38.11_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia\0.2.1.3_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb\4.2.1_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjjgbgnpbedmhbdoikhknhflbfkecjm\6.2.8_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8720.1005.0.2_0\ CHR - Extension: No name found = C:\Users\Y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp\2020.12.10_0\ O1 HOSTS File: ([2020.06.06 12:01:26 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.navicat.com O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - G:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit) O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation) O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.8.0_261\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre1.8.0_261\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll (Microsoft Corporation) O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AVGUI.exe] C:\Program Files\AVG\Antivirus\AvLaunch.exe (AVG Technologies CZ, s.r.o.) O4:64bit: - HKLM..\Run: [Gigabyte Speed] C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH) O4:64bit: - HKLM..\Run: [RtkAudUService] C:\WINDOWS\SysNative\RtkAudUService64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [TuneupUI.exe] C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [PDFPrint] G:\Program Files (x86)\PDF24\pdf24.exe (geek software GmbH) O4 - HKLM..\Run: [RazerCortex] G:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe (Razer Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [vmware-tray.exe] G:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKCU..\Run: [35C0DD69A13B47FAAE527F030D7053F7FAB3A98B._service_run] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Advanced SystemCare] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) O4 - HKCU..\Run: [CCleaner Smart Cleaning] G:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd) O4 - HKCU..\Run: [com.squirrel.Teams.Teams] C:\Users\Y\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) O4 - HKCU..\Run: [Discord] C:\Users\Y\AppData\Local\Discord\Update.exe --processStart Discord.exe File not found O4 - HKCU..\Run: [EpicGamesLauncher] G:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Epic Games, Inc.) O4 - HKCU..\Run: [GalaxyClient] File not found O4 - HKCU..\Run: [GogGalaxy] H:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com) O4 - HKCU..\Run: [IDMan] H:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [OneDrive] C:\Users\Y\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [Plex Media Server] H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.) O4 - HKCU..\Run: [Tautulli] C:\Program Files (x86)\Tautulli\Tautulli.exe () O4 - HKLM..\RunOnce: [DualBiosRescue] C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe () O4 - HKLM..\RunOnce: [PreRun] C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe () O4 - HKLM..\RunOnce: [SelLed] C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe () O4 - Startup: C:\Users\Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk = G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () O4 - Startup: C:\Users\Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dateien (RP-AC68U-D764) (Z) [2020.05.29 23:15:30 | 000,000,000 | R--D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O8:64bit: - Extra context menu item: Download aller Links mit IDM - H:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:64bit: - Extra context menu item: Download mit IDM - H:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Download aller Links mit IDM - H:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download mit IDM - H:\Program Files (x86)\Internet Download Manager\IEExt.htm () O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000015 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000016 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: sharepoint.com ([jgumainz-files] https in Trusted sites) O15 - HKCU\..Trusted Domains: sharepoint.com ([jgumainz-myfiles] https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{eb096168-f090-4110-b734-6b22861b7b13}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Authentication Packages - (SshdPinAuthLsa) - C:\WINDOWS\SysNative\SshdPinAuthLsa.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (SshdPinAuthLsa) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (icarus_rvrt.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 1 Day ========== [2020.12.11 17:18:56 | 000,340,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\avgBoot.exe [2020.12.11 13:19:47 | 000,000,000 | ---D | C] -- H:\Dokumente\iScreenKit [2020.12.11 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Y\AppData\Roaming\INNOTREND COMMERCE HK LIMITED [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 1 Day ========== [2020.12.11 17:25:35 | 001,731,070 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2020.12.11 17:25:35 | 000,746,436 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2020.12.11 17:25:35 | 000,704,120 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2020.12.11 17:25:35 | 000,151,384 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2020.12.11 17:25:35 | 000,134,488 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2020.12.11 17:20:40 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2020.12.11 17:18:38 | 2555,289,599 | -HS- | M] () -- C:\hiberfil.sys [2020.12.11 17:18:38 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2020.12.09 18:22:10 | 001,382,616 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe [2020.12.09 18:22:10 | 001,382,616 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe [2020.12.09 18:22:10 | 000,940,760 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll [2020.12.09 18:22:10 | 000,940,760 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll [2020.12.09 18:22:07 | 000,548,248 | ---- | C] () -- C:\WINDOWS\SysWow64\nvofapi.dll [2020.11.28 21:28:19 | 000,281,688 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2020.11.01 16:33:41 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll [2020.10.27 21:46:40 | 000,004,682 | ---- | C] () -- C:\Users\Y\AppData\Roaming\VoiceMeeterDefault.xml [2020.10.14 07:45:55 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll [2020.10.14 07:45:52 | 001,333,248 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll [2020.10.14 07:45:52 | 000,455,168 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll [2020.10.14 07:45:51 | 000,611,952 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll [2020.09.18 14:42:44 | 000,058,344 | ---- | C] () -- C:\WINDOWS\SysWow64\FvSDK_x86.dll [2020.09.11 00:34:02 | 000,101,688 | ---- | C] () -- C:\WINDOWS\SysWow64\HvsiManagementApi.dll [2020.09.06 12:41:46 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2020.07.12 18:33:49 | 000,007,597 | ---- | C] () -- C:\Users\Y\AppData\Local\Resmon.ResmonCfg [2020.07.04 08:55:00 | 000,000,001 | ---- | C] () -- C:\WINDOWS\vgkbootstatus.dat [2020.06.21 15:42:13 | 000,000,128 | ---- | C] () -- C:\Users\Y\AppData\Local\PUTTY.RND [2020.05.31 15:30:42 | 001,752,172 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2020.05.31 12:03:09 | 000,197,041 | ---- | C] () -- C:\WINDOWS\hpwins19.dat [2020.05.31 12:03:09 | 000,000,633 | ---- | C] () -- C:\WINDOWS\hpwmdl19.dat [2020.05.30 13:17:30 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2020.05.29 19:22:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2020.05.29 19:02:37 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2020.05.29 18:59:14 | 000,365,056 | ---- | C] () -- C:\WINDOWS\SysWow64\d3dconfig.exe [2019.12.07 10:15:00 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config [2019.12.07 10:15:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2019.12.07 10:14:59 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2019.12.07 10:10:05 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat [2019.12.07 10:10:05 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat [2019.12.07 10:10:02 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2019.12.07 10:09:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2019.12.07 10:09:22 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2019.12.07 10:09:18 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2019.12.07 10:09:17 | 003,595,776 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll [2019.12.07 10:09:17 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll [2019.12.07 10:09:17 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll [2019.12.07 10:09:17 | 000,060,416 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll [2019.12.07 10:09:17 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe [2019.12.07 10:09:13 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe [2019.12.07 10:09:11 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll [2019.12.07 10:09:11 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll [2019.12.07 10:09:11 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll [2019.12.07 10:09:11 | 000,040,448 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll [2019.12.07 10:09:11 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe [2019.12.07 10:09:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2019.12.07 10:08:58 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin ========== ZeroAccess Check ========== [2020.12.11 16:16:33 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-3136980708-3557880529-3186569697-1001\$RNXD4P1.X\AppData\Local\ConnectedDevicesPlatform\L.defaultuser100000 [2020.05.29 19:44:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2020.11.01 16:33:33 | 007,990,232 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2020.11.01 16:33:42 | 006,368,392 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2020.10.14 07:45:09 | 001,075,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2020.10.14 07:45:50 | 000,804,352 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019.12.07 10:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\Y\AppData\Local\Temp:$DATA < End of report > |
|
11.12.2020, 20:40
| #4 |
| /// Helfer-Team    | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Bitte postet uns keine HijackThis, OTL oder DDS Logdateien! Diese Tools sind bereits überholt und können uns keinen ausreichenden Überblick mehr geben. Wir bitten euch, folgendes durchzulesen und abzuarbeiten: Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Nur mit diesen Informationen können wir euch helfen.
__________________ LG Der Felix Keine Hilfe per PN und E-Mail |
|
11.12.2020, 22:20
| #5 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen FRST.txt Code:
ATTFilter
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 activate.navicat.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb096168-f090-4110-b734-6b22861b7b13}: [DhcpNameServer] 192.168.178.1
Edge:
======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-08]
Edge Extension: (IDM Integration Module) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-11-07]
Edge HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
FireFox:
========
FF DefaultProfile: j0np2f1s.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default [2020-12-11]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default\user.js [2020-09-20]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release [2020-12-11]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\user.js [2020-09-20]
FF Session Restore: Mozilla\Firefox\Profiles\ue9r639e.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\ue9r639e.default-release -> hxxps://dekom.uc.de
FF Extension: (Anti-Porno) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@porn-blocker.xpi [2020-05-29]
FF Extension: (Firefox Multi-Account Containers) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@testpilot-containers.xpi [2020-10-01]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-17]
FF Extension: (Terms of Service; Didn’t Read) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi [2020-05-29]
FF Extension: (Decentraleyes) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-05]
FF Extension: (Privacy Badger) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-10-09]
FF Extension: (KeePassXC-Browser) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2020-11-08]
FF Extension: (IDM Integration Module) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2020-11-14]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (WatchDogs) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{6547f9b8-7695-4fc9-b57b-fb7aa9fec4c3}.xpi [2020-06-20]
FF Extension: (Mitaka) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{9efc0280-b125-400e-b53d-2d09d7effab4}.xpi [2020-12-04]
FF Extension: (adultblacklist) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{b4eda7b1-2bbe-4961-b336-aaad77d87a47}.xpi [2020-05-29]
FF Extension: (Avengers: Infinity War 3) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{ef8616e0-e2f1-471b-9c47-5d09149b6d2b}.xpi [2020-05-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-04-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\*****\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\*****\AppData\Roaming\IDM\idmmzcc5 [2020-05-29] [] [ist nicht signiert]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2020-12-11]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://www.google.com/","hxxp://start.iminent.com/?appId=E4B15248-E4A6-47F0-A767-40F4BA8E7F4A","hxxps://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-05-31]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-31]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-11]
CHR Extension: (Adblock für Youtube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-11-23]
CHR Extension: (GeForce Experience Stream Client) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjljknijpnfibppaijefibndmiabonep [2020-05-31]
CHR Extension: (OkayFreedom) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2020-05-31]
CHR Extension: (Decentraleyes) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-11-15]
CHR Extension: (IDM Integration Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-12-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-31]
CHR Extension: (WebRTC Network Limiter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2020-05-31]
CHR Extension: (AdFly Skipper) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2020-11-15]
CHR Extension: (Adult Blocker - Porn Adult Filter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjjgbgnpbedmhbdoikhknhflbfkecjm [2020-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-23]
CHR Extension: (Privacy Badger) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-12-11]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1293072 2020-06-15] (IObit Information Technology -> IObit)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [366232 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [3096712 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8502208 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [598360 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12976336 2020-12-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2020-09-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2020-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GalaxyClientService; H:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-04] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 IObitUnSvr; G:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
R2 PDF24; G:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 PlexUpdateService; H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1425912 2020-12-01] (Plex, Inc. -> Plex, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-09-06] (Even Balance, Inc. -> )
S3 ProtonVPN Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
S3 Rockstar Service; H:\Programme\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 VMAuthdService; G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [100784 2019-05-04] (VMware, Inc. -> VMware, Inc.)
S3 VMwareHostd; G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\NisSrv.exe [2484256 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\MsMpEng.exe [103168 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [45432 2019-07-15] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2019-07-15] (IObit Information Technology -> IObit)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37216 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206472 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [332432 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [247952 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [97424 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2020-11-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42848 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [176808 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521816 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109352 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851680 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469896 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217408 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [326488 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3213176 2020-12-08] (BattlEye Innovations e.K. -> )
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1499112 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-12-11] (CPUID -> CPUID)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\WINDOWS\gdrv.sys [26792 2020-05-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-05-29] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2020-05-29] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-05-25] (IObit Information Technology -> IObit)
R3 IUProcessFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-05-25] (IObit Information Technology -> IObit)
R3 IURegistryFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2018-10-11] (Intel(R) INTELND1820 -> Intel Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNSplitTunnel; H:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166768 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U4 napagent; kein ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:09 - 2020-12-11 22:09 - 000024203 _____ C:\Users\*****\Desktop\FRST.txt
2020-12-11 22:08 - 2020-12-11 22:06 - 002288640 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2020-12-11 22:07 - 2020-12-11 22:09 - 000000000 ____D C:\FRST
2020-12-11 18:24 - 2020-12-11 18:43 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2020-12-11 18:24 - 2020-12-11 18:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\Users\*****\AppData\Local\mbam
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-11 18:23 - 2020-12-11 18:23 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-11 17:23 - 2020-12-11 17:23 - 000003906 _____ C:\Users\*****\Desktop\Tiefenscan1.txt
2020-12-11 17:18 - 2020-12-11 21:19 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-12-11 17:18 - 2020-11-24 17:25 - 000340104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-12-11 16:47 - 2020-12-11 16:47 - 109768704 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 005103616 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000868352 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000143360 _____ C:\WINDOWS\system32\config\SAM.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2020-12-11 13:13 - 2020-12-11 13:13 - 000000000 ____D C:\Users\*****\AppData\Roaming\INNOTREND COMMERCE HK LIMITED
2020-12-09 18:30 - 2020-12-11 17:18 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2020-12-09 18:27 - 2020-12-09 18:27 - 000373776 _____ C:\WINDOWS\system32\vp9fs.dll
2020-12-09 18:23 - 2020-12-04 04:05 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-09 18:23 - 2020-12-04 04:05 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001453296 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000679664 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000608496 _____ C:\WINDOWS\system32\nvml.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001511664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000684784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-12-09 18:22 - 2020-12-05 04:24 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 004611312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-12-09 18:22 - 2020-12-05 04:22 - 007113064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-12-09 18:22 - 2020-12-04 04:05 - 000084008 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tautulli
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Program Files (x86)\Tautulli
2020-12-09 16:16 - 2020-12-09 16:16 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-06 13:43 - 2020-12-06 13:43 - 000000000 ____D C:\Users\*****\AppData\Roaming\Bungie
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\Users\*****\AppData\Local\GOG.com
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-12-05 12:54 - 2020-12-05 12:54 - 000000000 ____D C:\ProgramData\GOG.com
2020-12-05 12:15 - 2020-12-05 12:15 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2020-12-05 12:15 - 2020-12-05 12:15 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-12-05 12:14 - 2020-12-05 12:14 - 000000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2020-12-05 12:13 - 2020-12-05 12:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-05 12:13 - 2020-12-05 12:13 - 000001600 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2020-12-05 12:13 - 2020-12-05 12:13 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2020-12-02 19:58 - 2020-11-23 14:45 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-12-02 19:51 - 2020-12-02 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-11-28 22:33 - 2020-11-28 22:33 - 000000000 ____D C:\Users\*****\AppData\Local\My Games
2020-11-28 21:28 - 2020-11-28 21:28 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2020-11-28 19:03 - 2020-11-28 19:03 - 000000234 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch Dogs Legion.url
2020-11-28 16:33 - 2020-11-28 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2020-11-26 22:56 - 2020-11-26 22:56 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2020-11-25 19:20 - 2020-11-25 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2020-11-25 13:56 - 2020-12-09 20:09 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 17:25 - 2020-11-24 17:25 - 000851680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000521816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000469896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000332432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000217408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000206472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000176808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000109352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000037216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\*****\AppData\Local\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Program Files (x86)\Raspberry Pi Imager
2020-11-21 12:06 - 2020-11-21 12:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-20 22:36 - 2020-11-22 09:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Users\*****\AppData\Roaming\Proton Technologies AG
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-11-18 20:03 - 2020-12-09 20:09 - 000002158 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2020-11-18 20:03 - 2020-11-18 20:03 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-11-18 20:02 - 2020-11-18 20:03 - 000000000 ____D C:\Program Files\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\system32\Npcap
2020-11-18 20:00 - 2020-11-18 20:00 - 000000000 ____D C:\Users\*****\AppData\Roaming\Wireshark
2020-11-15 12:21 - 2020-11-15 12:21 - 000000000 ____D C:\Users\*****\AppData\Local\FLiNGTrainer
2020-11-14 15:07 - 2020-11-14 15:07 - 000000000 ____D C:\Users\*****\AppData\Roaming\EasyAntiCheat
2020-11-13 18:10 - 2020-11-13 18:10 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-11 18:00 - 2020-12-09 20:09 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1004
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:07 - 2020-05-29 21:29 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2020-12-11 21:59 - 2020-05-29 19:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-11 18:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-11 18:23 - 2020-05-29 20:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\IDM
2020-12-11 18:22 - 2020-07-12 18:33 - 000007597 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-11 17:28 - 2020-11-01 16:05 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-11 17:27 - 2020-05-29 19:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-11 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 17:25 - 2020-05-29 19:21 - 001731070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 17:25 - 2019-12-07 15:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat
2020-12-11 17:25 - 2019-12-07 15:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat
2020-12-11 17:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-11 17:21 - 2020-05-29 19:36 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-11 17:20 - 2020-07-03 15:42 - 000000000 ____D C:\Users\*****\AppData\Local\Tautulli
2020-12-11 17:20 - 2020-05-29 19:36 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2020-12-11 17:19 - 2020-05-29 20:14 - 000000000 ____D C:\Users\*****\AppData\Local\Plex Media Server
2020-12-11 17:19 - 2020-05-29 19:40 - 000000000 ____D C:\ProgramData\AVG
2020-12-11 17:18 - 2020-08-29 08:06 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-11 17:18 - 2020-05-31 15:30 - 000000000 ____D C:\ProgramData\VMware
2020-12-11 17:18 - 2020-05-29 19:21 - 000000000 ____D C:\Users\*****
2020-12-11 17:18 - 2020-05-29 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-11 17:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-11 17:16 - 2020-09-27 10:19 - 000000000 ____D C:\Users\*****\AppData\Local\WhatsApp
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\TAP-Windows
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\OpenVPN
2020-12-11 17:16 - 2020-05-31 22:28 - 000000000 ____D C:\Users\*****\AppData\Local\WeMod
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\ProductData
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\IObit
2020-12-11 17:16 - 2020-05-29 21:05 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-11 17:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-11 17:15 - 2020-05-30 10:37 - 000000000 ____D C:\Users\*****\AppData\Roaming\IObit
2020-12-11 17:15 - 2020-05-30 10:36 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IObit
2020-12-11 17:15 - 2020-05-30 00:23 - 000000000 ____D C:\Users\*****\AppData\Local\cFos
2020-12-11 17:15 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\discord
2020-12-11 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2020-12-11 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-12-11 17:02 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\WhatsApp
2020-12-11 17:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-11 16:59 - 2020-05-29 20:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\DMCache
2020-12-11 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 16:15 - 2020-05-30 00:46 - 000000000 ____D C:\Users\*****\AppData\Local\ElevatedDiagnostics
2020-12-11 15:35 - 2020-05-30 10:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-11 12:58 - 2020-10-23 17:34 - 000000000 ____D C:\Users\*****\AppData\Local\RealVNC
2020-12-11 12:58 - 2020-05-29 19:25 - 000000000 ____D C:\Users\*****\AppData\Local\PlaceholderTileLogoFolder
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 20:09 - 2020-11-08 11:35 - 000002578 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2020-12-09 20:09 - 2020-11-08 11:35 - 000002542 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2020-12-09 20:09 - 2020-11-01 16:36 - 000002568 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-12-09 20:09 - 2020-11-01 16:04 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-09 20:09 - 2020-11-01 16:04 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-09 20:09 - 2020-10-29 19:21 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 18:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1001
2020-12-09 20:09 - 2020-10-14 18:46 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-09 20:09 - 2020-09-09 15:28 - 000002460 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2020-12-09 20:09 - 2020-09-09 15:28 - 000002350 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_*****
2020-12-09 20:09 - 2020-05-30 12:34 - 000002402 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_*****
2020-12-09 20:09 - 2020-05-29 21:01 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-09 20:09 - 2020-05-29 19:42 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-09 20:09 - 2020-05-29 19:42 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-09 20:09 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-09 19:30 - 2020-05-29 19:45 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2020-12-09 18:59 - 2020-05-29 21:31 - 000000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2020-12-09 18:49 - 2020-07-12 18:05 - 000000000 ____D C:\Users\*****\AppData\Local\KeePassXC
2020-12-09 18:45 - 2020-05-31 15:31 - 000000000 ____D C:\Users\*****\AppData\Local\VMware
2020-12-09 18:44 - 2020-05-31 15:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\VMware
2020-12-09 18:37 - 2020-05-29 19:23 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2020-12-09 18:35 - 2020-05-31 16:10 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-12-09 17:23 - 2020-06-21 15:42 - 000000128 _____ C:\Users\*****\AppData\Local\PUTTY.RND
2020-12-09 16:59 - 2020-05-29 21:59 - 000000000 ____D C:\Users\*****\AppData\Local\Ubisoft Game Launcher
2020-12-09 16:13 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Local\Discord
2020-12-06 20:22 - 2020-06-07 18:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\HuBBa
2020-12-06 14:16 - 2020-05-30 13:49 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-05 19:52 - 2020-05-29 20:33 - 000000000 ____D C:\Users\*****\AppData\Local\EpicGamesLauncher
2020-12-05 19:43 - 2020-10-17 10:24 - 005302184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-05 12:57 - 2020-05-30 00:40 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2020-12-05 12:46 - 2020-05-29 19:23 - 000000000 ____D C:\Users\*****\AppData\Roaming\Adobe
2020-12-05 12:15 - 2020-05-30 00:42 - 000000000 ____D C:\ProgramData\Adobe
2020-12-05 12:13 - 2020-05-30 00:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-04 21:40 - 2020-05-29 21:27 - 000000000 ____D C:\Users\*****\AppData\Local\SquirrelTemp
2020-12-04 15:34 - 2020-05-30 11:42 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-04 15:34 - 2020-05-29 19:43 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 19:51 - 2020-05-29 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 22:32 - 2020-06-07 19:37 - 000000000 ____D C:\Users\*****\AppData\Local\BattlEye
2020-11-28 21:28 - 2020-09-06 12:42 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-25 17:33 - 2020-07-04 09:26 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-11-25 17:33 - 2020-05-29 19:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2020-11-25 16:22 - 2020-09-20 10:56 - 000134792 _____ (AVG Technologies) C:\WINDOWS\system32\icarus_rvrt.exe
2020-11-22 20:25 - 2020-06-21 20:33 - 000000000 ____D C:\Users\*****\AppData\Roaming\.minecraft
2020-11-22 09:47 - 2020-05-29 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 16:07 - 2020-10-23 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2020-11-21 16:04 - 2020-05-31 11:52 - 000000000 ____D C:\Users\*****\AppData\Local\cache
2020-11-21 12:06 - 2020-05-29 19:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-20 20:06 - 2020-05-31 12:32 - 000000000 ____D C:\ProgramData\ProtonVPN
2020-11-20 20:03 - 2020-05-30 02:57 - 000000000 ____D C:\Users\*****\AppData\Local\ProtonVPN
2020-11-17 07:02 - 2020-05-29 21:31 - 000000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2020-11-17 07:02 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\Packages
2020-11-15 20:28 - 2020-05-31 22:29 - 000000000 ____D C:\Users\*****\AppData\Roaming\WeMod
2020-11-14 18:09 - 2020-06-06 11:07 - 000000000 ____D C:\Users\*****\AppData\Local\GameCenter
2020-11-14 11:12 - 2020-05-29 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-14 11:10 - 2020-05-29 19:25 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-13 18:45 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-13 18:09 - 2020-05-29 19:16 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-10-27 21:46 - 2020-10-27 21:46 - 000004682 _____ () C:\Users\*****\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-21 15:42 - 2020-12-09 17:23 - 000000128 _____ () C:\Users\*****\AppData\Local\PUTTY.RND
2020-07-12 18:33 - 2020-12-11 18:22 - 000007597 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
11.12.2020, 22:24
| #6 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Die Addition.txt hat mehr als die hier erlaubte Zeichen länge weshalb ich es in zwei Beiträge geteilt habe Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-12-2020
durchgeführt von ***** (11-12-2020 22:10:46)
Gestartet von C:\Users\*****\Desktop
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-05-29 18:19:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3136980708-3557880529-3186569697-500 - Administrator - Disabled)
amine (S-1-5-21-3136980708-3557880529-3186569697-1005 - Limited - Disabled)
DefaultAccount (S-1-5-21-3136980708-3557880529-3186569697-503 - Limited - Disabled)
Gast (S-1-5-21-3136980708-3557880529-3186569697-501 - Limited - Disabled)
***** (S-1-5-21-3136980708-3557880529-3186569697-1001 - Administrator - Enabled) => C:\Users\*****
laila (S-1-5-21-3136980708-3557880529-3186569697-1004 - Limited - Disabled) => C:\Users\laila
WDAGUtilityAccount (S-1-5-21-3136980708-3557880529-3186569697-504 - Limited - Disabled)
yahia (S-1-5-21-3136980708-3557880529-3186569697-1003 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_Help (HKLM-x32\...\{7FDA2F0E-B522-48AD-8792-4BAAA4B5DA1C}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 13.7.0 - IObit)
Allods Online DE (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Allods Online DE (DE)) (Version: 1.209 - MY.GAMES)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{7598e74a-915c-4911-918c-ca4b2c296122}) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.) Hidden
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.2.0 - GIGABYTE Technology Co.,Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version: - Ubisoft)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: - Ubisoft)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.9.3152 - AVG Technologies)
AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 20.1.2191.714 - AVG)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
bpd_scan (HKLM-x32\...\{EC7FE03D-239A-4E36-9907-0E327922D2A2}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM-x32\...\{9237DDE8-1DF1-4FA7-AAF9-95458ABC26E0}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{E105BB34-826A-4DF7-8F35-07DDEE1E47A0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
CPUID ROG CPU-Z 1.92 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
DC Universe Online Live (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Detroit: Become Human (HKLM-x32\...\Detroit: Become Human_is1) (Version: - )
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.0214.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.0214.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.0701.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.0701.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version: - Ubisoft)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
Gigabyte Speed v10.21 (HKLM\...\Gigabyte Speed) (Version: 10.21 - cFos Software GmbH, Bonn)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet J4500 Series 14.0 Rel. 6 (HKLM\...\{EACF146B-01D2-4185-B773-9604A0E5902A}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HuBBa 1.3.90 (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\2a4703e6-0b98-56dd-80dd-5248bb27b192) (Version: 1.3.90 - BiFi2000)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.5.0.15 - IObit)
J4500 (HKLM-x32\...\{3250CB33-9B5C-42CF-A215-23E95EA5F75E}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
KeePassXC (HKLM\...\{FEE3E3CD-2A6C-464E-8424-DE7512D4A5D0}) (Version: 2.6.2 - KeePassXC Team)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LEGO DC Super-Villains (HKLM-x32\...\LEGO DC Super-Villains_is1) (Version: - )
LibreOffice 6.4 Help Pack (German) (HKLM\...\{6A9B7FBF-A3F4-4F69-8398-83E03F5EE94A}) (Version: 6.4.4.2 - The Document Foundation)
LibreOffice 7.0.2.2 (HKLM\...\{2D790347-9563-49DA-AAAD-A5D26B69C993}) (Version: 7.0.2.2 - The Document Foundation)
Mafia: Definitive Edition (HKLM-x32\...\Mafia: Definitive Edition_is1) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Marvel's Avengers (HKLM-x32\...\Marvel's Avengers_is1) (Version: - )
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Teams) (Version: 1.3.00.9267 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\GameCenter) (Version: 4.1573 - MY.COM B.V.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.79 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
OpenVPN 2.4.9-I601-Win10 (HKLM\...\OpenVPN) (Version: 2.4.9-I601-Win10 - OpenVPN Technologies, Inc.)
Password Tech Version 3.1.0 (HKLM-x32\...\{F2074AC4-1897-470C-A160-EF5C74F76763}_is1) (Version: 3.1.0 - Christian Thöing)
Password Tech Version 3.2.0 (Aktueller Benutzer, 64 Bit) (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\{F2074AC4-1897-470C-A160-EF5C74F76763}_is1) (Version: 3.2.0 - Christian Thöing)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Plex Media Server (HKLM-x32\...\{40c376bf-c3a0-439b-8353-f69a3bac10d6}) (Version: 1.21.0.3711 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{8DE31A48-E744-4526-AE09-B9A4002CE770}) (Version: 1.21.711 - Plex, Inc.) Hidden
ProductContext (HKLM-x32\...\{8064EF1E-3243-4307-A04F-BB64FF06A8DF}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
ProtonVPN (HKLM-x32\...\{FD5DFEEE-C563-4D04-B3F4-E5C7D5F5B1E9}) (Version: 1.17.6 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.6) (Version: 1.17.6 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{526B21BC-E7BE-4CC9-AF49-20F7F11B9113}) (Version: 1.1.1 - Proton Technologies AG)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.8.3 (32-bit) (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\{6f6f2a2d-6475-4359-bc65-b2cf464bd085}) (Version: 3.8.3150.0 - Python Software Foundation)
Python 3.8.3 Core Interpreter (32-bit) (HKLM-x32\...\{D3A7FDC5-BA4E-44FC-8822-800226B81C71}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Development Libraries (32-bit) (HKLM-x32\...\{EA35D9DB-86A9-4705-9D15-7FE33E261450}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Documentation (32-bit) (HKLM-x32\...\{BAF129CE-5C13-4383-9807-A44055644E08}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Executables (32-bit) (HKLM-x32\...\{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 pip Bootstrap (32-bit) (HKLM-x32\...\{4ADFAA3D-1670-4161-A64A-83535B6D78C6}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Standard Library (32-bit) (HKLM-x32\...\{26B2CC8C-1492-437D-B27A-655AFB3647DE}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Test Suite (32-bit) (HKLM-x32\...\{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Utility Scripts (32-bit) (HKLM-x32\...\{14A8B424-0141-4E46-A1E2-548DF8349BB7}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
Raspberry Pi Imager (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.11.9.1287 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8945.1 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.18 - Rockstar Games)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.0721.1 - GIGABYTE)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.0410.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.0410.1 - GIGABYTE)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{94530A73-5D44-431B-B1F0-FEBA96C90390}) (Version: 1.21.711 - Plex, Inc.) Hidden
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Tautulli (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Tautulli) (Version: 2.6.2.1 - Tautulli)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.)
VNC Viewer 6.20.529 (HKLM\...\{1A0D1F90-8D1F-4922-8546-D1F84501C46A}) (Version: 6.20.529.42646 - RealVNC Ltd)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version: - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WeMod (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\WeMod) (Version: 6.3.11 - WeMod)
WhatsApp (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\WhatsApp) (Version: 2.2047.13 - WhatsApp)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows Subsystem for Linux Update (HKLM\...\{18E72D39-392C-419D-9B86-C4C633B4CED9}) (Version: 4.19.128 - Microsoft Corporation)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wireshark 3.4.0 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.0 - The Wireshark developer community, hxxps://www.wireshark.org)
Zoom (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0 [2020-12-11] (AMZN Mobile LLC)
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.42.0_x64__pwbj9vvecjh7j [2020-12-11] (Amazon Development Centre (London) Ltd)
Kali Linux -> C:\Program Files\WindowsApps\KaliLinux.54290C8133FEE_1.6.0.0_x64__ey8k8hqnwqnmg [2020-12-11] (Kali Linux)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.32.33291.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-12-11] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-12-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2020-12-11] (Realtek Semiconductor Corp)
Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2020.812.0_x64__79rhkp1fndgsc [2020-12-11] (Canonical Group Limited)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => H:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => H:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => G:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => G:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\nvshext.dll [2020-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\GeForce Experience Stream Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gjljknijpnfibppaijefibndmiabonep
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-11-23 19:03 - 2020-11-23 19:03 - 000629760 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\aac_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000394752 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\ac3_encoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000608256 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\dca_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000751104 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\flv_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001559040 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\h264_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000818688 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\hevc_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001800704 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\libx264_encoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000579072 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mp3_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001268224 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mpeg4_decoder.dll
2020-04-30 14:28 - 2020-04-30 14:28 - 001866752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000182272 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\_cffi_backend.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000034816 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_aes.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000016384 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_aesni.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_cbc.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_cfb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000014336 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ctr.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ecb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ocb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000012288 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ofb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_Salsa20.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015872 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_BLAKE2s.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_ghash_clmul.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_ghash_portable.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000016896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_MD5.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000019456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_SHA1.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000022016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_SHA256.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Protocol\_scrypt.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Util\_cpuid_c.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Util\_strxor.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 003100160 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\cryptography\hazmat\bindings\_openssl.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000572928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\pythoncom38.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000142848 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\pywintypes38.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000134656 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32api.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000539136 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32com\shell\shell.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000027648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32event.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000058880 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32service.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000054272 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000039936 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000218624 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000036864 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000024576 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\yarl\_quoting_c.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000073216 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\yarl\_quoting.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000014848 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\internal\_api_implementation.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 001055232 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\pyext\_message.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000118784 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\_elementpath.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 003284992 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\etree.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000161792 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\html\clean.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000009728 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\websockets\speedups.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\yarl\_quoting_c.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000231424 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\_yaml.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\psutil\_psutil_windows.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\*****\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\yarl\_quoting_c.cp37-win32.pyd
2020-10-21 19:33 - 2020-10-21 19:33 - 000083604 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libdouble-conversion.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000081585 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libgcc_s_seh-1.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 028408832 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicudt67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 003277824 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicuin67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 002113536 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicuuc67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000339456 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libpcre2-16-0.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000303486 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libsodium-23.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000043429 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libssp-0.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 001752711 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libstdc++-6.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000737792 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libzstd.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000093720 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\zlib1.dll
2020-12-05 12:55 - 2020-12-04 09:17 - 000064512 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000050176 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000225792 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000045056 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\multidict\_multidict.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000061952 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\psutil\_psutil_windows.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000073216 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\yarl\_quoting.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000048128 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000036864 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000216064 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000032256 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000022528 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\multidict\_multidict.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000073216 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\yarl\_quoting.cp37-win32.pyd
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2019-10-29 09:26 - 2019-10-29 09:26 - 000445952 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 19:53 - 2018-09-11 19:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-06-18 08:01 - 2020-06-18 08:01 - 002057216 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-06-18 08:01 - 2020-06-18 08:01 - 002057728 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000058539 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\libwinpthread-1.dll
2018-08-30 16:26 - 2018-08-30 16:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 006992719 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\Qt5Core.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 002549349 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\Qt5Network.dll
2015-10-14 00:15 - 2015-10-14 00:15 - 002042368 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2019-07-04 18:06 - 2019-07-04 18:06 - 001988608 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-07-06 19:33 - 2020-07-06 19:33 - 000478720 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-05-08 14:55 - 2020-05-08 14:55 - 002107392 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\*****\AppData\Local\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> H:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> G:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> H:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\sharepoint.com -> hxxps://jgumainz-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2020-06-06 12:01 - 000000862 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.navicat.com
2020-05-31 16:10 - 2020-12-09 18:35 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.31.128.1 *****.mshome.net # 2025 12 1 8 17 35 43 429
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\Control Panel\Desktop\\Wallpaper -> H:\Downloads\Compressed\WD2_Wallpapers\3\16_9\3_2560x1440.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled)
LAN-Verbindung: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung 2: VMware Bridge Protocol -> vmware_bridge (enabled)
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\StartupFolder: => "GIGABYTE AORUS GRAPHICS ENGINE.lnk"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "35C0DD69A13B47FAAE527F030D7053F7FAB3A98B._service_run"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{DAE1B244-2654-4C22-9C03-8F75C38131C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8953D7FC-E6A6-478A-90A0-192C1EC81428}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{884ADA83-A667-4B8B-A28F-6FC912E29B66}] => (Allow) H:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6AB88638-B0AF-4021-9D7A-ABA0FBA7FAA7}] => (Allow) H:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4238A560-8AA9-4999-B7FF-B21258D3FBA4}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A4C491AB-9C55-4D6B-81B8-8ABF16EEA7B6}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9269052-FE64-44E4-BC31-5899E47CD50D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6233A909-02E2-4441-BC45-52BC23EC49D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEE1DF78-731F-49A9-9064-990E95B5CC82}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D619D246-E916-4FE4-8167-8C3899C9457B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{7B5A16C2-03C8-437A-91F8-888B020401E3}] => (Allow) LPort=9009
FirewallRules: [{F8441524-0FC2-4B58-8620-D25FBB8BF5A9}] => (Allow) LPort=9009
FirewallRules: [{71652B94-8D03-4E8D-9E5E-FDD09E09ABD9}] => (Allow) LPort=9009
FirewallRules: [{E585C08C-AAC7-47CB-8D65-2F8A060309BA}] => (Allow) LPort=9009
FirewallRules: [{79F958CA-7658-464F-AD6D-B57E92AA87C6}] => (Allow) LPort=9009
FirewallRules: [{70E69257-630E-4CAE-B394-50B2A5F8C725}] => (Allow) LPort=9009
FirewallRules: [{39E5249B-6E84-4C31-898D-0D676F464C6D}] => (Allow) LPort=9009
FirewallRules: [{92A762F5-71D4-480C-AFFD-1EFF1A88F178}] => (Allow) LPort=9009
FirewallRules: [{FFA17206-E769-43F6-BDCF-D33465CE9A83}] => (Allow) LPort=9009
FirewallRules: [{7558928D-63E2-4718-8141-71ABF2DD86BD}] => (Allow) LPort=9009
FirewallRules: [{3257E1C0-E035-46F5-95C8-BB203AD797C2}] => (Allow) LPort=9009
FirewallRules: [{093B834C-2C0F-4545-9DDE-8E835519F4C8}] => (Allow) LPort=9009
FirewallRules: [{20F30550-43F8-4C2E-B616-093EA22D65F0}] => (Allow) LPort=9009
FirewallRules: [{540C48AD-2635-4F95-984C-9949129C1BF7}] => (Allow) LPort=9009
FirewallRules: [{BCB17D5B-80F3-491E-BD8F-8C25CB2414D0}] => (Allow) LPort=9009
FirewallRules: [{D14AC5A1-CFFB-4C41-A210-9096E8E8B3A6}] => (Allow) LPort=9009
FirewallRules: [{6653C6AB-652C-4448-8389-D476501673A1}] => (Allow) LPort=9009
FirewallRules: [{32E7A7CB-3833-435A-B181-94EC250C604A}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{4E3AE518-57EC-4907-A69B-C468C65FF1C5}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{26C20AEF-BD2D-491B-A067-3F4851939276}] => (Allow) LPort=9009
FirewallRules: [{80513380-7748-4F98-99FB-00A23CC8642B}] => (Allow) LPort=9009
FirewallRules: [{4DC846C7-943A-4A2F-BBEB-282F08D8B471}] => (Allow) LPort=9009
FirewallRules: [{4BACDBCD-84E1-4E91-BECB-24970AEBA7B3}] => (Allow) LPort=9009
FirewallRules: [{2152E9D9-6A7F-493F-B133-CE52714DE524}] => (Allow) LPort=9009
FirewallRules: [{7BA34BAB-84FC-4E05-AC16-280CFA7378B1}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CD655D27-EE12-4F43-8349-411302EE893C}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{1E82349B-7870-44A1-800B-4DE6C661A138}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{7AD85ACA-0D91-4770-A511-8946D0A5A20A}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{230FA1FA-90E8-4224-8C59-F2071BAAC89B}] => (Allow) LPort=9009
FirewallRules: [{776C6B29-8999-42F1-BE34-377AD0295116}] => (Allow) LPort=9009
FirewallRules: [{2D7BAD1D-1489-494A-A623-5F4C89A9D998}] => (Allow) LPort=9009
FirewallRules: [{54C21C80-B054-4099-9E76-19F198F065A6}] => (Allow) LPort=9009
FirewallRules: [{27DEAD8C-1074-4CD3-8356-145D2B147ED3}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [Datei ist nicht signiert]
FirewallRules: [{4AEA242F-4724-44BF-B58D-C0CF88E42BF6}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [Datei ist nicht signiert]
FirewallRules: [{E89F7144-8877-45F2-A916-4AA8F78DDAA4}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C842A5DE-0D43-41F2-B624-C7579A943852}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1920091C-16C5-4FF9-993D-411EA8E6C4F7}] => (Allow) LPort=9009
FirewallRules: [{298444CD-4F5D-44D1-A78B-81FD66B05E92}] => (Allow) LPort=9009
FirewallRules: [{F1D5B639-4A0E-43AE-B1D1-EE1C57E2EFE7}] => (Allow) LPort=9009
FirewallRules: [{C97A7AEA-DD0A-410B-9332-8E0A4E070F54}] => (Allow) LPort=9009
FirewallRules: [{8844F677-8A28-4AFF-BB8D-36C715E786C2}] => (Allow) LPort=9009
FirewallRules: [{F238437D-94F2-4657-BF0E-886F77F217A4}] => (Allow) LPort=9009
FirewallRules: [{500043C5-D2D9-4AAA-8B5E-369AAC125985}] => (Allow) LPort=9009
FirewallRules: [{4437032A-A84D-4446-B2E4-E376156E3FA7}] => (Allow) LPort=9009
FirewallRules: [{DB080CB2-DBAC-4FAF-8A4C-F091CA7930DB}] => (Allow) LPort=9009
FirewallRules: [{89C27047-0265-4D30-A9B3-A2F700E38227}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\AllodsMycomSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [{0F15FEC3-0EE0-4F41-8556-1A7064B2A426}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\AllodsMycomSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [{0E4B8310-D4C6-45AD-BAD6-FACE249BD8E7}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\Allods Online DE\bin\Launcher.exe (LLC MAIL.RU -> © 2008-2019 Allods Team, Mail.Ru Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A9E1CF12-2656-4B8A-B67C-984D441B4176}C:\users\*****\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\*****\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{DC2926A0-F60F-4B0E-851F-5F2782E74326}C:\users\*****\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\*****\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{3775C925-8205-41C2-8EAF-B263CA3B52B7}] => (Allow) G:\Programme\Uplay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{FCDF7798-1206-4109-B228-EE7ED48C787F}] => (Allow) G:\Programme\Uplay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5ECD9456-BAE5-49CF-80BE-202009E6D589}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{C271ABFC-434D-4914-9361-C575F25CCF70}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{10D42B82-D1BB-4016-B299-9F4C7700DCBC}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{D4A3137A-4F0B-40F7-A90A-62EF6CAA7D38}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{EF6BD5E2-8357-478E-BE90-5B51401E7CB3}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{4A6BA015-1596-4A95-B131-340F084CDF2E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{9CC8AC29-BAB1-4AB8-A2A5-E8B21E4FB5C3}] => (Allow) LPort=9009
FirewallRules: [{41AFF113-3D49-43FE-8D12-9F8B39755813}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{B769692B-4E38-42C0-B5A8-AB58A649F489}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{F6401DCF-0AA0-4BF1-B4AD-1CC1B5DFBF32}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{1730AC81-1750-4CD0-96BE-7F8654C94C2F}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{73A037D6-AA68-4BE5-8023-093CF12D6DF0}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9E1C9D18-A17E-4822-A5ED-68713DAB55DF}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9651F030-D1E6-406B-9897-5AFAEAA1D429}] => (Allow) LPort=9009
FirewallRules: [{3C458199-E8D5-47D4-915D-E0B6CE784E49}] => (Allow) LPort=9009
FirewallRules: [{FA40DA03-697A-4BC8-802C-189E111B7521}] => (Allow) LPort=9009
FirewallRules: [{665FF16B-2402-4E78-B20C-E59C3093A21F}] => (Allow) LPort=9009
FirewallRules: [{902CCB86-526F-4C35-A60E-B9BD8CC82DBF}] => (Allow) LPort=9009
FirewallRules: [{0C23F0E1-76F2-4B50-B8A2-A9CE75A0C88A}] => (Allow) LPort=9009
FirewallRules: [{FCECE2A5-8655-4E13-9A61-DD278CD8E7B3}] => (Allow) LPort=9009
FirewallRules: [{336BEA9B-BF7D-4E49-9F1E-C78BE0AA5B96}] => (Allow) LPort=9009
FirewallRules: [{E25D0CD7-ED3B-4BBE-B991-2AF39D30381F}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{91E6759A-758A-4EDB-A369-ABC3CF8F54D4}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Syndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B634680D-29BE-4184-A686-8962295DB8A6}] => (Allow) LPort=9009
FirewallRules: [{7EEB199B-2474-4FEC-B4E8-048D4D2C9A89}] => (Allow) LPort=9009
FirewallRules: [{F5C7F79B-0FCB-4B42-9243-43E0C169AE84}] => (Allow) LPort=9009
FirewallRules: [{7F8AA965-8883-4DCB-A9EF-298E2DF8FE19}] => (Allow) H:\Programme\Uplay\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{A21B38AD-4976-4F94-A93E-1350888A32CE}] => (Allow) H:\Programme\Uplay\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{313DD029-0170-4028-BBDF-AA39AF187908}] => (Allow) LPort=9009
FirewallRules: [{AF340386-CB3C-4705-9B50-4D34F517D474}] => (Allow) LPort=9009
FirewallRules: [{EF463F9B-102D-4A1E-B0E0-5C6BBE8948F1}] => (Allow) LPort=9009
FirewallRules: [{3770FD15-5B33-40EA-BC19-EBAFDDC062F2}] => (Allow) LPort=9009
FirewallRules: [{9958AF36-41DB-4526-9502-98B57ED63366}] => (Allow) LPort=9009
FirewallRules: [{CF11565B-CA51-46C3-B677-BF0296848677}] => (Allow) LPort=9009
FirewallRules: [{94C3C4B4-BD1A-44EF-B14E-E41495A88F7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F69665A2-2B24-4355-9E06-3569D87CC5EB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67AF3586-FFFC-4F4B-9FBD-744D151BF6C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48001033-9119-43D6-9926-41E0131D1A27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD276B12-4AD6-4F46-A620-C869659E279C}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [Datei ist nicht signiert]
FirewallRules: [{BB070AAD-6B52-42EC-8E38-934E6DA54915}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [Datei ist nicht signiert]
FirewallRules: [{826571B4-AD43-4555-9565-606B8D1C96EC}] => (Allow) LPort=9009
FirewallRules: [{D81723F0-799E-4FA9-93F9-019325772670}] => (Allow) LPort=9009
FirewallRules: [{F7F54016-1A1E-4830-89AF-F9A8CEDFC8C6}] => (Allow) LPort=9009
FirewallRules: [{0A788C13-0189-48F1-890B-E06369E7DEF4}] => (Allow) LPort=9009
FirewallRules: [{423E12D6-0D79-4E08-A4E7-F6B5A7DAC5EE}] => (Allow) LPort=9009
FirewallRules: [{3BD60476-133B-46E8-8229-5F5C294AE233}] => (Allow) LPort=9009
FirewallRules: [{89D7626B-8331-4775-86F8-598C41A2A979}] => (Allow) LPort=9009
FirewallRules: [{73111904-FC32-442C-A1C5-83F271630428}] => (Allow) LPort=9009
FirewallRules: [{D947EB54-FD26-4F6B-A8C7-76E4347CBE25}] => (Allow) LPort=9009
FirewallRules: [{B4AF0129-BEC0-4F98-BDA8-1550049EDA37}] => (Allow) LPort=9009
FirewallRules: [{47167BB2-DB19-4F8E-8FA5-668C7A962FE5}] => (Allow) LPort=9009
FirewallRules: [{B0F494FC-3211-4705-AFBE-7654896D98E9}] => (Allow) LPort=9009
FirewallRules: [{8C9C5FBA-EBCA-4298-97F2-829568403AF9}] => (Allow) LPort=9009
FirewallRules: [{F65F57DA-48F1-4403-A469-1A816C1EDA68}] => (Allow) LPort=9009
FirewallRules: [{CB953820-00B6-4890-82B1-6C9F9F24AD29}] => (Allow) LPort=9009
FirewallRules: [{B78BB03D-0D62-4625-BC5C-E32EB9C89524}] => (Allow) LPort=9009
FirewallRules: [{4B39B479-9339-4477-9AD5-609D8A5FDC7A}] => (Allow) LPort=9009
FirewallRules: [{36C1CE74-5400-4108-B20E-0BBCA1F1650C}] => (Allow) LPort=9009
FirewallRules: [{C0DA0D50-A282-4DC2-8A66-27B4F788726F}] => (Allow) LPort=9009
FirewallRules: [{8C445951-DDA3-4012-BE57-33CD2FB1BC45}] => (Allow) LPort=9009
FirewallRules: [{EB3603CA-F786-4711-A74E-6F18A7528218}] => (Allow) LPort=9009
FirewallRules: [{7B7C164C-7698-4937-91FA-16DDF623FDA5}] => (Allow) LPort=9009
FirewallRules: [{D151D9B4-69AB-49C6-A1CC-7FA20CE42159}] => (Allow) LPort=9009
FirewallRules: [{0208A22B-0C03-4DF3-ACEB-04DDF745AAF1}] => (Allow) LPort=9009
FirewallRules: [{6AF6A2BA-1AD8-47FA-BABB-FF472A23F98A}] => (Allow) LPort=9009
FirewallRules: [{6715DBFF-A385-4979-9B78-06E0D1236B05}] => (Allow) LPort=9009
FirewallRules: [{71DA14A0-C1F9-4CC4-9CB7-07CF6916E11A}] => (Allow) LPort=9009
FirewallRules: [{CD0CCEB7-0155-49CB-8D4E-3C743676BC69}] => (Allow) LPort=9009
FirewallRules: [{B88AB3AA-20E5-4627-AB4B-422CFA83741C}] => (Allow) LPort=9009
FirewallRules: [{649204E0-8FF7-4482-8C16-50A502B7CEBD}] => (Allow) LPort=9009
FirewallRules: [{B8B1B2D3-A1CC-4A25-81D6-9F6CB9BD8CF8}] => (Allow) LPort=9009
FirewallRules: [{F6F33401-293B-4F8D-AAFC-7B6F5C4E1948}] => (Allow) LPort=9009
FirewallRules: [{7C027969-982F-45C9-B03F-DC52E1E072F7}] => (Allow) LPort=9009
FirewallRules: [{F24147DC-5C0D-4118-A2F9-BFEEEBA9F80D}] => (Allow) LPort=9009
FirewallRules: [{A07A76B5-06AE-4357-8E27-D51E507B9B69}] => (Allow) LPort=9009
FirewallRules: [{2CBE5144-5521-4151-9959-2087CF58B131}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{8038F798-E538-458B-BBAB-6CA4DFF7C523}G:\program files (x86)\the knight\rage 2\rage2.exe] => (Allow) G:\program files (x86)\the knight\rage 2\rage2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2D0544CE-01CA-4DF4-8D2F-07BD0A60961E}G:\program files (x86)\the knight\rage 2\rage2.exe] => (Allow) G:\program files (x86)\the knight\rage 2\rage2.exe () [Datei ist nicht signiert]
FirewallRules: [{EF6D7BBD-12E2-4087-AC19-13221B5D0E52}] => (Allow) LPort=9009
FirewallRules: [{F46FFAAC-EF19-4E2B-89D4-3D0706A201D9}] => (Allow) LPort=9009
FirewallRules: [{901609A1-24C2-42D2-B02E-EB0B6C6A2583}] => (Allow) LPort=9009
FirewallRules: [{7DDDC26B-89AF-4329-B0AA-6A8A9A433C26}] => (Allow) LPort=9009
FirewallRules: [{5AF7EE4C-8E9D-4337-97DC-117C775BCD98}] => (Allow) LPort=9009
FirewallRules: [{28D55537-8EF4-4913-B3FA-DDAEFB2B48FD}] => (Allow) LPort=9009
FirewallRules: [{6BA14A00-0E55-4FDD-8176-A60B0AB0312D}] => (Allow) LPort=9009
FirewallRules: [{A9EDA5FF-316F-4637-8DD2-5E7F3AAA517E}] => (Allow) LPort=9009
FirewallRules: [{6ACBF067-C968-48A5-98BC-DCF3E49983E5}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{4DBDD82D-D712-4224-9F83-DB375D1178A7}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{1274570E-F929-4371-9B91-92EECC0EE6B5}] => (Allow) LPort=9009
FirewallRules: [{AA259895-23A8-4638-805D-1EAE06BBD5BD}] => (Allow) LPort=9009
FirewallRules: [{E0879C28-E438-4948-A68B-16ABF9E34825}] => (Allow) LPort=9009
FirewallRules: [{6CEE1229-C96D-42E3-A191-A00B1746C818}] => (Allow) LPort=93
FirewallRules: [{8E6323E3-7481-48B8-A6C5-6929545D4348}] => (Allow) LPort=9009
FirewallRules: [{98579FAF-90A3-4459-B8EB-3439AFD0B49A}] => (Allow) LPort=9009
FirewallRules: [{E468DEC2-9E1F-4D14-9280-C5A2C0673B6D}] => (Allow) LPort=9009
FirewallRules: [{78868E05-8EBC-4917-8C8B-235F9DD08690}] => (Allow) LPort=9009
FirewallRules: [{10C28EED-B248-4AAB-86B9-B421D124EE84}] => (Allow) LPort=9009
FirewallRules: [{883691ED-79C4-4C55-9930-47E727FCDE9A}] => (Allow) LPort=9009
FirewallRules: [{70A148D2-EC84-44BE-925F-5C7869E7FCBE}] => (Allow) LPort=9009
FirewallRules: [{2453CC66-2ED7-4451-A2C9-AE77792D4065}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F0C934A0-B3F4-4D9A-8F2B-6B0502AF23A6}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C88135CA-F1E0-4687-802E-BB3F76F8D211}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BD216EDE-6A0C-4278-99C8-AAF8D861B52B}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{3FCD227C-6102-4281-AF42-8CAE65421532}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{E4199A6A-DA0D-4C3C-A320-770B4F3EC150}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{A49FFB1E-EE35-4232-A6DB-8145D49ABAB3}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{1CCD513A-D05F-4DE7-A964-668BC97CDAB0}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4AF40930-0DE9-441E-93A1-DDF69FDD44D7}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D52E00C1-A812-4F43-AC0B-BAB8C9BA21CD}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{0A45418E-3CD3-4C46-8909-FBB139EF5281}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [{E4677943-4809-41F4-AA1B-7386B1BDD8B9}] => (Allow) LPort=9009
FirewallRules: [{02C12C4E-1514-4540-9A40-F1F8C2258F11}] => (Allow) LPort=9009
FirewallRules: [{E2B7545F-F8F2-452A-883D-DA1B8C5C14D7}] => (Allow) LPort=9009
FirewallRules: [{E886355F-7504-4955-AA73-98021821A3DC}] => (Allow) LPort=9009
FirewallRules: [{8F8A5180-FD08-4631-A7A9-F8AEE9AD3819}] => (Allow) LPort=9009
FirewallRules: [{EED15B78-6086-4DCF-8A6F-9813B27CDF21}] => (Allow) LPort=9009
FirewallRules: [{2A00541F-E9DB-478B-A4FA-95502773AAC1}] => (Allow) LPort=9009
FirewallRules: [{FF505FD8-7377-45E3-82C7-4F85D5F92858}] => (Allow) LPort=9009
FirewallRules: [{457DE54F-6E38-4D34-A3FF-26B8F93FAF54}] => (Allow) LPort=9009
FirewallRules: [{1797903C-E973-4A1C-B756-B4DAA03E15FF}] => (Allow) LPort=9009
FirewallRules: [{8A95BADA-C539-4E36-878D-0FC83CD039B8}] => (Allow) LPort=9009
FirewallRules: [{8C18C03E-BC22-4418-B6F6-E53BD9D37C35}] => (Allow) LPort=9009
FirewallRules: [{38AB4A76-A973-4ED8-9E06-A528F73E2D5B}] => (Allow) LPort=9009
FirewallRules: [{C1FDFAA9-2D0C-4B7F-AA22-BAC16DDDD975}] => (Allow) LPort=9009
FirewallRules: [{98987678-49BC-402B-9256-DF66E18CF71B}] => (Allow) LPort=9009
FirewallRules: [{39A4F60A-36B7-481E-AB97-7B92C07ECFF3}] => (Allow) LPort=9009
FirewallRules: [{EB3B11F7-4173-4169-8173-339E6B283E16}] => (Allow) LPort=9009
FirewallRules: [{F743F4E2-991E-47D5-8AF3-EDC27E70BF31}] => (Allow) LPort=9009
FirewallRules: [{7C1B9F43-4F85-498B-BFA2-4BD1D7FFE53C}] => (Allow) LPort=9009
FirewallRules: [{10EC20FD-6BEE-48EA-80AA-7F082D38C427}] => (Allow) LPort=9009
FirewallRules: [{21E8B3AD-84CE-474A-855E-F8E02505AA59}] => (Allow) LPort=9009
FirewallRules: [{6FB6C9E9-9468-4C07-96AE-96C234EC9D1C}] => (Allow) LPort=9009
FirewallRules: [{BBCC23F3-D543-4DD2-B1A5-B645643123DA}] => (Allow) LPort=9009
FirewallRules: [{F86E22EB-8CF4-4705-8200-9E7F85B8D54D}] => (Allow) LPort=9009
FirewallRules: [{9052F49F-751D-4D4F-A699-C55374F0720D}] => (Allow) LPort=9009
FirewallRules: [{6FF09F31-68B5-4FD6-81BE-467020294980}] => (Allow) LPort=9009
FirewallRules: [{10713C94-AE25-4D74-B62C-F415C66B003C}] => (Allow) LPort=9009
FirewallRules: [{7763BD91-1F1D-451A-8570-2F7E3F7F0CC1}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{5C47F3BA-2A49-43C9-BC11-F28D23192A1E}H:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) H:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{A08F555D-810C-4C70-BE2C-8909612E1DBB}H:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) H:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9B5B8FA4-5ECC-457A-AA48-802BF2D8CB1C}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{C7E780B7-2916-459A-80A3-24A4EF243FB2}G:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) G:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2D31F209-16D4-4065-8A6B-F9060FA67C89}G:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) G:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0A15C446-9831-4EED-864A-21129DEB6130}] => (Allow) LPort=9009
FirewallRules: [{0A52F091-B959-4862-92B4-2E023793F300}] => (Allow) LPort=9009
FirewallRules: [{43F0F9CF-1D18-4803-9485-013AE8D61DB5}] => (Allow) LPort=9009
FirewallRules: [{EA2AF9DB-AAA8-4DF3-9B52-DA1C4A622B99}] => (Allow) LPort=9009
FirewallRules: [{56E60533-054A-4BCB-AA39-5AC520E4A2B9}] => (Allow) LPort=9009
FirewallRules: [{BD0CF392-6D73-46CD-BFB9-2533CE95C359}] => (Allow) LPort=9009
FirewallRules: [{46571334-AA20-4217-B4BE-21EAC4F4F5A3}] => (Allow) LPort=9009
FirewallRules: [{EBA797CB-F355-4959-9BF9-C83F057924C5}] => (Allow) LPort=9009
FirewallRules: [{2994E284-A0BC-489A-98BB-CFE4890338D8}] => (Allow) LPort=9009
FirewallRules: [{A53CDD86-DF9D-44BE-B309-210A6879869B}] => (Allow) LPort=9009
FirewallRules: [{BE712C6E-F468-4FF1-B449-B8DB94B7959B}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{750959BD-167F-4B3C-BD44-1C66A5629413}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Block) G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3B8323FA-69CD-4EE7-8D1C-962EDD08C87E}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Block) G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{FE266EC5-971A-484B-9BF3-17CDCCC25B90}] => (Allow) LPort=9009
FirewallRules: [{18425415-E593-49D6-A15C-F904E8C0A79A}] => (Allow) LPort=9009
FirewallRules: [{D4E33953-CB8D-4DDA-B0B7-49ABFF98376C}] => (Allow) LPort=9009
FirewallRules: [{48367F9E-45A5-4807-BE8C-AB0C8E92A225}] => (Allow) LPort=9009
FirewallRules: [{BBE9D50C-E652-49EB-95AE-3DC9DEF3F34E}] => (Allow) LPort=9009
FirewallRules: [{D94D92B1-A4A3-493F-A0FE-FCA8B2ECB72B}] => (Allow) LPort=9009
FirewallRules: [{123809A6-483D-4CE9-8C4C-F560C7D85A2D}] => (Allow) LPort=9009
FirewallRules: [{ED9A5ABA-A271-4E82-B252-EAE99C1109DB}] => (Allow) LPort=9009
FirewallRules: [{CBE8EC1F-AB28-469E-B059-D5697B02C384}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{3EDC1276-8EF2-4B44-9685-7303162F0D85}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{20229675-488C-47A1-BA8C-872AFBECF00E}] => (Allow) LPort=9009
FirewallRules: [{AF68E724-E020-4F6B-A026-349C1CBAE12A}] => (Allow) LPort=9009
FirewallRules: [{3BE2B281-98E5-420C-9BF4-2755FAC94BB3}] => (Allow) LPort=9009
FirewallRules: [{C64AAD90-8DDC-4102-9548-3652A9401107}] => (Allow) LPort=9009
FirewallRules: [{2CCC1F91-7F72-4D15-A2B8-1F47BC9D1233}] => (Allow) LPort=9009
FirewallRules: [{F5327578-8ABD-45BD-9777-06FD91D43380}] => (Allow) LPort=9009
FirewallRules: [{DFCE7B1B-A0C3-41A0-9BF8-D76045534B4E}] => (Allow) LPort=9009
FirewallRules: [{5AB0CA45-9DFA-4418-ABE0-00DC1FC6FBCD}] => (Allow) LPort=9009
FirewallRules: [{24D22571-BA95-4C02-9826-C7DE60DBE5E3}] => (Allow) LPort=9009
FirewallRules: [{39BBA9B3-BAA3-4BD5-87E8-CA01E36CCA0C}] => (Allow) LPort=9009
FirewallRules: [{4AE806B5-B721-4A9C-8671-042F75B34908}] => (Allow) LPort=9009
FirewallRules: [{E89AF2BA-C7D6-427E-94CD-3446AE5C0C9D}] => (Allow) LPort=9009
FirewallRules: [{12059972-E222-4862-9C07-B4A00710AD2D}] => (Allow) LPort=9009
FirewallRules: [{6F8BC16D-0C27-4E81-9291-716E336845E4}] => (Allow) LPort=9009
FirewallRules: [{72B9AA28-1076-48FE-A2A6-D2FA815D8A1F}] => (Allow) LPort=9009
FirewallRules: [{F78DB957-7379-4E96-9018-A21CCD7D0C0A}] => (Allow) LPort=9009
FirewallRules: [{29282BB5-BA4A-4B01-93DD-CD614C4D2AFD}] => (Allow) LPort=9009
FirewallRules: [{5AB6FA1F-282A-4D03-971B-1613B37D69A8}] => (Allow) LPort=9009
FirewallRules: [{A8CDC7C0-9AC6-45C1-A50B-EED3CEE41834}] => (Allow) LPort=9009
FirewallRules: [{D80B3F1C-FFDF-4BF6-A95C-79ED20D657EF}] => (Allow) LPort=9009
FirewallRules: [{18598FC2-DAA7-4C26-BF8B-715C396394E9}] => (Allow) LPort=9009
FirewallRules: [{5C12FE61-258E-412D-B7CA-4DE887A2BA6C}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{CACD8413-E65B-4060-AADE-CDFC27486E73}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{2A1FDF6D-CDA1-4662-9CAE-3F47407DAE2A}] => (Allow) LPort=9009
FirewallRules: [{20AB9A4B-E953-47E9-BF54-F581ECE229E4}] => (Allow) LPort=9009
FirewallRules: [{BFF448E9-8CA7-4533-B79D-B34ACA0BFB46}] => (Allow) LPort=9009
FirewallRules: [{ABA7653C-CA3C-4FEB-9698-65CC5D935B67}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Datei ist nicht signiert]
FirewallRules: [{CE258CEE-6668-4C68-8F90-15FDDE53F61F}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{698DF1BC-393E-47C6-A19C-3D96345DF257}G:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) G:\program files\epic games\totalwarsagatroy\troy.exe => Keine Datei
FirewallRules: [UDP Query User{BE74110F-2F42-4B2A-9457-39F695E4E51D}G:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) G:\program files\epic games\totalwarsagatroy\troy.exe => Keine Datei
FirewallRules: [{E71EE8D8-F343-4C28-BBA1-2DD299F0BFB8}] => (Allow) LPort=9009
FirewallRules: [{334F5ABA-96A5-4AF6-9598-FF64BD5F366B}] => (Allow) LPort=9009
FirewallRules: [{5647784A-286B-4287-8A4C-9B43D2EE6427}] => (Allow) LPort=9009
FirewallRules: [{55BB64EC-2EDC-47EB-8ECA-30F8F8F3BD59}] => (Allow) LPort=9009
FirewallRules: [{A73D8F82-E203-4943-9274-7A2F72FB2C7A}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{68AC0099-9881-45D0-B2D9-ABF26FD4B350}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe (Focus Home Interactive -> Focus Home Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{6666A672-8D84-4AC9-B4E1-FB0ABA950E00}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe (Focus Home Interactive -> Focus Home Interactive) [Datei ist nicht signiert]
FirewallRules: [{8423AC61-EF99-49B1-9750-C1B3F6F6CE8A}] => (Allow) LPort=9009
FirewallRules: [{23F1FCF6-D340-4C7F-9A6F-D95F60383A9C}] => (Allow) LPort=9009
FirewallRules: [{4A6CF62E-A374-46CC-81BD-2A1D8B6BE888}] => (Allow) LPort=9009
FirewallRules: [{0E762191-4784-4B9B-AD14-8880ECF23EFE}] => (Allow) LPort=9009
FirewallRules: [{4FECC383-A40A-4AA9-BE82-C59619A370C9}] => (Allow) LPort=9009
FirewallRules: [{7FAA19FA-AB6A-47E1-9A83-F95DEB13A8DE}] => (Allow) LPort=9009
FirewallRules: [{64FC1124-B27C-474A-8240-0C8C5E57C0F9}] => (Allow) LPort=9009
FirewallRules: [{3838EDAA-0AB3-4C64-AA02-8EF5CCF57FF4}] => (Allow) LPort=9009
FirewallRules: [{7321BAE3-5279-4D84-9610-C887763C5789}] => (Allow) LPort=9009
FirewallRules: [{C18C1CE6-3C94-4FB2-8677-DA1B98781729}] => (Allow) LPort=9009
FirewallRules: [{DB9FB736-7271-42F1-9A19-7EF4F35004CC}] => (Allow) LPort=9009
FirewallRules: [{8B8F9B53-6D76-44B0-BE8D-07F2270C5231}] => (Allow) LPort=9009
FirewallRules: [{EB0F0988-50AF-47AE-A132-581E29BDFB74}] => (Allow) LPort=9009
FirewallRules: [{09ABCFFD-E654-4863-91A7-CE227CEE67F4}] => (Allow) LPort=9009
FirewallRules: [{59362B8C-B63A-4A98-9866-4521F6D1F8E1}] => (Allow) LPort=9009
FirewallRules: [{CDF246BE-D52A-4BB3-9026-D9BE252CE1D5}] => (Allow) LPort=9009
FirewallRules: [{26FAC9F2-0943-4189-AA21-96794B2D7AA3}] => (Allow) LPort=9009
FirewallRules: [{2271A30C-FF29-40D1-A7ED-738FED189A3D}] => (Allow) LPort=9009
FirewallRules: [{E8304080-290B-4617-BEA2-D55A0AEDE061}] => (Allow) LPort=9009
FirewallRules: [{51DA6998-7245-4E88-9A56-133C5B3EA00C}] => (Allow) LPort=9009
FirewallRules: [{35B9EF1D-D0EE-4943-AB6E-72A808688AEF}] => (Allow) LPort=9009
FirewallRules: [{4E2DF05E-A687-4151-8D16-D9AB53B9BD15}] => (Allow) LPort=9009
FirewallRules: [{3A320DA6-F912-4BFD-9707-23B2B11A84C8}] => (Allow) LPort=9009
FirewallRules: [{9984CACD-8722-4B4C-B1DA-11C721DEDF47}] => (Allow) LPort=9009
FirewallRules: [{32777281-C16F-49E4-9A3E-701C8217457B}] => (Allow) LPort=9009
FirewallRules: [{34B503B2-F927-4F88-BEBB-F0B96AE1C509}] => (Allow) LPort=9009
FirewallRules: [{BBDA2AA3-D30A-457A-AB0F-711DA960A60B}] => (Allow) LPort=9009
FirewallRules: [{12605487-706C-4A72-BC94-E80EBF4AAF28}] => (Allow) LPort=9009
FirewallRules: [{E4FB5E86-94A6-4F5B-A384-FC9908DE3B5E}] => (Allow) LPort=9009
FirewallRules: [{B46BBFF9-7472-4B08-9610-97AE3165D0B9}] => (Allow) LPort=9009
FirewallRules: [{AEB75F9E-16D9-4742-B600-2D32FDE8EB5D}] => (Allow) LPort=9009
FirewallRules: [{E66859C3-FD3D-4924-9E80-213AFA364A4C}] => (Allow) G:\Programme\Uplay\Tom Clancy's The Division\TheDivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{AF357AE8-BC03-45B0-BECE-CDF254A86EF5}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{77F09BE0-845B-47AA-9824-EDF96A67788D}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{E50D1F95-3391-4B8D-AF5A-CE0EF2D76C22}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9DE3BFB7-4066-4458-BF82-A0243E23C031}] => (Allow) LPort=9009
FirewallRules: [{4000C567-593B-4444-86F1-5E5F982FA105}] => (Allow) LPort=9009
FirewallRules: [{D2C949DA-8081-4F46-B782-2710E335F9A6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{715084A9-3B08-4B5F-8780-BB62BF73D198}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0F109C04-2AD2-4D0C-BF4F-076C686BADFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B10A27C3-5699-4820-AD43-5DD38AC6C2B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{2E6A6070-CCAA-4D83-AD54-64E3807CF8D6}H:\programme\uplay\games\far cry 3\bin\farcry3.exe] => (Allow) H:\programme\uplay\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{E56AFF91-3832-4A59-97F1-585242CE710C}H:\programme\uplay\games\far cry 3\bin\farcry3.exe] => (Allow) H:\programme\uplay\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{290A0F71-7DB1-4C65-A87C-98C2EE42984D}] => (Allow) LPort=9009
FirewallRules: [{350BD6AF-9EAC-4C89-B91D-3D17F6D47DF6}] => (Allow) LPort=9009
FirewallRules: [{4A74DA9F-7EEB-400A-B3C4-B7F5813C70A7}] => (Allow) LPort=9009
FirewallRules: [{BEF1DFA3-B825-4095-A67F-D60864226C19}] => (Allow) LPort=9009
FirewallRules: [{3F4F6B64-901A-4B25-A468-933AE8507EB4}] => (Allow) LPort=9009
FirewallRules: [{84613B71-181C-452F-9D00-FC53A6FCA31A}] => (Allow) LPort=9009
FirewallRules: [{BE45E5F6-7D71-49CB-B397-5D94566B33E9}] => (Allow) LPort=9009
FirewallRules: [{4A8C8987-CF43-4A57-87FD-4E57785D198A}] => (Allow) LPort=9009
FirewallRules: [{74C2CC5F-B2F4-4DDB-B72F-1375AC1384DC}] => (Allow) LPort=9009
FirewallRules: [{8B411965-2AD6-4417-9959-B62A7EB5D536}] => (Allow) LPort=9009
FirewallRules: [{933EA8E6-CCE8-44B7-A944-BC63F2ED99A2}] => (Allow) LPort=9009
FirewallRules: [{7478E4D0-0C93-4335-A355-A0018E660F60}] => (Allow) LPort=9009
FirewallRules: [{0543F3AC-07FB-41C1-BE36-EA297CFD3258}] => (Allow) LPort=9009
FirewallRules: [{263E2E95-A836-46BB-9A1D-E14C5586B83B}] => (Allow) LPort=9009
FirewallRules: [{5207F52F-EA83-49A3-892A-4FDE46C054AE}] => (Allow) LPort=9009
FirewallRules: [{133B78F4-D967-434D-8AA3-0C4B9C5C6155}] => (Allow) LPort=9009
FirewallRules: [{2269EC4F-4351-4123-B082-BE1878E02837}] => (Allow) LPort=9009
FirewallRules: [{9B45757D-38B2-42EE-B25A-71F52AD796C2}] => (Allow) LPort=9009
FirewallRules: [{75A4087C-E563-4D0C-BE60-23630E43E14D}] => (Allow) LPort=9009
FirewallRules: [{B6F06ACE-1105-46BB-BF21-DA188A49E134}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3F9DE2F1-CA4E-4A33-BE9C-556A650C4FD9}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5FD4D251-712B-43BD-9FCC-AB1A942FA6A1}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{89CB9AD8-FED3-43B2-B285-836A7495805A}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C60C5437-4AA9-4558-BEE2-BDA2200AC77A}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8007968-D965-461D-A9F5-5BE9A48339EF}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AE129111-D405-483C-A43B-D7CC4F8BC550}] => (Allow) LPort=9009
FirewallRules: [{2BB73D0F-A28A-4629-97BC-F7FE2F91492A}] => (Allow) LPort=9009
FirewallRules: [{77F7029E-5DCF-4924-94D9-4C69E885973D}] => (Allow) LPort=9009
FirewallRules: [{0A74855A-7364-4283-B408-C6886CEA9A3B}] => (Allow) LPort=9009
FirewallRules: [{119A234C-0970-4EBD-A866-F675EDE4AD79}] => (Allow) LPort=9009
FirewallRules: [{7F59DC3F-D8CA-44E9-8B27-B93CAAFF1978}] => (Allow) LPort=9009
FirewallRules: [{0CA452AA-CCB6-4648-8DCF-A95F1C277B85}] => (Allow) LPort=9009
FirewallRules: [{8D6AE2D4-FDAA-4DA8-AFA5-CB78C1F54278}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{CFB02508-51DD-4E0E-8A27-92D516143BF9}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe (Daybreak Game Company, LLC.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{88B41455-C7B7-4CE1-BC17-D9D8CEF77A8F}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe (Daybreak Game Company, LLC.) [Datei ist nicht signiert]
FirewallRules: [{CD26041B-8C5B-478A-94BE-E7F46A9CD02B}] => (Allow) LPort=9009
FirewallRules: [{59F2FD82-6BD0-4139-B874-7786F3222AA7}] => (Allow) LPort=9009
FirewallRules: [{3AC845A9-026F-4A02-BAF2-F9A7A36A906E}] => (Allow) LPort=9009
FirewallRules: [{3C381993-E7FB-45E1-92E7-E1B39F25D249}] => (Allow) LPort=9009
FirewallRules: [{387988D9-766F-4F3B-9ACB-D83BFC009280}] => (Allow) LPort=9009
FirewallRules: [{17EDAB59-8FAE-4CAC-B3A0-8B61DB44A5DA}] => (Allow) LPort=9009
FirewallRules: [{16A61BCE-69A5-41A7-9112-EB1BEF2459AA}] => (Allow) LPort=9009
FirewallRules: [{D0B2F476-A286-4D72-8277-9F48849E5DCE}] => (Allow) LPort=9009
FirewallRules: [{E3D3BC2D-89CF-4FEA-AC34-BD0FB1C1FB3F}] => (Allow) LPort=9009
FirewallRules: [{F599E881-A26A-45D1-9AD7-78148130619C}] => (Allow) LPort=9009
FirewallRules: [{BFE7515F-4EBE-4095-B3C4-425AA1C2B023}] => (Allow) LPort=9009
FirewallRules: [{74DCAE55-5ECE-478A-8C6A-735820525C5B}] => (Allow) LPort=9009
FirewallRules: [{CE44F4A0-E747-4270-8107-E059216C635F}] => (Allow) LPort=9009
FirewallRules: [{10FCB8AC-9F39-4C36-B92C-B176DAFEB1FC}] => (Allow) LPort=9009
FirewallRules: [{07389942-80F1-4123-B88F-79EE5A44E7F8}] => (Allow) LPort=9009
FirewallRules: [{AF67C518-4FDD-43BE-9120-548D932849CF}] => (Allow) LPort=9009
FirewallRules: [{1C6DF141-7D53-4D23-B713-2926E4B84C2A}] => (Allow) LPort=9009
FirewallRules: [{9DF5ADAB-A78C-4288-B7EE-DF82177F59B3}] => (Allow) LPort=9009
FirewallRules: [{54074D1C-D06B-48BB-B0B7-40EF4849A32F}] => (Allow) LPort=9009
FirewallRules: [{2EC281BA-0F4B-4832-A162-5D977E5F9869}] => (Allow) LPort=9009
FirewallRules: [{1C26207A-A8E4-425D-BA45-8FF854AC8A93}] => (Allow) LPort=9009
FirewallRules: [{04484E54-35CA-4CD2-8562-3B5E824836E4}] => (Allow) LPort=9009
FirewallRules: [{3E3FA7C2-6680-41C9-9CB6-0F45DD65BEA8}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{9A9F9476-3878-49CC-9F33-01C399BA9E8A}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{19BEFEDA-6530-4BEF-890D-8B3E67C52AAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A654C92C-F202-4402-B02B-6A3C9F1AF739}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F09514B6-1E6A-4487-A0FC-3D491B3D295E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6499315F-D645-4164-9B5E-3225EFA52C36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1342BC9F-73EA-45EA-8010-D95EA1C88D60}] => (Allow) LPort=9009
FirewallRules: [{629EFD93-35A6-465D-9455-023C587B7286}] => (Allow) LPort=9009
FirewallRules: [{4C3E6C68-643D-44E2-976C-BFD6AF83879C}] => (Allow) LPort=9009
FirewallRules: [{6D288172-E941-444A-A18C-5A01735E9554}] => (Allow) LPort=9009
FirewallRules: [{68FD928D-20E7-4559-9911-4A450FA2EBC0}] => (Allow) LPort=9009
FirewallRules: [{2584C026-7BF8-4B87-AFD8-3FB8CC57DD9F}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F608652E-A605-410E-BAD2-43FA5CFA1C82}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe] => (Allow) G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [UDP Query User{FEE53804-1CD7-4EA2-AFC6-846750D3EC76}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe] => (Allow) G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{D8A56D9E-7FEF-45BA-B9F9-E1C610676C98}C:\users\*****\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\*****\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{151EC62C-A23F-4B62-A3EB-CB86CEF63310}C:\users\*****\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\*****\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{295E8900-1F3D-4199-8804-E4E16139D308}] => (Allow) LPort=9009
FirewallRules: [{50F77767-A997-4E4B-9BB3-A7ABD9A4BA6A}] => (Allow) LPort=9009
FirewallRules: [{5BF11EAD-2B25-42E7-A719-BF214DB6160F}] => (Allow) LPort=9009
FirewallRules: [{85726FFC-5921-4D01-B508-29DE0D40AE02}] => (Allow) LPort=9009
FirewallRules: [{16863DDD-CCA1-4238-8BCD-37E2342E2B68}] => (Allow) LPort=9009
FirewallRules: [{0A707DFE-79D6-47C7-BD8D-E7D7F3210BBD}] => (Allow) LPort=9009
FirewallRules: [{7343CF5D-79DD-43C0-8907-36C42B2E86C9}] => (Allow) LPort=9009
FirewallRules: [{8FA726A7-61BE-46AE-97CB-B60C29471293}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{B5941CD9-D6B7-49F0-AF8F-CC74E054C46D}G:\program files\videolan\vlc\vlc.exe] => (Allow) G:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{45A82BE5-0D8A-4F77-A1A7-FD259C7392B2}G:\program files\videolan\vlc\vlc.exe] => (Allow) G:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{4F2987B9-E54F-437F-9DFD-281A1E1C3B46}G:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) G:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{F33D234D-9ABB-434E-ACAB-B36E95094B76}G:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) G:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B648AB0-9D5D-46C0-8E93-9202F0CD8A68}] => (Allow) LPort=9009
FirewallRules: [{0F745A3D-2648-4DAE-BD4A-689129CEFA2A}] => (Allow) LPort=9009
FirewallRules: [{2FCFCC1F-96D6-4A8C-98BA-2F904F83E2D5}] => (Allow) LPort=9009
FirewallRules: [{86F7C0F0-59DB-4B3A-B91A-8AC234D2AB57}] => (Allow) LPort=9009
FirewallRules: [{CC471296-97B6-42E9-843A-4D70F078F6FD}] => (Allow) LPort=9009
FirewallRules: [{B1409BBA-4E37-4333-8582-923CCD4B8F6A}] => (Allow) LPort=9009
FirewallRules: [{ACB11644-9D84-4B56-B781-54000F97F9C4}] => (Allow) LPort=9009
FirewallRules: [{9CA6CD96-9658-48B7-AD9E-C252EAD2BDB0}] => (Allow) LPort=9009
FirewallRules: [{1171263F-3B4D-4F31-92B1-6E00C2996E59}] => (Allow) LPort=9009
FirewallRules: [{339DE54B-0F39-4DDF-81C8-FC7B884073BC}] => (Allow) LPort=9009
FirewallRules: [{24BED14F-ACEF-4770-8337-FC704AC84BD3}] => (Allow) LPort=9009
FirewallRules: [{659FB545-E6E0-48BE-9F29-587E522B878A}] => (Allow) LPort=9009
FirewallRules: [{D8B799AF-57B3-49FF-9C5C-16BB4ADC87F6}] => (Allow) LPort=9009
FirewallRules: [{046D3204-C914-42BE-B56A-EF8AF9E48903}] => (Allow) LPort=9009
FirewallRules: [{23F29C1B-7213-4FA1-AC0A-FCB8020E1E8D}] => (Allow) LPort=9009
FirewallRules: [{DBF265BF-89D1-40AA-8EDB-CF49F29C1CD7}] => (Allow) LPort=9009
FirewallRules: [{38497A56-3196-4F86-8E1E-154F42FAA7D3}] => (Allow) LPort=9009
FirewallRules: [{78A8E1DE-41CD-4B12-88FC-D3C4ABB2BB31}] => (Allow) LPort=9009
FirewallRules: [{6C1B6F87-D969-4350-9DB7-08B8A2A55420}] => (Allow) LPort=9009
FirewallRules: [{EC77EBAF-554C-484F-B364-6F46243BA51A}] => (Allow) LPort=9009
FirewallRules: [{6F44C766-B4AC-4496-A149-1E8B8E03704A}] => (Allow) LPort=9009
FirewallRules: [{C0D74F91-3E05-4D16-AA01-5FBB01D3447D}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B6C9EBE8-8DB2-4EDA-BB19-BA910A898A53}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1F455AEB-C2EC-4821-AC7F-5B3C8E74AADF}] => (Allow) LPort=9009
FirewallRules: [{CE301B76-1CDB-4C47-8CC8-5964812A5726}] => (Allow) LPort=9009
FirewallRules: [{EE8904A4-275D-44CB-AEFA-0C97458FF105}] => (Allow) LPort=9009
FirewallRules: [{9A0F51AA-C58D-48BE-BA0A-572DE26B23D6}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [Datei ist nicht signiert]
FirewallRules: [{D020BEF7-D1FE-490F-B28A-185678BBC212}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [Datei ist nicht signiert]
FirewallRules: [{1E28815A-ECA4-437A-9A2F-B37B939AABCD}] => (Allow) LPort=9009
FirewallRules: [{646E9AE4-288F-4E98-985B-9B2649DA747E}] => (Allow) LPort=9009
FirewallRules: [{D2D0D84F-2713-4D48-97BE-49BAD0D7AC65}] => (Allow) LPort=9009
FirewallRules: [{E48051BD-EE50-4560-8952-446B1986705E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3506CE9-057A-423F-B740-69463DA6553F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7459A16F-9FB3-48D1-9DB9-C03F81F2E16A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3A5CAEE-A7A2-4239-BEE5-60DDA98BCE85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8546D42-67C4-4930-89C5-51C4F26FCDA1}] => (Allow) LPort=9009
FirewallRules: [{797DB6DE-990F-4A71-98EA-BC44E09B35E8}] => (Allow) LPort=9009
FirewallRules: [{00D52345-1403-49F2-8BC9-DA69C497FD52}] => (Allow) LPort=9009
FirewallRules: [{06598DB5-C76B-472E-8977-16F3ECD792F0}] => (Allow) LPort=9009
FirewallRules: [{BED43A43-1E1A-4537-8F06-F9F718D4EB25}] => (Allow) LPort=9009
FirewallRules: [{EA430E3D-8104-430A-9386-205BCD166483}] => (Allow) LPort=9009
FirewallRules: [{23831084-6F55-47D7-BA70-611C57C47AFD}] => (Allow) LPort=9009
FirewallRules: [{97930381-2451-46F2-8BE4-EBD7D24DB8F9}] => (Allow) LPort=9009
FirewallRules: [{2E2DF32B-C6D1-4364-A769-D3178BE1E7FA}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{C9C5ABCF-5AA4-4F84-A697-7F42C466AA45}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{016BDD9B-A569-4860-917C-AB0951818E59}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{7E9EEBB3-B284-4B0C-A4DC-736344DC2978}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{4D17AEAA-F858-4C0B-B8F8-34AB17A584B3}] => (Allow) LPort=9009
FirewallRules: [{9829E6ED-D0BC-4852-9D05-01066CFD3374}] => (Allow) LPort=9009
FirewallRules: [{182D2CEB-4845-40E4-92E8-C0383931C817}] => (Allow) LPort=9009
FirewallRules: [{8155DD57-9746-4846-BA26-CBDF93926B2E}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{40F2E5B1-7CF1-4854-AF42-1CE0155D5BD1}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6D966027-33B3-464D-9857-3D40F1877D2C}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{862F156B-60DB-4A0A-BDDC-BE25873846FC}] => (Allow) LPort=9009
FirewallRules: [{6D32D14C-1F7B-4B3A-BC9A-BA7751CE1E77}] => (Allow) LPort=9009
FirewallRules: [{1EAF73EE-F1B3-4E40-AA00-08C3459BD57A}] => (Allow) LPort=9009
FirewallRules: [{A9A16F19-6878-4356-A6F3-18D2BCFAD9DB}] => (Allow) LPort=9009
FirewallRules: [{77BD1EB1-2F04-4064-831E-40FFAC211787}] => (Allow) LPort=9009
FirewallRules: [{124C864A-F31E-4660-97A4-D564DB412703}] => (Allow) LPort=9009
FirewallRules: [{CADEAA8D-FA7F-4178-95D9-71841612D3A4}] => (Allow) G:\Programme\Uplay\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3A55B6DA-6786-4059-8F30-4FB4DA5A3345}] => (Allow) G:\Programme\Uplay\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{E6DF3F11-D621-470A-ACA7-9CBD8414951F}] => (Allow) LPort=9009
FirewallRules: [{C0F307DD-7F9F-4D8B-861F-23BA801A3ECE}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D95D2CC7-B930-4B92-97B3-935A622F8F01}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D9E3A425-38D4-44E4-A10D-27492E3C80AC}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FF6B4AD-7853-4B57-BCEA-D166B30CD6B4}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E132007-944D-4A53-A460-99376130BDCF}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Liberation HD\ac3lhd_32.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{909974B3-FA4F-4159-8484-196A6C18A110}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Liberation HD\ac3lhd_64.exe => Keine Datei
FirewallRules: [{0509F46A-5613-412A-9200-F761252C73ED}] => (Allow) LPort=9009
FirewallRules: [{703AA02F-A5AA-4D5F-9DB7-7BB8407B2931}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{9F1C4D51-EF49-4254-8A72-4CB575A32822}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{17E93FC6-DC97-416B-81A7-829F8BA7CA57}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{2E743466-C370-4A5B-9AD4-0332285BA91D}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{722CBD6E-4BCB-424F-8C33-D0ADB0E76605}] => (Allow) LPort=9009
FirewallRules: [{F0FCA94B-2DAD-4164-9C10-0E45B0803F47}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FD3AAC5E-2BC2-487C-8C2B-91792EE0E69E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E58BA1D-4BE8-421C-A119-1A6DACD770D6}] => (Allow) LPort=9009
FirewallRules: [{C088EBAE-FE2F-4A7C-909B-02D15FBC8F5F}] => (Allow) LPort=9009
FirewallRules: [{4A237A44-59C5-4F4A-9A5C-3C4626B02DBC}] => (Allow) LPort=9009
FirewallRules: [{B8797BCB-C345-4B3B-A17A-2EE6D335825E}] => (Allow) LPort=9009
FirewallRules: [{9EEDB966-BC01-4CEB-A48B-5B13F80EB056}] => (Allow) LPort=9009
FirewallRules: [{B0C52258-1F31-4AA7-B8E3-5F132240EF7C}] => (Allow) LPort=9009
FirewallRules: [{B2C82F77-17A0-4AE4-9247-49EF80A32AAE}] => (Allow) LPort=9009
FirewallRules: [{276A4A59-7174-48F5-AA3D-03A50C8AF9BF}] => (Allow) LPort=9009
FirewallRules: [{2B8F2737-5552-4C27-B5E7-5845D07C5AFB}] => (Allow) LPort=9009
FirewallRules: [{B22319EB-71F4-4854-A694-EDCFEBA84A68}] => (Allow) LPort=9009
FirewallRules: [{53CE5125-FDC2-43E6-AF58-223CAA2A4F8F}] => (Allow) LPort=9009
FirewallRules: [{C6FDECDC-7BFF-4398-8779-A9B1C976F477}] => (Allow) LPort=9009
FirewallRules: [{905132DB-173B-437D-80BE-866B249D805D}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{1970B036-0320-4B58-A5FF-3622E74BCA3D}C:\program files (x86)\tautulli\tautulli.exe] => (Allow) C:\program files (x86)\tautulli\tautulli.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{94E85D38-CF7A-431C-A846-71475413A649}C:\program files (x86)\tautulli\tautulli.exe] => (Allow) C:\program files (x86)\tautulli\tautulli.exe () [Datei ist nicht signiert]
FirewallRules: [{06760A6B-4BD9-4C8D-88E0-16A7B261DC62}] => (Allow) LPort=9009
FirewallRules: [{153D3772-D01F-4F04-8EA1-8EBFDB67F1B8}] => (Allow) LPort=9009
FirewallRules: [{9A60008D-F16F-4924-BC50-FA10EB101101}] => (Allow) LPort=9009
==================== Wiederherstellungspunkte =========================
10-12-2020 06:35:49 Windows Modules Installer
10-12-2020 06:36:59 Windows Modules Installer
11-12-2020 16:48:56 Windows Modules Installer
11-12-2020 16:59:00 Wiederherstellungsvorgang
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
|
|
11.12.2020, 22:25
| #7 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Rest vom Addition.txt Code:
ATTFilter
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/11/2020 10:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AORUS.exe, Version: 1.9.2.0, Zeitstempel: 0x5fa3b862
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.9625, Zeitstempel: 0x5db2747f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0005beae
ID des fehlerhaften Prozesses: 0x429c
Startzeit der fehlerhaften Anwendung: 0x01d6cfd97949a403
Pfad der fehlerhaften Anwendung: G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589\MSVCR90.dll
Berichtskennung: 8609782a-c7df-478f-9cb4-7a5c046d78b9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/11/2020 05:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-AUTORITÄT)
Description: Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre). Prozessname: C:\Program Files\AVG\TuneUp\TuneupSvc.exe, PID: 5672, ProfSvc PID: 2708.
Error: (12/11/2020 05:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-AUTORITÄT)
Description: Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre). Prozessname: C:\Program Files\AVG\TuneUp\TuneupSvc.exe, PID: 5672, ProfSvc PID: 2708.
Error: (12/11/2020 05:18:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5652,R,98) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU033F7.log.
Error: (12/11/2020 05:18:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.
Error: (12/11/2020 04:59:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/11/2020 04:59:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/11/2020 04:50:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.19041.662, Zeitstempel: 0x996782f8
Name des fehlerhaften Moduls: fhcfg.dll, Version: 10.0.19041.1, Zeitstempel: 0x93b89db8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023f4f
ID des fehlerhaften Prozesses: 0x2428
Startzeit der fehlerhaften Anwendung: 0x01d6cfd55bed6fe3
Pfad der fehlerhaften Anwendung: C:\WINDOWS\explorer.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\fhcfg.dll
Berichtskennung: f2851fac-2122-4db4-86cc-961a21bb0253
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/11/2020 04:25:28 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:25:28 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:23:03 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:23:03 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:16:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/11/2020 04:16:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/11/2020 04:15:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (12/11/2020 04:15:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
CodeIntegrity:
===================================
Date: 2020-12-11 18:25:18.9540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 18:24:51.5920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 18:24:51.5610000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.7090000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.7030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.6840000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:25:17.5230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:25:17.5180000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F30 04/18/2019
Hauptplatine: Gigabyte Technology Co., Ltd. AX370-Gaming K5-CF
Prozessor: AMD Ryzen 5 1600 Six-Core Processor
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 16332.29 MB
Verfügbarer physikalischer RAM: 6154.05 MB
Summe virtueller Speicher: 26572.29 MB
Verfügbarer virtueller Speicher: 10586.88 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:231.56 GB) (Free:123.41 GB) NTFS
Drive g: (HDD 2TB) (Fixed) (Total:1863.01 GB) (Free:66.31 GB) NTFS
Drive h: (HDD) (Fixed) (Total:931.51 GB) (Free:14.58 GB) NTFS
\\?\Volume{b1edee0f-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{b1edee0f-0000-0000-0000-80033a000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
11.12.2020, 22:28
| #8 |
| /// TB-Ausbilder  | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Die Logdatei FRST.txt ist unvollständig. Bitte nachreichen. |
|
11.12.2020, 22:34
| #9 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Danke Matthias für deine schnelle Antwort. Im folgenden findest du meine FRST.txt Datei. Code:
ATTFilter ==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 activate.navicat.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb096168-f090-4110-b734-6b22861b7b13}: [DhcpNameServer] 192.168.178.1
Edge:
======
Edge Profile: C:\Users\y\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-08]
Edge Extension: (IDM Integration Module) - C:\Users\y\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-11-07]
Edge HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
FireFox:
========
FF DefaultProfile: j0np2f1s.default
FF ProfilePath: C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default [2020-12-11]
FF user.js: detected! => C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default\user.js [2020-09-20]
FF ProfilePath: C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release [2020-12-11]
FF user.js: detected! => C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\user.js [2020-09-20]
FF Session Restore: Mozilla\Firefox\Profiles\ue9r639e.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\ue9r639e.default-release -> hxxps://dekom.uc.de
FF Extension: (Anti-Porno) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@porn-blocker.xpi [2020-05-29]
FF Extension: (Firefox Multi-Account Containers) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@testpilot-containers.xpi [2020-10-01]
FF Extension: (HTTPS Everywhere) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-17]
FF Extension: (Terms of Service; Didn’t Read) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi [2020-05-29]
FF Extension: (Decentraleyes) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-05]
FF Extension: (Privacy Badger) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-10-09]
FF Extension: (KeePassXC-Browser) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2020-11-08]
FF Extension: (IDM Integration Module) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2020-11-14]
FF Extension: (uBlock Origin) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (WatchDogs) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{6547f9b8-7695-4fc9-b57b-fb7aa9fec4c3}.xpi [2020-06-20]
FF Extension: (Mitaka) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{9efc0280-b125-400e-b53d-2d09d7effab4}.xpi [2020-12-04]
FF Extension: (adultblacklist) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{b4eda7b1-2bbe-4961-b336-aaad77d87a47}.xpi [2020-05-29]
FF Extension: (Avengers: Infinity War 3) - C:\Users\y\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{ef8616e0-e2f1-471b-9c47-5d09149b6d2b}.xpi [2020-05-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-04-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\y\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\y\AppData\Roaming\IDM\idmmzcc5 [2020-05-29] [] [ist nicht signiert]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\y\AppData\Local\Google\Chrome\User Data\Default [2020-12-11]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://www.google.com/","hxxp://start.iminent.com/?appId=E4B15248-E4A6-47F0-A767-40F4BA8E7F4A","hxxps://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-05-31]
CHR Extension: (YouTube) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-31]
CHR Extension: (uBlock Origin) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-11]
CHR Extension: (Adblock für Youtube™) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-11-23]
CHR Extension: (GeForce Experience Stream Client) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjljknijpnfibppaijefibndmiabonep [2020-05-31]
CHR Extension: (OkayFreedom) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2020-05-31]
CHR Extension: (Decentraleyes) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-11-15]
CHR Extension: (IDM Integration Module) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-12-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-31]
CHR Extension: (WebRTC Network Limiter) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2020-05-31]
CHR Extension: (AdFly Skipper) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2020-11-15]
CHR Extension: (Adult Blocker - Porn Adult Filter) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjjgbgnpbedmhbdoikhknhflbfkecjm [2020-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-23]
CHR Extension: (Privacy Badger) - C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-12-11]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1293072 2020-06-15] (IObit Information Technology -> IObit)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [366232 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [3096712 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8502208 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [598360 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12976336 2020-12-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2020-09-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2020-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GalaxyClientService; H:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-04] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 IObitUnSvr; G:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
R2 PDF24; G:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 PlexUpdateService; H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1425912 2020-12-01] (Plex, Inc. -> Plex, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-09-06] (Even Balance, Inc. -> )
S3 ProtonVPN Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
S3 Rockstar Service; H:\Programme\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 VMAuthdService; G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [100784 2019-05-04] (VMware, Inc. -> VMware, Inc.)
S3 VMwareHostd; G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\NisSrv.exe [2484256 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\MsMpEng.exe [103168 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [45432 2019-07-15] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2019-07-15] (IObit Information Technology -> IObit)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37216 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206472 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [332432 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [247952 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [97424 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2020-11-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42848 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [176808 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521816 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109352 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851680 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469896 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217408 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [326488 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3213176 2020-12-08] (BattlEye Innovations e.K. -> )
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1499112 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-12-11] (CPUID -> CPUID)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\WINDOWS\gdrv.sys [26792 2020-05-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-05-29] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2020-05-29] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-05-25] (IObit Information Technology -> IObit)
R3 IUProcessFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-05-25] (IObit Information Technology -> IObit)
R3 IURegistryFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2018-10-11] (Intel(R) INTELND1820 -> Intel Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNSplitTunnel; H:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166768 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U4 napagent; kein ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:09 - 2020-12-11 22:09 - 000024203 _____ C:\Users\y\Desktop\FRST.txt
2020-12-11 22:08 - 2020-12-11 22:06 - 002288640 _____ (Farbar) C:\Users\y\Desktop\FRST64.exe
2020-12-11 22:07 - 2020-12-11 22:09 - 000000000 ____D C:\FRST
2020-12-11 18:24 - 2020-12-11 18:43 - 000000000 ____D C:\Users\y\AppData\LocalLow\IGDump
2020-12-11 18:24 - 2020-12-11 18:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\Users\y\AppData\Local\mbam
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-11 18:23 - 2020-12-11 18:23 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-11 17:23 - 2020-12-11 17:23 - 000003906 _____ C:\Users\y\Desktop\Tiefenscan1.txt
2020-12-11 17:18 - 2020-12-11 21:19 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-12-11 17:18 - 2020-11-24 17:25 - 000340104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-12-11 16:47 - 2020-12-11 16:47 - 109768704 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 005103616 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000868352 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000143360 _____ C:\WINDOWS\system32\config\SAM.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2020-12-11 13:13 - 2020-12-11 13:13 - 000000000 ____D C:\Users\y\AppData\Roaming\INNOTREND COMMERCE HK LIMITED
2020-12-09 18:30 - 2020-12-11 17:18 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2020-12-09 18:27 - 2020-12-09 18:27 - 000373776 _____ C:\WINDOWS\system32\vp9fs.dll
2020-12-09 18:23 - 2020-12-04 04:05 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-09 18:23 - 2020-12-04 04:05 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001453296 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000679664 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000608496 _____ C:\WINDOWS\system32\nvml.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001511664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000684784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-12-09 18:22 - 2020-12-05 04:24 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 004611312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-12-09 18:22 - 2020-12-05 04:22 - 007113064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-12-09 18:22 - 2020-12-04 04:05 - 000084008 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tautulli
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Program Files (x86)\Tautulli
2020-12-09 16:16 - 2020-12-09 16:16 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-06 13:43 - 2020-12-06 13:43 - 000000000 ____D C:\Users\y\AppData\Roaming\Bungie
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\Users\y\AppData\Local\GOG.com
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-12-05 12:54 - 2020-12-05 12:54 - 000000000 ____D C:\ProgramData\GOG.com
2020-12-05 12:15 - 2020-12-05 12:15 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2020-12-05 12:15 - 2020-12-05 12:15 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-12-05 12:14 - 2020-12-05 12:14 - 000000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2020-12-05 12:13 - 2020-12-05 12:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-05 12:13 - 2020-12-05 12:13 - 000001600 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2020-12-05 12:13 - 2020-12-05 12:13 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2020-12-02 19:58 - 2020-11-23 14:45 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-12-02 19:51 - 2020-12-02 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-11-28 22:33 - 2020-11-28 22:33 - 000000000 ____D C:\Users\y\AppData\Local\My Games
2020-11-28 21:28 - 2020-11-28 21:28 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2020-11-28 19:03 - 2020-11-28 19:03 - 000000234 _____ C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch Dogs Legion.url
2020-11-28 16:33 - 2020-11-28 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2020-11-26 22:56 - 2020-11-26 22:56 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2020-11-25 19:20 - 2020-11-25 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2020-11-25 13:56 - 2020-12-09 20:09 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 17:25 - 2020-11-24 17:25 - 000851680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000521816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000469896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000332432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000217408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000206472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000176808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000109352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000037216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\y\AppData\Local\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Program Files (x86)\Raspberry Pi Imager
2020-11-21 12:06 - 2020-11-21 12:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-20 22:36 - 2020-11-22 09:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Users\y\AppData\Roaming\Proton Technologies AG
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-11-18 20:03 - 2020-12-09 20:09 - 000002158 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2020-11-18 20:03 - 2020-11-18 20:03 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-11-18 20:02 - 2020-11-18 20:03 - 000000000 ____D C:\Program Files\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\system32\Npcap
2020-11-18 20:00 - 2020-11-18 20:00 - 000000000 ____D C:\Users\y\AppData\Roaming\Wireshark
2020-11-15 12:21 - 2020-11-15 12:21 - 000000000 ____D C:\Users\y\AppData\Local\FLiNGTrainer
2020-11-14 15:07 - 2020-11-14 15:07 - 000000000 ____D C:\Users\y\AppData\Roaming\EasyAntiCheat
2020-11-13 18:10 - 2020-11-13 18:10 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-11 18:00 - 2020-12-09 20:09 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1004
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:07 - 2020-05-29 21:29 - 000000000 ____D C:\Users\y\AppData\Local\CrashDumps
2020-12-11 21:59 - 2020-05-29 19:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-11 18:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-11 18:23 - 2020-05-29 20:06 - 000000000 ____D C:\Users\y\AppData\Roaming\IDM
2020-12-11 18:22 - 2020-07-12 18:33 - 000007597 _____ C:\Users\y\AppData\Local\Resmon.ResmonCfg
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-11 17:28 - 2020-11-01 16:05 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-11 17:27 - 2020-05-29 19:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-11 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 17:25 - 2020-05-29 19:21 - 001731070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 17:25 - 2019-12-07 15:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat
2020-12-11 17:25 - 2019-12-07 15:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat
2020-12-11 17:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-11 17:21 - 2020-05-29 19:36 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-11 17:20 - 2020-07-03 15:42 - 000000000 ____D C:\Users\y\AppData\Local\Tautulli
2020-12-11 17:20 - 2020-05-29 19:36 - 000000000 ____D C:\Users\y\AppData\LocalLow\Mozilla
2020-12-11 17:19 - 2020-05-29 20:14 - 000000000 ____D C:\Users\y\AppData\Local\Plex Media Server
2020-12-11 17:19 - 2020-05-29 19:40 - 000000000 ____D C:\ProgramData\AVG
2020-12-11 17:18 - 2020-08-29 08:06 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-11 17:18 - 2020-05-31 15:30 - 000000000 ____D C:\ProgramData\VMware
2020-12-11 17:18 - 2020-05-29 19:21 - 000000000 ____D C:\Users\y
2020-12-11 17:18 - 2020-05-29 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-11 17:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-11 17:16 - 2020-09-27 10:19 - 000000000 ____D C:\Users\y\AppData\Local\WhatsApp
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\TAP-Windows
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\OpenVPN
2020-12-11 17:16 - 2020-05-31 22:28 - 000000000 ____D C:\Users\y\AppData\Local\WeMod
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\ProductData
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\IObit
2020-12-11 17:16 - 2020-05-29 21:05 - 000000000 ____D C:\Users\y\AppData\Roaming\vlc
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-11 17:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-11 17:15 - 2020-05-30 10:37 - 000000000 ____D C:\Users\y\AppData\Roaming\IObit
2020-12-11 17:15 - 2020-05-30 10:36 - 000000000 ____D C:\Users\y\AppData\LocalLow\IObit
2020-12-11 17:15 - 2020-05-30 00:23 - 000000000 ____D C:\Users\y\AppData\Local\cFos
2020-12-11 17:15 - 2020-05-29 21:28 - 000000000 ____D C:\Users\y\AppData\Roaming\discord
2020-12-11 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2020-12-11 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-12-11 17:02 - 2020-05-29 21:28 - 000000000 ____D C:\Users\y\AppData\Roaming\WhatsApp
2020-12-11 17:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-11 16:59 - 2020-05-29 20:06 - 000000000 ____D C:\Users\y\AppData\Roaming\DMCache
2020-12-11 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 16:15 - 2020-05-30 00:46 - 000000000 ____D C:\Users\y\AppData\Local\ElevatedDiagnostics
2020-12-11 15:35 - 2020-05-30 10:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-11 12:58 - 2020-10-23 17:34 - 000000000 ____D C:\Users\y\AppData\Local\RealVNC
2020-12-11 12:58 - 2020-05-29 19:25 - 000000000 ____D C:\Users\y\AppData\Local\PlaceholderTileLogoFolder
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 20:09 - 2020-11-08 11:35 - 000002578 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2020-12-09 20:09 - 2020-11-08 11:35 - 000002542 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2020-12-09 20:09 - 2020-11-01 16:36 - 000002568 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-12-09 20:09 - 2020-11-01 16:04 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-09 20:09 - 2020-11-01 16:04 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-09 20:09 - 2020-10-29 19:21 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 18:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1001
2020-12-09 20:09 - 2020-10-14 18:46 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-09 20:09 - 2020-09-09 15:28 - 000002460 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2020-12-09 20:09 - 2020-09-09 15:28 - 000002350 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_y
2020-12-09 20:09 - 2020-05-30 12:34 - 000002402 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_y
2020-12-09 20:09 - 2020-05-29 21:01 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-09 20:09 - 2020-05-29 19:42 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-09 20:09 - 2020-05-29 19:42 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-09 20:09 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-09 19:30 - 2020-05-29 19:45 - 000000000 ____D C:\Users\y\AppData\Local\D3DSCache
2020-12-09 18:59 - 2020-05-29 21:31 - 000000000 ____D C:\Users\y\AppData\Local\NVIDIA
2020-12-09 18:49 - 2020-07-12 18:05 - 000000000 ____D C:\Users\y\AppData\Local\KeePassXC
2020-12-09 18:45 - 2020-05-31 15:31 - 000000000 ____D C:\Users\y\AppData\Local\VMware
2020-12-09 18:44 - 2020-05-31 15:31 - 000000000 ____D C:\Users\y\AppData\Roaming\VMware
2020-12-09 18:37 - 2020-05-29 19:23 - 000000000 ____D C:\Users\y\AppData\Local\Packages
2020-12-09 18:35 - 2020-05-31 16:10 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-12-09 17:23 - 2020-06-21 15:42 - 000000128 _____ C:\Users\y\AppData\Local\PUTTY.RND
2020-12-09 16:59 - 2020-05-29 21:59 - 000000000 ____D C:\Users\y\AppData\Local\Ubisoft Game Launcher
2020-12-09 16:13 - 2020-05-29 21:28 - 000000000 ____D C:\Users\y\AppData\Local\Discord
2020-12-06 20:22 - 2020-06-07 18:59 - 000000000 ____D C:\Users\y\AppData\Roaming\HuBBa
2020-12-06 14:16 - 2020-05-30 13:49 - 000000000 ____D C:\Users\y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-05 19:52 - 2020-05-29 20:33 - 000000000 ____D C:\Users\y\AppData\Local\EpicGamesLauncher
2020-12-05 19:43 - 2020-10-17 10:24 - 005302184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-05 12:57 - 2020-05-30 00:40 - 000000000 ____D C:\Users\y\AppData\Local\Adobe
2020-12-05 12:46 - 2020-05-29 19:23 - 000000000 ____D C:\Users\y\AppData\Roaming\Adobe
2020-12-05 12:15 - 2020-05-30 00:42 - 000000000 ____D C:\ProgramData\Adobe
2020-12-05 12:13 - 2020-05-30 00:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-04 21:40 - 2020-05-29 21:27 - 000000000 ____D C:\Users\y\AppData\Local\SquirrelTemp
2020-12-04 15:34 - 2020-05-30 11:42 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-04 15:34 - 2020-05-29 19:43 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 19:51 - 2020-05-29 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 22:32 - 2020-06-07 19:37 - 000000000 ____D C:\Users\y\AppData\Local\BattlEye
2020-11-28 21:28 - 2020-09-06 12:42 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-25 17:33 - 2020-07-04 09:26 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-11-25 17:33 - 2020-05-29 19:47 - 000000000 ____D C:\Users\y\AppData\Roaming\Notepad++
2020-11-25 16:22 - 2020-09-20 10:56 - 000134792 _____ (AVG Technologies) C:\WINDOWS\system32\icarus_rvrt.exe
2020-11-22 20:25 - 2020-06-21 20:33 - 000000000 ____D C:\Users\y\AppData\Roaming\.minecraft
2020-11-22 09:47 - 2020-05-29 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 16:07 - 2020-10-23 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2020-11-21 16:04 - 2020-05-31 11:52 - 000000000 ____D C:\Users\y\AppData\Local\cache
2020-11-21 12:06 - 2020-05-29 19:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-20 20:06 - 2020-05-31 12:32 - 000000000 ____D C:\ProgramData\ProtonVPN
2020-11-20 20:03 - 2020-05-30 02:57 - 000000000 ____D C:\Users\y\AppData\Local\ProtonVPN
2020-11-17 07:02 - 2020-05-29 21:31 - 000000000 ____D C:\Users\y\AppData\Local\NVIDIA Corporation
2020-11-17 07:02 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\Packages
2020-11-15 20:28 - 2020-05-31 22:29 - 000000000 ____D C:\Users\y\AppData\Roaming\WeMod
2020-11-14 18:09 - 2020-06-06 11:07 - 000000000 ____D C:\Users\y\AppData\Local\GameCenter
2020-11-14 11:12 - 2020-05-29 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-14 11:10 - 2020-05-29 19:25 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-13 18:45 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-13 18:09 - 2020-05-29 19:16 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-10-27 21:46 - 2020-10-27 21:46 - 000004682 _____ () C:\Users\y\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-21 15:42 - 2020-12-09 17:23 - 000000128 _____ () C:\Users\y\AppData\Local\PUTTY.RND
2020-07-12 18:33 - 2020-12-11 18:22 - 000007597 _____ () C:\Users\y\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
11.12.2020, 22:50
| #10 |
| /// TB-Ausbilder | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Die FRST.txt ist wieder unvollständig... es fehlt der komplette obere Teil. Starte den Rechner neu und führe einen neuen Suchlauf mit FRST aus. Poste beide Logdateien erneut. |
|
11.12.2020, 23:10
| #11 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
durchgeführt von ***** (Administrator) auf FRIDAY (Gigabyte Technology Co., Ltd. AX370-Gaming K5) (11-12-2020 23:00:22)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: *****
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Tautulli.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <2>
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(DroidMonkey Apps, LLC -> ) G:\Program Files\KeePassXC\keepassxc-proxy.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(geek software GmbH -> geek software GmbH) G:\Program Files (x86)\PDF24\pdf24.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG Sp. z o.o. -> GOG.com) H:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) H:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) H:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) G:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Plex, Inc. -> ) H:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) H:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation -> Python Software Foundation) H:\Program Files (x86)\GOG Galaxy\python\python.exe <6>
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) G:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) G:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) G:\Program Files (x86)\TeamViewer\tv_x64.exe
(Tonec Inc. -> Tonec Inc.) [Datei ist nicht signiert] H:\Program Files (x86)\Internet Download Manager\IDMan.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [165000 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1563480 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082160 2020-05-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [2614832 2020-12-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [RazerCortex] => G:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [vmware-tray.exe] => G:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710776 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => G:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [Plex Media Server] => H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [EpicGamesLauncher] => G:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32710544 2020-12-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [CCleaner Smart Cleaning] => G:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [Discord] => C:\Users\*****\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2347880 2020-06-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3637008 2020-06-19] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [IDMan] => H:\Program Files (x86)\Internet Download Manager\IDMan.exe [5451576 2020-05-02] (Tonec Inc. -> Tonec Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [35C0DD69A13B47FAAE527F030D7053F7FAB3A98B._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [GogGalaxy] => H:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14848584 2020-12-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Run: [Tautulli] => C:\Program Files (x86)\Tautulli\Tautulli.exe [6679526 2020-12-05] () [Datei ist nicht signiert]
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [Plex Media Server] => H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-05-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2020-11-08]
ShortcutTarget: AORUS ENGINE.lnk -> G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [Datei ist nicht signiert]
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dateien (RP-AC68U-D764) (Z) [2020-05-29] ()
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0289AC85-3E9C-4F4F-B45F-1D446CF7A583} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33903328 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {0999DF21-4411-4E22-96ED-9DCC0F5959DC} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [426208 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {0C513286-FD2D-47F9-8161-6425F043E319} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\*****\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {0EA88F2F-3AEB-48CB-AF24-8596C36C05A5} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15792 2019-02-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {0FFC6FF0-69E7-4402-8B32-D067D6451503} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [227328 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {133AE18C-287D-4906-85CA-6659A67841CD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {179DD872-40A8-4179-8343-363836A32CE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-05-29] (Google Inc -> Google LLC)
Task: {203C6F4E-E2FD-4A19-A581-ED205C8A8A7F} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\*****\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [449536 2020-06-11] (Microsoft Windows -> Microsoft Corporation)
Task: {21AAB9C0-50CC-4522-98F9-80BD0C7098FF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2330DB4A-F536-4191-B579-3A5AB3D8CC39} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {26F36D28-AF82-48A0-872B-5D4581E5B6E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {28030DB9-BD8D-465F-B474-67EAE34E8474} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {3D3F1FB9-E8B9-460D-9340-B6B0BBF794F2} - System32\Tasks\ASC_SkipUac_***** => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8951568 2020-08-09] (IObit Information Technology -> IObit)
Task: {3EDFC92D-179C-4935-944A-5D00A768924D} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [5495432 2020-11-25] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {51AA188B-8CC5-4552-AA04-321FF47C5365} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18144 2020-02-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {64755257-4591-4988-B924-0027D28A76BB} - System32\Tasks\Uninstaller_SkipUac_***** => G:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6044432 2020-05-25] (IObit Information Technology -> IObit)
Task: {6B7CB13F-5063-4DE5-9BCD-5A966294B5F1} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Datei ist nicht signiert]
Task: {770CED39-FEEF-407C-8F8A-FFFD576F86FA} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\*****\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {7B906A4E-51A2-43C5-9E4A-FA1FEBE5D6C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80919B4B-AFF7-4B95-A34C-D2F802F1A5AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-05-29] (Google Inc -> Google LLC)
Task: {8BDD3AB6-72CC-4398-9A5C-74CE8D1D822A} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3136980708-3557880529-3186569697-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-14] (Microsoft Windows -> )
Task: {8EC653C4-4C2B-466C-AA62-EB08AC432AA0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4665480 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {9359A8BF-5762-419D-A71D-39629AE0FB61} - System32\Tasks\CCleaner Update => G:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95085B74-4291-4747-A0BC-CC8F8E288565} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A13AA8-5988-4925-B3D7-6D29F5997935} - System32\Tasks\CCleanerSkipUAC => G:\Program Files\CCleaner\CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B55094D-AA1B-4036-8CDD-8B92CED620E6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CB5A898-840E-4A19-8445-1BEDFEC26AB3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1431C1A-3C24-4195-9054-3571481D7E16} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8BECF4D-A8B0-4285-8138-0AE94817C9C8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1FB5E7C-0D80-4DCE-8D23-AF9D93F34295} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B434060D-9504-4627-B495-0EF159572A3D} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\mozilla firefox\firefox.exe -osint -url "hxxp://localhost:1487/cfosspeed/pingstat.htm"
Task: {BFB520AE-0843-416F-AE74-F9D7C296E824} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3183888 2020-06-01] (IObit Information Technology -> IObit)
Task: {BFC87559-4A15-47EB-BED8-3A70AD3CE014} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3C15CE6-3BC7-4370-8D2C-68331913FF2F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C977D54C-FE1E-4D00-BDC8-9192E620EF26} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {D006FA77-20F5-4E27-911A-361EBFA4F537} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {DD4A5077-6315-4893-8190-C355CADAC9A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {DEA35F7B-DCEE-42BD-8353-649C20205EF0} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [245760 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {EB3B346B-EF0C-43E0-B520-6925FE7C5A22} - System32\Tasks\AVG\AVG TuneUp Update BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [2812664 2020-12-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 451e9b39-5e60-4034-a6d2-4ad3b45df07f
Task: {ECEFDF88-ED43-4C43-99A8-1B17BCE9F472} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F09E62EC-EE80-41BB-97E3-A1128FEEB92E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FB96D000-781A-4993-BBD3-24537046221D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 activate.navicat.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb096168-f090-4110-b734-6b22861b7b13}: [DhcpNameServer] 192.168.178.1
Edge:
======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-08]
Edge Extension: (IDM Integration Module) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-11-07]
Edge HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
FireFox:
========
FF DefaultProfile: j0np2f1s.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default [2020-12-11]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\j0np2f1s.default\user.js [2020-09-20]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release [2020-12-11]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\user.js [2020-09-20]
FF Session Restore: Mozilla\Firefox\Profiles\ue9r639e.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\ue9r639e.default-release -> hxxps://dekom.uc.de
FF Extension: (Anti-Porno) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@porn-blocker.xpi [2020-05-29]
FF Extension: (Firefox Multi-Account Containers) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\@testpilot-containers.xpi [2020-10-01]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-17]
FF Extension: (Terms of Service; Didn’t Read) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi [2020-05-29]
FF Extension: (Decentraleyes) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-11-05]
FF Extension: (Privacy Badger) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-10-09]
FF Extension: (KeePassXC-Browser) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2020-11-08]
FF Extension: (IDM Integration Module) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2020-11-14]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (WatchDogs) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{6547f9b8-7695-4fc9-b57b-fb7aa9fec4c3}.xpi [2020-06-20]
FF Extension: (Mitaka) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{9efc0280-b125-400e-b53d-2d09d7effab4}.xpi [2020-12-04]
FF Extension: (adultblacklist) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{b4eda7b1-2bbe-4961-b336-aaad77d87a47}.xpi [2020-05-29]
FF Extension: (Avengers: Infinity War 3) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ue9r639e.default-release\Extensions\{ef8616e0-e2f1-471b-9c47-5d09149b6d2b}.xpi [2020-05-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - H:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-04-29]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\*****\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\*****\AppData\Roaming\IDM\idmmzcc5 [2020-05-29] [] [ist nicht signiert]
FF HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - H:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> G:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2020-12-11]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://www.google.com/","hxxp://start.iminent.com/?appId=E4B15248-E4A6-47F0-A767-40F4BA8E7F4A","hxxps://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-05-31]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-31]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-11]
CHR Extension: (Adblock für Youtube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-11-23]
CHR Extension: (GeForce Experience Stream Client) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjljknijpnfibppaijefibndmiabonep [2020-05-31]
CHR Extension: (OkayFreedom) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2020-05-31]
CHR Extension: (Decentraleyes) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-11-15]
CHR Extension: (IDM Integration Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-12-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-31]
CHR Extension: (WebRTC Network Limiter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2020-05-31]
CHR Extension: (AdFly Skipper) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2020-11-15]
CHR Extension: (Adult Blocker - Porn Adult Filter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjjgbgnpbedmhbdoikhknhflbfkecjm [2020-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-23]
CHR Extension: (Privacy Badger) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-12-11]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - H:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1293072 2020-06-15] (IObit Information Technology -> IObit)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [366232 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [3096712 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8502208 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [598360 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12976336 2020-12-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2020-09-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2020-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GalaxyClientService; H:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-04] (GOG Sp. z o.o. -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-04-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 IObitUnSvr; G:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
R2 PDF24; G:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 PlexUpdateService; H:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1425912 2020-12-01] (Plex, Inc. -> Plex, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-09-06] (Even Balance, Inc. -> )
S3 ProtonVPN Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; H:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
S3 Rockstar Service; H:\Programme\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; G:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 VMAuthdService; G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [100784 2019-05-04] (VMware, Inc. -> VMware, Inc.)
S3 VMwareHostd; G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\NisSrv.exe [2484256 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.4-0\MsMpEng.exe [103168 2020-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [45432 2019-07-15] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2019-07-15] (IObit Information Technology -> IObit)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37216 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206472 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [332432 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [247952 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [97424 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2020-11-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42848 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [176808 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521816 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109352 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851680 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469896 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217408 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [326488 2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3213176 2020-12-08] (BattlEye Innovations e.K. -> )
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1499112 2016-10-21] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-12-11] (CPUID -> CPUID)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\WINDOWS\gdrv.sys [26792 2020-05-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-05-29] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2020-05-29] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-05-25] (IObit Information Technology -> IObit)
R3 IUProcessFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-05-25] (IObit Information Technology -> IObit)
R3 IURegistryFilter; G:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-05-25] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2020-12-11] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2018-10-11] (Intel(R) INTELND1820 -> Intel Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNSplitTunnel; H:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166768 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U4 napagent; kein ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:10 - 2020-12-11 22:15 - 000127223 _____ C:\Users\*****\Desktop\Addition.txt
2020-12-11 22:09 - 2020-12-11 23:02 - 000049753 _____ C:\Users\*****\Desktop\FRST.txt
2020-12-11 22:08 - 2020-12-11 22:06 - 002288640 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2020-12-11 22:07 - 2020-12-11 23:01 - 000000000 ____D C:\FRST
2020-12-11 18:24 - 2020-12-11 18:43 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2020-12-11 18:24 - 2020-12-11 18:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 18:24 - 2020-12-11 18:24 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000002029 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\Users\*****\AppData\Local\mbam
2020-12-11 18:24 - 2020-12-11 18:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-11 18:23 - 2020-12-11 18:23 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-11 17:23 - 2020-12-11 17:23 - 000003906 _____ C:\Users\*****\Desktop\Tiefenscan1.txt
2020-12-11 17:18 - 2020-12-11 21:19 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-12-11 17:18 - 2020-11-24 17:25 - 000340104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-12-11 16:47 - 2020-12-11 16:47 - 109768704 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 005103616 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000868352 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000143360 _____ C:\WINDOWS\system32\config\SAM.iobit
2020-12-11 16:47 - 2020-12-11 16:47 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2020-12-11 13:13 - 2020-12-11 13:13 - 000000000 ____D C:\Users\*****\AppData\Roaming\INNOTREND COMMERCE HK LIMITED
2020-12-09 18:30 - 2020-12-11 17:18 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2020-12-09 18:27 - 2020-12-09 18:27 - 000373776 _____ C:\WINDOWS\system32\vp9fs.dll
2020-12-09 18:23 - 2020-12-04 04:05 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-09 18:23 - 2020-12-04 04:05 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001453296 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-09 18:22 - 2020-12-05 04:27 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-09 18:22 - 2020-12-05 04:27 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000679664 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000608496 _____ C:\WINDOWS\system32\nvml.dll
2020-12-09 18:22 - 2020-12-05 04:25 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001511664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000684784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-12-09 18:22 - 2020-12-05 04:24 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-09 18:22 - 2020-12-05 04:24 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 004611312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-09 18:22 - 2020-12-05 04:23 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-12-09 18:22 - 2020-12-05 04:22 - 007113064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-09 18:22 - 2020-12-05 04:22 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-12-09 18:22 - 2020-12-04 04:05 - 000084008 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tautulli
2020-12-09 16:28 - 2020-12-09 16:28 - 000000000 ____D C:\Program Files (x86)\Tautulli
2020-12-09 16:16 - 2020-12-09 16:16 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-06 13:43 - 2020-12-06 13:43 - 000000000 ____D C:\Users\*****\AppData\Roaming\Bungie
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\Users\*****\AppData\Local\GOG.com
2020-12-05 12:56 - 2020-12-05 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-12-05 12:54 - 2020-12-05 12:54 - 000000000 ____D C:\ProgramData\GOG.com
2020-12-05 12:15 - 2020-12-05 12:15 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2020-12-05 12:15 - 2020-12-05 12:15 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-12-05 12:14 - 2020-12-05 12:14 - 000000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2020-12-05 12:13 - 2020-12-05 12:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-05 12:13 - 2020-12-05 12:13 - 000001600 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2020-12-05 12:13 - 2020-12-05 12:13 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2020-12-02 19:58 - 2020-11-23 14:45 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-12-02 19:51 - 2020-12-02 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-11-28 22:33 - 2020-11-28 22:33 - 000000000 ____D C:\Users\*****\AppData\Local\My Games
2020-11-28 21:28 - 2020-11-28 21:28 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2020-11-28 19:03 - 2020-11-28 19:03 - 000000234 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch Dogs Legion.url
2020-11-28 16:33 - 2020-11-28 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2020-11-26 22:56 - 2020-11-26 22:56 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2020-11-25 19:20 - 2020-11-25 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2020-11-25 13:56 - 2020-12-09 20:09 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 17:25 - 2020-11-24 17:25 - 000851680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000521816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000469896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000332432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000217408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000206472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000176808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000109352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000037216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-11-24 17:25 - 2020-11-24 17:25 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2020-11-22 21:09 - 2020-11-22 21:10 - 000000000 ____D C:\Users\defaultuser100000
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Users\*****\AppData\Local\Raspberry Pi
2020-11-21 16:04 - 2020-11-21 16:04 - 000000000 ____D C:\Program Files (x86)\Raspberry Pi Imager
2020-11-21 12:06 - 2020-11-21 12:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-20 22:36 - 2020-11-22 09:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Users\*****\AppData\Roaming\Proton Technologies AG
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2020-11-20 20:03 - 2020-11-20 20:03 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2020-11-18 20:03 - 2020-12-09 20:09 - 000002158 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2020-11-18 20:03 - 2020-11-18 20:03 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-11-18 20:02 - 2020-11-18 20:03 - 000000000 ____D C:\Program Files\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2020-11-18 20:02 - 2020-11-18 20:02 - 000000000 ____D C:\WINDOWS\system32\Npcap
2020-11-18 20:00 - 2020-11-18 20:00 - 000000000 ____D C:\Users\*****\AppData\Roaming\Wireshark
2020-11-15 12:21 - 2020-11-15 12:21 - 000000000 ____D C:\Users\*****\AppData\Local\FLiNGTrainer
2020-11-14 15:07 - 2020-11-14 15:07 - 000000000 ____D C:\Users\*****\AppData\Roaming\EasyAntiCheat
2020-11-13 18:10 - 2020-11-13 18:10 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-11 18:00 - 2020-12-09 20:09 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1004
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-11 22:58 - 2020-05-29 19:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-11 22:20 - 2020-07-03 15:42 - 000000000 ____D C:\Users\*****\AppData\Local\Tautulli
2020-12-11 22:07 - 2020-05-29 21:29 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2020-12-11 18:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-11 18:23 - 2020-05-29 20:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\IDM
2020-12-11 18:22 - 2020-07-12 18:33 - 000007597 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 17:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-11 17:28 - 2020-11-01 16:05 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-11 17:27 - 2020-05-29 19:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-11 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 17:25 - 2020-05-29 19:21 - 001731070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 17:25 - 2019-12-07 15:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat
2020-12-11 17:25 - 2019-12-07 15:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat
2020-12-11 17:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-11 17:21 - 2020-05-29 19:36 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-11 17:20 - 2020-05-29 19:36 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2020-12-11 17:19 - 2020-05-29 20:14 - 000000000 ____D C:\Users\*****\AppData\Local\Plex Media Server
2020-12-11 17:19 - 2020-05-29 19:40 - 000000000 ____D C:\ProgramData\AVG
2020-12-11 17:18 - 2020-08-29 08:06 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-11 17:18 - 2020-05-31 15:30 - 000000000 ____D C:\ProgramData\VMware
2020-12-11 17:18 - 2020-05-29 19:21 - 000000000 ____D C:\Users\*****
2020-12-11 17:18 - 2020-05-29 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-11 17:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-11 17:16 - 2020-09-27 10:19 - 000000000 ____D C:\Users\*****\AppData\Local\WhatsApp
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\TAP-Windows
2020-12-11 17:16 - 2020-06-12 20:19 - 000000000 ____D C:\Program Files\OpenVPN
2020-12-11 17:16 - 2020-05-31 22:28 - 000000000 ____D C:\Users\*****\AppData\Local\WeMod
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2020-12-11 17:16 - 2020-05-30 10:44 - 000000000 ___SD C:\WINDOWS\system32\lxss
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\ProductData
2020-12-11 17:16 - 2020-05-30 10:36 - 000000000 ____D C:\ProgramData\IObit
2020-12-11 17:16 - 2020-05-29 21:05 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-11 17:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-12-11 17:16 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2020-12-11 17:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-11 17:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-11 17:15 - 2020-05-30 10:37 - 000000000 ____D C:\Users\*****\AppData\Roaming\IObit
2020-12-11 17:15 - 2020-05-30 10:36 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IObit
2020-12-11 17:15 - 2020-05-30 00:23 - 000000000 ____D C:\Users\*****\AppData\Local\cFos
2020-12-11 17:15 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\discord
2020-12-11 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2020-12-11 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-12-11 17:02 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Roaming\WhatsApp
2020-12-11 17:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-11 16:59 - 2020-05-29 20:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\DMCache
2020-12-11 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 16:15 - 2020-05-30 00:46 - 000000000 ____D C:\Users\*****\AppData\Local\ElevatedDiagnostics
2020-12-11 15:35 - 2020-05-30 10:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-11 12:58 - 2020-10-23 17:34 - 000000000 ____D C:\Users\*****\AppData\Local\RealVNC
2020-12-11 12:58 - 2020-05-29 19:25 - 000000000 ____D C:\Users\*****\AppData\Local\PlaceholderTileLogoFolder
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 06:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 20:09 - 2020-11-08 11:35 - 000002578 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2020-12-09 20:09 - 2020-11-08 11:35 - 000002542 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2020-12-09 20:09 - 2020-11-01 16:36 - 000002568 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2020-12-09 20:09 - 2020-11-01 16:04 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-09 20:09 - 2020-11-01 16:04 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-09 20:09 - 2020-10-29 19:21 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 19:21 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-09 20:09 - 2020-10-29 18:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3136980708-3557880529-3186569697-1001
2020-12-09 20:09 - 2020-10-14 18:46 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-09 20:09 - 2020-09-09 15:28 - 000002460 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2020-12-09 20:09 - 2020-09-09 15:28 - 000002350 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_*****
2020-12-09 20:09 - 2020-05-30 12:34 - 000002402 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_*****
2020-12-09 20:09 - 2020-05-29 21:01 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-09 20:09 - 2020-05-29 19:42 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-09 20:09 - 2020-05-29 19:42 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-09 20:09 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-09 19:30 - 2020-05-29 19:45 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2020-12-09 18:59 - 2020-05-29 21:31 - 000000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2020-12-09 18:49 - 2020-07-12 18:05 - 000000000 ____D C:\Users\*****\AppData\Local\KeePassXC
2020-12-09 18:45 - 2020-05-31 15:31 - 000000000 ____D C:\Users\*****\AppData\Local\VMware
2020-12-09 18:44 - 2020-05-31 15:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\VMware
2020-12-09 18:37 - 2020-05-29 19:23 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2020-12-09 18:35 - 2020-05-31 16:10 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-12-09 17:23 - 2020-06-21 15:42 - 000000128 _____ C:\Users\*****\AppData\Local\PUTTY.RND
2020-12-09 16:59 - 2020-05-29 21:59 - 000000000 ____D C:\Users\*****\AppData\Local\Ubisoft Game Launcher
2020-12-09 16:13 - 2020-05-29 21:28 - 000000000 ____D C:\Users\*****\AppData\Local\Discord
2020-12-06 20:22 - 2020-06-07 18:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\HuBBa
2020-12-06 14:16 - 2020-05-30 13:49 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-12-05 19:52 - 2020-05-29 20:33 - 000000000 ____D C:\Users\*****\AppData\Local\EpicGamesLauncher
2020-12-05 19:43 - 2020-10-17 10:24 - 005302184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-05 12:57 - 2020-05-30 00:40 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2020-12-05 12:46 - 2020-05-29 19:23 - 000000000 ____D C:\Users\*****\AppData\Roaming\Adobe
2020-12-05 12:15 - 2020-05-30 00:42 - 000000000 ____D C:\ProgramData\Adobe
2020-12-05 12:13 - 2020-05-30 00:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-04 21:40 - 2020-05-29 21:27 - 000000000 ____D C:\Users\*****\AppData\Local\SquirrelTemp
2020-12-04 15:34 - 2020-05-30 11:42 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-04 15:34 - 2020-05-29 19:43 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 19:51 - 2020-05-29 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 22:32 - 2020-06-07 19:37 - 000000000 ____D C:\Users\*****\AppData\Local\BattlEye
2020-11-28 21:28 - 2020-09-06 12:42 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files\Rockstar Games
2020-11-27 21:12 - 2020-05-29 20:31 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-11-25 17:33 - 2020-07-04 09:26 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-11-25 17:33 - 2020-05-29 19:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2020-11-25 16:22 - 2020-09-20 10:56 - 000134792 _____ (AVG Technologies) C:\WINDOWS\system32\icarus_rvrt.exe
2020-11-22 20:25 - 2020-06-21 20:33 - 000000000 ____D C:\Users\*****\AppData\Roaming\.minecraft
2020-11-22 09:47 - 2020-05-29 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 16:07 - 2020-10-23 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2020-11-21 16:04 - 2020-05-31 11:52 - 000000000 ____D C:\Users\*****\AppData\Local\cache
2020-11-21 12:06 - 2020-05-29 19:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-20 20:06 - 2020-05-31 12:32 - 000000000 ____D C:\ProgramData\ProtonVPN
2020-11-20 20:03 - 2020-05-30 02:57 - 000000000 ____D C:\Users\*****\AppData\Local\ProtonVPN
2020-11-17 07:02 - 2020-05-29 21:31 - 000000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2020-11-17 07:02 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\Packages
2020-11-15 20:28 - 2020-05-31 22:29 - 000000000 ____D C:\Users\*****\AppData\Roaming\WeMod
2020-11-14 18:09 - 2020-06-06 11:07 - 000000000 ____D C:\Users\*****\AppData\Local\GameCenter
2020-11-14 11:12 - 2020-05-29 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-14 11:10 - 2020-05-29 19:25 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-13 18:45 - 2020-05-29 19:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-13 18:09 - 2020-05-29 19:16 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-10-27 21:46 - 2020-10-27 21:46 - 000004682 _____ () C:\Users\*****\AppData\Roaming\VoiceMeeterDefault.xml
2020-06-21 15:42 - 2020-12-09 17:23 - 000000128 _____ () C:\Users\*****\AppData\Local\PUTTY.RND
2020-07-12 18:33 - 2020-12-11 18:22 - 000007597 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
11.12.2020, 23:12
| #12 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-12-2020
durchgeführt von ilias (11-12-2020 23:02:49)
Gestartet von C:\Users\ilias\Desktop
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-05-29 18:19:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3136980708-3557880529-3186569697-500 - Administrator - Disabled)
amine (S-1-5-21-3136980708-3557880529-3186569697-1005 - Limited - Disabled)
DefaultAccount (S-1-5-21-3136980708-3557880529-3186569697-503 - Limited - Disabled)
Gast (S-1-5-21-3136980708-3557880529-3186569697-501 - Limited - Disabled)
ilias (S-1-5-21-3136980708-3557880529-3186569697-1001 - Administrator - Enabled) => C:\Users\ilias
laila (S-1-5-21-3136980708-3557880529-3186569697-1004 - Limited - Disabled) => C:\Users\laila
WDAGUtilityAccount (S-1-5-21-3136980708-3557880529-3186569697-504 - Limited - Disabled)
yahia (S-1-5-21-3136980708-3557880529-3186569697-1003 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_Help (HKLM-x32\...\{7FDA2F0E-B522-48AD-8792-4BAAA4B5DA1C}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 13.7.0 - IObit)
Allods Online DE (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Allods Online DE (DE)) (Version: 1.209 - MY.GAMES)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{7598e74a-915c-4911-918c-ca4b2c296122}) (Version: 2.07.21.306 - Advanced Micro Devices, Inc.) Hidden
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.2.0 - GIGABYTE Technology Co.,Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version: - Ubisoft)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: - Ubisoft)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.9.3152 - AVG Technologies)
AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 20.1.2191.714 - AVG)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
bpd_scan (HKLM-x32\...\{EC7FE03D-239A-4E36-9907-0E327922D2A2}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM-x32\...\{9237DDE8-1DF1-4FA7-AAF9-95458ABC26E0}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{E105BB34-826A-4DF7-8F35-07DDEE1E47A0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
CPUID ROG CPU-Z 1.92 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
DC Universe Online Live (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Detroit: Become Human (HKLM-x32\...\Detroit: Become Human_is1) (Version: - )
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.0214.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.0214.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.0701.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.0701.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version: - Ubisoft)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
Gigabyte Speed v10.21 (HKLM\...\Gigabyte Speed) (Version: 10.21 - cFos Software GmbH, Bonn)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet J4500 Series 14.0 Rel. 6 (HKLM\...\{EACF146B-01D2-4185-B773-9604A0E5902A}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HuBBa 1.3.90 (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\2a4703e6-0b98-56dd-80dd-5248bb27b192) (Version: 1.3.90 - BiFi2000)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.5.0.15 - IObit)
J4500 (HKLM-x32\...\{3250CB33-9B5C-42CF-A215-23E95EA5F75E}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
KeePassXC (HKLM\...\{FEE3E3CD-2A6C-464E-8424-DE7512D4A5D0}) (Version: 2.6.2 - KeePassXC Team)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LEGO DC Super-Villains (HKLM-x32\...\LEGO DC Super-Villains_is1) (Version: - )
LibreOffice 6.4 Help Pack (German) (HKLM\...\{6A9B7FBF-A3F4-4F69-8398-83E03F5EE94A}) (Version: 6.4.4.2 - The Document Foundation)
LibreOffice 7.0.2.2 (HKLM\...\{2D790347-9563-49DA-AAAD-A5D26B69C993}) (Version: 7.0.2.2 - The Document Foundation)
Mafia: Definitive Edition (HKLM-x32\...\Mafia: Definitive Edition_is1) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Marvel's Avengers (HKLM-x32\...\Marvel's Avengers_is1) (Version: - )
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Teams) (Version: 1.3.00.9267 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\GameCenter) (Version: 4.1573 - MY.COM B.V.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.79 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
OpenVPN 2.4.9-I601-Win10 (HKLM\...\OpenVPN) (Version: 2.4.9-I601-Win10 - OpenVPN Technologies, Inc.)
Password Tech Version 3.1.0 (HKLM-x32\...\{F2074AC4-1897-470C-A160-EF5C74F76763}_is1) (Version: 3.1.0 - Christian Thöing)
Password Tech Version 3.2.0 (Aktueller Benutzer, 64 Bit) (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\{F2074AC4-1897-470C-A160-EF5C74F76763}_is1) (Version: 3.2.0 - Christian Thöing)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Plex Media Server (HKLM-x32\...\{40c376bf-c3a0-439b-8353-f69a3bac10d6}) (Version: 1.21.0.3711 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{8DE31A48-E744-4526-AE09-B9A4002CE770}) (Version: 1.21.711 - Plex, Inc.) Hidden
ProductContext (HKLM-x32\...\{8064EF1E-3243-4307-A04F-BB64FF06A8DF}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
ProtonVPN (HKLM-x32\...\{FD5DFEEE-C563-4D04-B3F4-E5C7D5F5B1E9}) (Version: 1.17.6 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.6) (Version: 1.17.6 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{526B21BC-E7BE-4CC9-AF49-20F7F11B9113}) (Version: 1.1.1 - Proton Technologies AG)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.8.3 (32-bit) (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\{6f6f2a2d-6475-4359-bc65-b2cf464bd085}) (Version: 3.8.3150.0 - Python Software Foundation)
Python 3.8.3 Core Interpreter (32-bit) (HKLM-x32\...\{D3A7FDC5-BA4E-44FC-8822-800226B81C71}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Development Libraries (32-bit) (HKLM-x32\...\{EA35D9DB-86A9-4705-9D15-7FE33E261450}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Documentation (32-bit) (HKLM-x32\...\{BAF129CE-5C13-4383-9807-A44055644E08}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Executables (32-bit) (HKLM-x32\...\{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 pip Bootstrap (32-bit) (HKLM-x32\...\{4ADFAA3D-1670-4161-A64A-83535B6D78C6}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Standard Library (32-bit) (HKLM-x32\...\{26B2CC8C-1492-437D-B27A-655AFB3647DE}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Test Suite (32-bit) (HKLM-x32\...\{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Utility Scripts (32-bit) (HKLM-x32\...\{14A8B424-0141-4E46-A1E2-548DF8349BB7}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
Raspberry Pi Imager (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.11.9.1287 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8945.1 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.18 - Rockstar Games)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.0721.1 - GIGABYTE)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.32.316 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.0410.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.0410.1 - GIGABYTE)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{94530A73-5D44-431B-B1F0-FEBA96C90390}) (Version: 1.21.711 - Plex, Inc.) Hidden
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Tautulli (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\Tautulli) (Version: 2.6.2.1 - Tautulli)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.)
VNC Viewer 6.20.529 (HKLM\...\{1A0D1F90-8D1F-4922-8546-D1F84501C46A}) (Version: 6.20.529.42646 - RealVNC Ltd)
Watch Dogs Legion (HKLM-x32\...\Uplay Install 3353) (Version: - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WeMod (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\WeMod) (Version: 6.3.11 - WeMod)
WhatsApp (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\WhatsApp) (Version: 2.2047.13 - WhatsApp)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows Subsystem for Linux Update (HKLM\...\{18E72D39-392C-419D-9B86-C4C633B4CED9}) (Version: 4.19.128 - Microsoft Corporation)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wireshark 3.4.0 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.0 - The Wireshark developer community, hxxps://www.wireshark.org)
Zoom (HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0 [2020-12-11] (AMZN Mobile LLC)
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.42.0_x64__pwbj9vvecjh7j [2020-12-11] (Amazon Development Centre (London) Ltd)
Kali Linux -> C:\Program Files\WindowsApps\KaliLinux.54290C8133FEE_1.6.0.0_x64__ey8k8hqnwqnmg [2020-12-11] (Kali Linux)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.32.33291.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-12-11] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-12-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2020-12-11] (Realtek Semiconductor Corp)
Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2020.812.0_x64__79rhkp1fndgsc [2020-12-11] (Canonical Group Limited)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ilias\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\ilias\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => H:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => H:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => G:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => G:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-06-01] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\nvshext.dll [2020-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-11-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-05-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\ilias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\GeForce Experience Stream Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gjljknijpnfibppaijefibndmiabonep
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-11-23 19:03 - 2020-11-23 19:03 - 000629760 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\aac_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000394752 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\ac3_encoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000608256 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\dca_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000751104 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\flv_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001559040 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\h264_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000818688 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\hevc_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001800704 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\libx264_encoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 000579072 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mp3_decoder.dll
2020-11-23 19:03 - 2020-11-23 19:03 - 001268224 _____ () [Datei ist nicht signiert] \\?\C:\Users\ilias\AppData\Local\Plex Media Server\Codecs\7c50c14-3596-windows-x86\mpeg4_decoder.dll
2020-04-30 14:28 - 2020-04-30 14:28 - 001866752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000182272 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\_cffi_backend.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000034816 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_aes.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000016384 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_aesni.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_cbc.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_cfb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000014336 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ctr.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ecb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ocb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000012288 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_raw_ofb.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Cipher\_Salsa20.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000015872 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_BLAKE2s.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_ghash_clmul.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013824 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_ghash_portable.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000016896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_MD5.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000019456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_SHA1.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000022016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Hash\_SHA256.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Protocol\_scrypt.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Util\_cpuid_c.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000011264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\Cryptodome\Util\_strxor.cp38-win_amd64.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 003100160 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\cryptography\hazmat\bindings\_openssl.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000572928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\pythoncom38.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000142848 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\pywintypes38.dll
2020-12-05 19:23 - 2020-12-05 19:23 - 000134656 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32api.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000539136 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32com\shell\shell.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000027648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32event.pyd
2020-12-05 19:23 - 2020-12-05 19:23 - 000058880 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Tautulli\win32service.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000054272 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000039936 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000218624 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000036864 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000024576 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\origin_7f53219b-4e2b-4591-9f4f-dfc5f4ba9eb0\yarl\_quoting_c.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:09 - 2020-12-05 13:09 - 000073216 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\psn_38087aea-3c30-439f-867d-ddf9fae8fe6f\yarl\_quoting.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000014848 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\internal\_api_implementation.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 001055232 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\google\protobuf\pyext\_message.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000118784 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\_elementpath.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 003284992 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\etree.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000161792 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\lxml\html\clean.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000009728 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\websockets\speedups.cp37-win32.pyd
2020-12-05 13:05 - 2020-12-05 13:05 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\steam_ca27391f-2675-49b1-92c0-896d43afa4f8\yarl\_quoting_c.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000231424 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\_yaml.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000050176 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000225792 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000045056 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\multidict\_multidict.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\psutil\_psutil_windows.cp37-win32.pyd
2020-12-05 13:04 - 2020-12-05 13:04 - 000069632 _____ () [Datei ist nicht signiert] C:\Users\ilias\AppData\Local\GOG.com\Galaxy\plugins\installed\uplay_afb5a69c-b2ee-4d58-b916-f4cd75d4999a\yarl\_quoting_c.cp37-win32.pyd
2020-10-21 19:33 - 2020-10-21 19:33 - 000083604 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libdouble-conversion.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000081585 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libgcc_s_seh-1.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 028408832 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicudt67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 003277824 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicuin67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 002113536 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libicuuc67.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000339456 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libpcre2-16-0.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000303486 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libsodium-23.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000043429 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libssp-0.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 001752711 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libstdc++-6.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000737792 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\libzstd.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000093720 _____ () [Datei ist nicht signiert] G:\Program Files\KeePassXC\zlib1.dll
2020-12-05 12:55 - 2020-12-04 09:17 - 000064512 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000050176 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000225792 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000045056 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\multidict\_multidict.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000061952 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\psutil\_psutil_windows.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000073216 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginEpic\yarl\_quoting.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000048128 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_frozenlist.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000036864 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_helpers.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000216064 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_parser.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000032256 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_http_writer.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000022528 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\aiohttp\_websocket.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000034304 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\multidict\_multidict.cp37-win32.pyd
2020-12-05 12:55 - 2020-12-04 09:17 - 000073216 _____ () [Datei ist nicht signiert] H:\Program Files (x86)\GOG Galaxy\plugins\GalaxyPluginXbox\yarl\_quoting.cp37-win32.pyd
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2019-10-29 09:26 - 2019-10-29 09:26 - 000445952 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 19:53 - 2018-09-11 19:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-06-18 08:01 - 2020-06-18 08:01 - 002057216 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-06-18 08:01 - 2020-06-18 08:01 - 002057728 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 000058539 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\libwinpthread-1.dll
2018-08-30 16:26 - 2018-08-30 16:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 006992719 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\Qt5Core.dll
2020-10-21 19:33 - 2020-10-21 19:33 - 002549349 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] G:\Program Files\KeePassXC\Qt5Network.dll
2015-10-14 00:15 - 2015-10-14 00:15 - 002042368 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2019-07-04 18:06 - 2019-07-04 18:06 - 001988608 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-07-06 19:33 - 2020-07-06 19:33 - 000478720 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-05-08 14:55 - 2020-05-08 14:55 - 002107392 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\ilias\AppData\Local\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> H:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> G:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> H:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-04] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\sharepoint.com -> hxxps://jgumainz-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2020-06-06 12:01 - 000000862 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.navicat.com
2020-05-31 16:10 - 2020-12-09 18:35 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.31.128.1 Friday.mshome.net # 2025 12 1 8 17 35 43 429
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\Control Panel\Desktop\\Wallpaper -> H:\Downloads\Compressed\WD2_Wallpapers\3\16_9\3_2560x1440.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled)
LAN-Verbindung: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VMware Network Adapter VMnet1: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung 2: VMware Bridge Protocol -> vmware_bridge (enabled)
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
LAN-Verbindung 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VMware Network Adapter VMnet8: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\StartupFolder: => "GIGABYTE AORUS GRAPHICS ENGINE.lnk"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-3136980708-3557880529-3186569697-1001\...\StartupApproved\Run: => "35C0DD69A13B47FAAE527F030D7053F7FAB3A98B._service_run"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{DAE1B244-2654-4C22-9C03-8F75C38131C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8953D7FC-E6A6-478A-90A0-192C1EC81428}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{884ADA83-A667-4B8B-A28F-6FC912E29B66}] => (Allow) H:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6AB88638-B0AF-4021-9D7A-ABA0FBA7FAA7}] => (Allow) H:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4238A560-8AA9-4999-B7FF-B21258D3FBA4}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A4C491AB-9C55-4D6B-81B8-8ABF16EEA7B6}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9269052-FE64-44E4-BC31-5899E47CD50D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6233A909-02E2-4441-BC45-52BC23EC49D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEE1DF78-731F-49A9-9064-990E95B5CC82}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D619D246-E916-4FE4-8167-8C3899C9457B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{7B5A16C2-03C8-437A-91F8-888B020401E3}] => (Allow) LPort=9009
FirewallRules: [{F8441524-0FC2-4B58-8620-D25FBB8BF5A9}] => (Allow) LPort=9009
FirewallRules: [{71652B94-8D03-4E8D-9E5E-FDD09E09ABD9}] => (Allow) LPort=9009
FirewallRules: [{E585C08C-AAC7-47CB-8D65-2F8A060309BA}] => (Allow) LPort=9009
FirewallRules: [{79F958CA-7658-464F-AD6D-B57E92AA87C6}] => (Allow) LPort=9009
FirewallRules: [{70E69257-630E-4CAE-B394-50B2A5F8C725}] => (Allow) LPort=9009
FirewallRules: [{39E5249B-6E84-4C31-898D-0D676F464C6D}] => (Allow) LPort=9009
FirewallRules: [{92A762F5-71D4-480C-AFFD-1EFF1A88F178}] => (Allow) LPort=9009
FirewallRules: [{FFA17206-E769-43F6-BDCF-D33465CE9A83}] => (Allow) LPort=9009
FirewallRules: [{7558928D-63E2-4718-8141-71ABF2DD86BD}] => (Allow) LPort=9009
FirewallRules: [{3257E1C0-E035-46F5-95C8-BB203AD797C2}] => (Allow) LPort=9009
FirewallRules: [{093B834C-2C0F-4545-9DDE-8E835519F4C8}] => (Allow) LPort=9009
FirewallRules: [{20F30550-43F8-4C2E-B616-093EA22D65F0}] => (Allow) LPort=9009
FirewallRules: [{540C48AD-2635-4F95-984C-9949129C1BF7}] => (Allow) LPort=9009
FirewallRules: [{BCB17D5B-80F3-491E-BD8F-8C25CB2414D0}] => (Allow) LPort=9009
FirewallRules: [{D14AC5A1-CFFB-4C41-A210-9096E8E8B3A6}] => (Allow) LPort=9009
FirewallRules: [{6653C6AB-652C-4448-8389-D476501673A1}] => (Allow) LPort=9009
FirewallRules: [{32E7A7CB-3833-435A-B181-94EC250C604A}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{4E3AE518-57EC-4907-A69B-C468C65FF1C5}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{26C20AEF-BD2D-491B-A067-3F4851939276}] => (Allow) LPort=9009
FirewallRules: [{80513380-7748-4F98-99FB-00A23CC8642B}] => (Allow) LPort=9009
FirewallRules: [{4DC846C7-943A-4A2F-BBEB-282F08D8B471}] => (Allow) LPort=9009
FirewallRules: [{4BACDBCD-84E1-4E91-BECB-24970AEBA7B3}] => (Allow) LPort=9009
FirewallRules: [{2152E9D9-6A7F-493F-B133-CE52714DE524}] => (Allow) LPort=9009
FirewallRules: [{7BA34BAB-84FC-4E05-AC16-280CFA7378B1}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CD655D27-EE12-4F43-8349-411302EE893C}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{1E82349B-7870-44A1-800B-4DE6C661A138}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{7AD85ACA-0D91-4770-A511-8946D0A5A20A}] => (Allow) G:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{230FA1FA-90E8-4224-8C59-F2071BAAC89B}] => (Allow) LPort=9009
FirewallRules: [{776C6B29-8999-42F1-BE34-377AD0295116}] => (Allow) LPort=9009
FirewallRules: [{2D7BAD1D-1489-494A-A623-5F4C89A9D998}] => (Allow) LPort=9009
FirewallRules: [{54C21C80-B054-4099-9E76-19F198F065A6}] => (Allow) LPort=9009
FirewallRules: [{27DEAD8C-1074-4CD3-8356-145D2B147ED3}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [Datei ist nicht signiert]
FirewallRules: [{4AEA242F-4724-44BF-B58D-C0CF88E42BF6}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [Datei ist nicht signiert]
FirewallRules: [{E89F7144-8877-45F2-A916-4AA8F78DDAA4}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C842A5DE-0D43-41F2-B624-C7579A943852}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1920091C-16C5-4FF9-993D-411EA8E6C4F7}] => (Allow) LPort=9009
FirewallRules: [{298444CD-4F5D-44D1-A78B-81FD66B05E92}] => (Allow) LPort=9009
FirewallRules: [{F1D5B639-4A0E-43AE-B1D1-EE1C57E2EFE7}] => (Allow) LPort=9009
FirewallRules: [{C97A7AEA-DD0A-410B-9332-8E0A4E070F54}] => (Allow) LPort=9009
FirewallRules: [{8844F677-8A28-4AFF-BB8D-36C715E786C2}] => (Allow) LPort=9009
FirewallRules: [{F238437D-94F2-4657-BF0E-886F77F217A4}] => (Allow) LPort=9009
FirewallRules: [{500043C5-D2D9-4AAA-8B5E-369AAC125985}] => (Allow) LPort=9009
FirewallRules: [{4437032A-A84D-4446-B2E4-E376156E3FA7}] => (Allow) LPort=9009
FirewallRules: [{DB080CB2-DBAC-4FAF-8A4C-F091CA7930DB}] => (Allow) LPort=9009
FirewallRules: [{89C27047-0265-4D30-A9B3-A2F700E38227}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\AllodsMycomSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [{0F15FEC3-0EE0-4F41-8556-1A7064B2A426}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\AllodsMycomSteamLoader.exe (Mail.Ru LLC -> )
FirewallRules: [{0E4B8310-D4C6-45AD-BAD6-FACE249BD8E7}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Allods Online My.com\Allods Online DE\bin\Launcher.exe (LLC MAIL.RU -> © 2008-2019 Allods Team, Mail.Ru Games)
FirewallRules: [TCP Query User{A9E1CF12-2656-4B8A-B67C-984D441B4176}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ilias\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{DC2926A0-F60F-4B0E-851F-5F2782E74326}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ilias\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{3775C925-8205-41C2-8EAF-B263CA3B52B7}] => (Allow) G:\Programme\Uplay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{FCDF7798-1206-4109-B228-EE7ED48C787F}] => (Allow) G:\Programme\Uplay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5ECD9456-BAE5-49CF-80BE-202009E6D589}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{C271ABFC-434D-4914-9361-C575F25CCF70}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{10D42B82-D1BB-4016-B299-9F4C7700DCBC}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{D4A3137A-4F0B-40F7-A90A-62EF6CAA7D38}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{EF6BD5E2-8357-478E-BE90-5B51401E7CB3}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{4A6BA015-1596-4A95-B131-340F084CDF2E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{9CC8AC29-BAB1-4AB8-A2A5-E8B21E4FB5C3}] => (Allow) LPort=9009
FirewallRules: [{41AFF113-3D49-43FE-8D12-9F8B39755813}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{B769692B-4E38-42C0-B5A8-AB58A649F489}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{F6401DCF-0AA0-4BF1-B4AD-1CC1B5DFBF32}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{1730AC81-1750-4CD0-96BE-7F8654C94C2F}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{73A037D6-AA68-4BE5-8023-093CF12D6DF0}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9E1C9D18-A17E-4822-A5ED-68713DAB55DF}] => (Allow) G:\Programme\Uplay\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9651F030-D1E6-406B-9897-5AFAEAA1D429}] => (Allow) LPort=9009
FirewallRules: [{3C458199-E8D5-47D4-915D-E0B6CE784E49}] => (Allow) LPort=9009
FirewallRules: [{FA40DA03-697A-4BC8-802C-189E111B7521}] => (Allow) LPort=9009
FirewallRules: [{665FF16B-2402-4E78-B20C-E59C3093A21F}] => (Allow) LPort=9009
FirewallRules: [{902CCB86-526F-4C35-A60E-B9BD8CC82DBF}] => (Allow) LPort=9009
FirewallRules: [{0C23F0E1-76F2-4B50-B8A2-A9CE75A0C88A}] => (Allow) LPort=9009
FirewallRules: [{FCECE2A5-8655-4E13-9A61-DD278CD8E7B3}] => (Allow) LPort=9009
FirewallRules: [{336BEA9B-BF7D-4E49-9F1E-C78BE0AA5B96}] => (Allow) LPort=9009
FirewallRules: [{E25D0CD7-ED3B-4BBE-B991-2AF39D30381F}] => (Allow) C:\Users\ilias\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{91E6759A-758A-4EDB-A369-ABC3CF8F54D4}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Syndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B634680D-29BE-4184-A686-8962295DB8A6}] => (Allow) LPort=9009
FirewallRules: [{7EEB199B-2474-4FEC-B4E8-048D4D2C9A89}] => (Allow) LPort=9009
FirewallRules: [{F5C7F79B-0FCB-4B42-9243-43E0C169AE84}] => (Allow) LPort=9009
FirewallRules: [{7F8AA965-8883-4DCB-A9EF-298E2DF8FE19}] => (Allow) H:\Programme\Uplay\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{A21B38AD-4976-4F94-A93E-1350888A32CE}] => (Allow) H:\Programme\Uplay\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{313DD029-0170-4028-BBDF-AA39AF187908}] => (Allow) LPort=9009
FirewallRules: [{AF340386-CB3C-4705-9B50-4D34F517D474}] => (Allow) LPort=9009
FirewallRules: [{EF463F9B-102D-4A1E-B0E0-5C6BBE8948F1}] => (Allow) LPort=9009
FirewallRules: [{3770FD15-5B33-40EA-BC19-EBAFDDC062F2}] => (Allow) LPort=9009
FirewallRules: [{9958AF36-41DB-4526-9502-98B57ED63366}] => (Allow) LPort=9009
FirewallRules: [{CF11565B-CA51-46C3-B677-BF0296848677}] => (Allow) LPort=9009
FirewallRules: [{94C3C4B4-BD1A-44EF-B14E-E41495A88F7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F69665A2-2B24-4355-9E06-3569D87CC5EB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67AF3586-FFFC-4F4B-9FBD-744D151BF6C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48001033-9119-43D6-9926-41E0131D1A27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD276B12-4AD6-4F46-A620-C869659E279C}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [Datei ist nicht signiert]
FirewallRules: [{BB070AAD-6B52-42EC-8E38-934E6DA54915}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [Datei ist nicht signiert]
FirewallRules: [{826571B4-AD43-4555-9565-606B8D1C96EC}] => (Allow) LPort=9009
FirewallRules: [{D81723F0-799E-4FA9-93F9-019325772670}] => (Allow) LPort=9009
FirewallRules: [{F7F54016-1A1E-4830-89AF-F9A8CEDFC8C6}] => (Allow) LPort=9009
FirewallRules: [{0A788C13-0189-48F1-890B-E06369E7DEF4}] => (Allow) LPort=9009
FirewallRules: [{423E12D6-0D79-4E08-A4E7-F6B5A7DAC5EE}] => (Allow) LPort=9009
FirewallRules: [{3BD60476-133B-46E8-8229-5F5C294AE233}] => (Allow) LPort=9009
FirewallRules: [{89D7626B-8331-4775-86F8-598C41A2A979}] => (Allow) LPort=9009
FirewallRules: [{73111904-FC32-442C-A1C5-83F271630428}] => (Allow) LPort=9009
FirewallRules: [{D947EB54-FD26-4F6B-A8C7-76E4347CBE25}] => (Allow) LPort=9009
FirewallRules: [{B4AF0129-BEC0-4F98-BDA8-1550049EDA37}] => (Allow) LPort=9009
FirewallRules: [{47167BB2-DB19-4F8E-8FA5-668C7A962FE5}] => (Allow) LPort=9009
FirewallRules: [{B0F494FC-3211-4705-AFBE-7654896D98E9}] => (Allow) LPort=9009
FirewallRules: [{8C9C5FBA-EBCA-4298-97F2-829568403AF9}] => (Allow) LPort=9009
FirewallRules: [{F65F57DA-48F1-4403-A469-1A816C1EDA68}] => (Allow) LPort=9009
FirewallRules: [{CB953820-00B6-4890-82B1-6C9F9F24AD29}] => (Allow) LPort=9009
FirewallRules: [{B78BB03D-0D62-4625-BC5C-E32EB9C89524}] => (Allow) LPort=9009
FirewallRules: [{4B39B479-9339-4477-9AD5-609D8A5FDC7A}] => (Allow) LPort=9009
FirewallRules: [{36C1CE74-5400-4108-B20E-0BBCA1F1650C}] => (Allow) LPort=9009
FirewallRules: [{C0DA0D50-A282-4DC2-8A66-27B4F788726F}] => (Allow) LPort=9009
FirewallRules: [{8C445951-DDA3-4012-BE57-33CD2FB1BC45}] => (Allow) LPort=9009
FirewallRules: [{EB3603CA-F786-4711-A74E-6F18A7528218}] => (Allow) LPort=9009
FirewallRules: [{7B7C164C-7698-4937-91FA-16DDF623FDA5}] => (Allow) LPort=9009
FirewallRules: [{D151D9B4-69AB-49C6-A1CC-7FA20CE42159}] => (Allow) LPort=9009
FirewallRules: [{0208A22B-0C03-4DF3-ACEB-04DDF745AAF1}] => (Allow) LPort=9009
FirewallRules: [{6AF6A2BA-1AD8-47FA-BABB-FF472A23F98A}] => (Allow) LPort=9009
FirewallRules: [{6715DBFF-A385-4979-9B78-06E0D1236B05}] => (Allow) LPort=9009
FirewallRules: [{71DA14A0-C1F9-4CC4-9CB7-07CF6916E11A}] => (Allow) LPort=9009
FirewallRules: [{CD0CCEB7-0155-49CB-8D4E-3C743676BC69}] => (Allow) LPort=9009
FirewallRules: [{B88AB3AA-20E5-4627-AB4B-422CFA83741C}] => (Allow) LPort=9009
FirewallRules: [{649204E0-8FF7-4482-8C16-50A502B7CEBD}] => (Allow) LPort=9009
FirewallRules: [{B8B1B2D3-A1CC-4A25-81D6-9F6CB9BD8CF8}] => (Allow) LPort=9009
FirewallRules: [{F6F33401-293B-4F8D-AAFC-7B6F5C4E1948}] => (Allow) LPort=9009
FirewallRules: [{7C027969-982F-45C9-B03F-DC52E1E072F7}] => (Allow) LPort=9009
FirewallRules: [{F24147DC-5C0D-4118-A2F9-BFEEEBA9F80D}] => (Allow) LPort=9009
FirewallRules: [{A07A76B5-06AE-4357-8E27-D51E507B9B69}] => (Allow) LPort=9009
FirewallRules: [{2CBE5144-5521-4151-9959-2087CF58B131}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{8038F798-E538-458B-BBAB-6CA4DFF7C523}G:\program files (x86)\the knight\rage 2\rage2.exe] => (Allow) G:\program files (x86)\the knight\rage 2\rage2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2D0544CE-01CA-4DF4-8D2F-07BD0A60961E}G:\program files (x86)\the knight\rage 2\rage2.exe] => (Allow) G:\program files (x86)\the knight\rage 2\rage2.exe () [Datei ist nicht signiert]
FirewallRules: [{EF6D7BBD-12E2-4087-AC19-13221B5D0E52}] => (Allow) LPort=9009
FirewallRules: [{F46FFAAC-EF19-4E2B-89D4-3D0706A201D9}] => (Allow) LPort=9009
FirewallRules: [{901609A1-24C2-42D2-B02E-EB0B6C6A2583}] => (Allow) LPort=9009
FirewallRules: [{7DDDC26B-89AF-4329-B0AA-6A8A9A433C26}] => (Allow) LPort=9009
FirewallRules: [{5AF7EE4C-8E9D-4337-97DC-117C775BCD98}] => (Allow) LPort=9009
FirewallRules: [{28D55537-8EF4-4913-B3FA-DDAEFB2B48FD}] => (Allow) LPort=9009
FirewallRules: [{6BA14A00-0E55-4FDD-8176-A60B0AB0312D}] => (Allow) LPort=9009
FirewallRules: [{A9EDA5FF-316F-4637-8DD2-5E7F3AAA517E}] => (Allow) LPort=9009
FirewallRules: [{6ACBF067-C968-48A5-98BC-DCF3E49983E5}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{4DBDD82D-D712-4224-9F83-DB375D1178A7}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{1274570E-F929-4371-9B91-92EECC0EE6B5}] => (Allow) LPort=9009
FirewallRules: [{AA259895-23A8-4638-805D-1EAE06BBD5BD}] => (Allow) LPort=9009
FirewallRules: [{E0879C28-E438-4948-A68B-16ABF9E34825}] => (Allow) LPort=9009
FirewallRules: [{6CEE1229-C96D-42E3-A191-A00B1746C818}] => (Allow) LPort=93
FirewallRules: [{8E6323E3-7481-48B8-A6C5-6929545D4348}] => (Allow) LPort=9009
FirewallRules: [{98579FAF-90A3-4459-B8EB-3439AFD0B49A}] => (Allow) LPort=9009
FirewallRules: [{E468DEC2-9E1F-4D14-9280-C5A2C0673B6D}] => (Allow) LPort=9009
FirewallRules: [{78868E05-8EBC-4917-8C8B-235F9DD08690}] => (Allow) LPort=9009
FirewallRules: [{10C28EED-B248-4AAB-86B9-B421D124EE84}] => (Allow) LPort=9009
FirewallRules: [{883691ED-79C4-4C55-9930-47E727FCDE9A}] => (Allow) LPort=9009
FirewallRules: [{70A148D2-EC84-44BE-925F-5C7869E7FCBE}] => (Allow) LPort=9009
FirewallRules: [{2453CC66-2ED7-4451-A2C9-AE77792D4065}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F0C934A0-B3F4-4D9A-8F2B-6B0502AF23A6}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C88135CA-F1E0-4687-802E-BB3F76F8D211}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\apache24\bin\spp-httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BD216EDE-6A0C-4278-99C8-AAF8D861B52B}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{3FCD227C-6102-4281-AF42-8CAE65421532}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\database\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{E4199A6A-DA0D-4C3C-A320-770B4F3EC150}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{A49FFB1E-EE35-4232-A6DB-8145D49ABAB3}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{1CCD513A-D05F-4DE7-A964-668BC97CDAB0}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4AF40930-0DE9-441E-93A1-DDF69FDD44D7}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\bnetserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D52E00C1-A812-4F43-AC0B-BAB8C9BA21CD}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{0A45418E-3CD3-4C46-8909-FBB139EF5281}G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe] => (Allow) G:\program files (x86)\wow server\singlecore_legion 11\spp-legion\server\bin64\worldserver.exe (SingleCore Developers) [Datei ist nicht signiert]
FirewallRules: [{E4677943-4809-41F4-AA1B-7386B1BDD8B9}] => (Allow) LPort=9009
FirewallRules: [{02C12C4E-1514-4540-9A40-F1F8C2258F11}] => (Allow) LPort=9009
FirewallRules: [{E2B7545F-F8F2-452A-883D-DA1B8C5C14D7}] => (Allow) LPort=9009
FirewallRules: [{E886355F-7504-4955-AA73-98021821A3DC}] => (Allow) LPort=9009
FirewallRules: [{8F8A5180-FD08-4631-A7A9-F8AEE9AD3819}] => (Allow) LPort=9009
FirewallRules: [{EED15B78-6086-4DCF-8A6F-9813B27CDF21}] => (Allow) LPort=9009
FirewallRules: [{2A00541F-E9DB-478B-A4FA-95502773AAC1}] => (Allow) LPort=9009
FirewallRules: [{FF505FD8-7377-45E3-82C7-4F85D5F92858}] => (Allow) LPort=9009
FirewallRules: [{457DE54F-6E38-4D34-A3FF-26B8F93FAF54}] => (Allow) LPort=9009
FirewallRules: [{1797903C-E973-4A1C-B756-B4DAA03E15FF}] => (Allow) LPort=9009
FirewallRules: [{8A95BADA-C539-4E36-878D-0FC83CD039B8}] => (Allow) LPort=9009
FirewallRules: [{8C18C03E-BC22-4418-B6F6-E53BD9D37C35}] => (Allow) LPort=9009
FirewallRules: [{38AB4A76-A973-4ED8-9E06-A528F73E2D5B}] => (Allow) LPort=9009
FirewallRules: [{C1FDFAA9-2D0C-4B7F-AA22-BAC16DDDD975}] => (Allow) LPort=9009
FirewallRules: [{98987678-49BC-402B-9256-DF66E18CF71B}] => (Allow) LPort=9009
FirewallRules: [{39A4F60A-36B7-481E-AB97-7B92C07ECFF3}] => (Allow) LPort=9009
FirewallRules: [{EB3B11F7-4173-4169-8173-339E6B283E16}] => (Allow) LPort=9009
FirewallRules: [{F743F4E2-991E-47D5-8AF3-EDC27E70BF31}] => (Allow) LPort=9009
FirewallRules: [{7C1B9F43-4F85-498B-BFA2-4BD1D7FFE53C}] => (Allow) LPort=9009
FirewallRules: [{10EC20FD-6BEE-48EA-80AA-7F082D38C427}] => (Allow) LPort=9009
FirewallRules: [{21E8B3AD-84CE-474A-855E-F8E02505AA59}] => (Allow) LPort=9009
FirewallRules: [{6FB6C9E9-9468-4C07-96AE-96C234EC9D1C}] => (Allow) LPort=9009
FirewallRules: [{BBCC23F3-D543-4DD2-B1A5-B645643123DA}] => (Allow) LPort=9009
FirewallRules: [{F86E22EB-8CF4-4705-8200-9E7F85B8D54D}] => (Allow) LPort=9009
FirewallRules: [{9052F49F-751D-4D4F-A699-C55374F0720D}] => (Allow) LPort=9009
FirewallRules: [{6FF09F31-68B5-4FD6-81BE-467020294980}] => (Allow) LPort=9009
FirewallRules: [{10713C94-AE25-4D74-B62C-F415C66B003C}] => (Allow) LPort=9009
FirewallRules: [{7763BD91-1F1D-451A-8570-2F7E3F7F0CC1}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{5C47F3BA-2A49-43C9-BC11-F28D23192A1E}H:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) H:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{A08F555D-810C-4C70-BE2C-8909612E1DBB}H:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) H:\programme\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9B5B8FA4-5ECC-457A-AA48-802BF2D8CB1C}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{C7E780B7-2916-459A-80A3-24A4EF243FB2}G:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) G:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2D31F209-16D4-4065-8A6B-F9060FA67C89}G:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) G:\program files\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0A15C446-9831-4EED-864A-21129DEB6130}] => (Allow) LPort=9009
FirewallRules: [{0A52F091-B959-4862-92B4-2E023793F300}] => (Allow) LPort=9009
FirewallRules: [{43F0F9CF-1D18-4803-9485-013AE8D61DB5}] => (Allow) LPort=9009
FirewallRules: [{EA2AF9DB-AAA8-4DF3-9B52-DA1C4A622B99}] => (Allow) LPort=9009
FirewallRules: [{56E60533-054A-4BCB-AA39-5AC520E4A2B9}] => (Allow) LPort=9009
FirewallRules: [{BD0CF392-6D73-46CD-BFB9-2533CE95C359}] => (Allow) LPort=9009
FirewallRules: [{46571334-AA20-4217-B4BE-21EAC4F4F5A3}] => (Allow) LPort=9009
FirewallRules: [{EBA797CB-F355-4959-9BF9-C83F057924C5}] => (Allow) LPort=9009
FirewallRules: [{2994E284-A0BC-489A-98BB-CFE4890338D8}] => (Allow) LPort=9009
FirewallRules: [{A53CDD86-DF9D-44BE-B309-210A6879869B}] => (Allow) LPort=9009
FirewallRules: [{BE712C6E-F468-4FF1-B449-B8DB94B7959B}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{750959BD-167F-4B3C-BD44-1C66A5629413}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Block) G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3B8323FA-69CD-4EE7-8D1C-962EDD08C87E}G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Block) G:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{FE266EC5-971A-484B-9BF3-17CDCCC25B90}] => (Allow) LPort=9009
FirewallRules: [{18425415-E593-49D6-A15C-F904E8C0A79A}] => (Allow) LPort=9009
FirewallRules: [{D4E33953-CB8D-4DDA-B0B7-49ABFF98376C}] => (Allow) LPort=9009
FirewallRules: [{48367F9E-45A5-4807-BE8C-AB0C8E92A225}] => (Allow) LPort=9009
FirewallRules: [{BBE9D50C-E652-49EB-95AE-3DC9DEF3F34E}] => (Allow) LPort=9009
FirewallRules: [{D94D92B1-A4A3-493F-A0FE-FCA8B2ECB72B}] => (Allow) LPort=9009
FirewallRules: [{123809A6-483D-4CE9-8C4C-F560C7D85A2D}] => (Allow) LPort=9009
FirewallRules: [{ED9A5ABA-A271-4E82-B252-EAE99C1109DB}] => (Allow) LPort=9009
FirewallRules: [{CBE8EC1F-AB28-469E-B059-D5697B02C384}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{3EDC1276-8EF2-4B44-9685-7303162F0D85}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{20229675-488C-47A1-BA8C-872AFBECF00E}] => (Allow) LPort=9009
FirewallRules: [{AF68E724-E020-4F6B-A026-349C1CBAE12A}] => (Allow) LPort=9009
FirewallRules: [{3BE2B281-98E5-420C-9BF4-2755FAC94BB3}] => (Allow) LPort=9009
FirewallRules: [{C64AAD90-8DDC-4102-9548-3652A9401107}] => (Allow) LPort=9009
FirewallRules: [{2CCC1F91-7F72-4D15-A2B8-1F47BC9D1233}] => (Allow) LPort=9009
FirewallRules: [{F5327578-8ABD-45BD-9777-06FD91D43380}] => (Allow) LPort=9009
FirewallRules: [{DFCE7B1B-A0C3-41A0-9BF8-D76045534B4E}] => (Allow) LPort=9009
FirewallRules: [{5AB0CA45-9DFA-4418-ABE0-00DC1FC6FBCD}] => (Allow) LPort=9009
FirewallRules: [{24D22571-BA95-4C02-9826-C7DE60DBE5E3}] => (Allow) LPort=9009
FirewallRules: [{39BBA9B3-BAA3-4BD5-87E8-CA01E36CCA0C}] => (Allow) LPort=9009
FirewallRules: [{4AE806B5-B721-4A9C-8671-042F75B34908}] => (Allow) LPort=9009
FirewallRules: [{E89AF2BA-C7D6-427E-94CD-3446AE5C0C9D}] => (Allow) LPort=9009
FirewallRules: [{12059972-E222-4862-9C07-B4A00710AD2D}] => (Allow) LPort=9009
FirewallRules: [{6F8BC16D-0C27-4E81-9291-716E336845E4}] => (Allow) LPort=9009
FirewallRules: [{72B9AA28-1076-48FE-A2A6-D2FA815D8A1F}] => (Allow) LPort=9009
FirewallRules: [{F78DB957-7379-4E96-9018-A21CCD7D0C0A}] => (Allow) LPort=9009
FirewallRules: [{29282BB5-BA4A-4B01-93DD-CD614C4D2AFD}] => (Allow) LPort=9009
FirewallRules: [{5AB6FA1F-282A-4D03-971B-1613B37D69A8}] => (Allow) LPort=9009
FirewallRules: [{A8CDC7C0-9AC6-45C1-A50B-EED3CEE41834}] => (Allow) LPort=9009
FirewallRules: [{D80B3F1C-FFDF-4BF6-A95C-79ED20D657EF}] => (Allow) LPort=9009
FirewallRules: [{18598FC2-DAA7-4C26-BF8B-715C396394E9}] => (Allow) LPort=9009
FirewallRules: [{5C12FE61-258E-412D-B7CA-4DE887A2BA6C}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{CACD8413-E65B-4060-AADE-CDFC27486E73}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{2A1FDF6D-CDA1-4662-9CAE-3F47407DAE2A}] => (Allow) LPort=9009
FirewallRules: [{20AB9A4B-E953-47E9-BF54-F581ECE229E4}] => (Allow) LPort=9009
FirewallRules: [{BFF448E9-8CA7-4533-B79D-B34ACA0BFB46}] => (Allow) LPort=9009
FirewallRules: [{ABA7653C-CA3C-4FEB-9698-65CC5D935B67}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Datei ist nicht signiert]
FirewallRules: [{CE258CEE-6668-4C68-8F90-15FDDE53F61F}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{698DF1BC-393E-47C6-A19C-3D96345DF257}G:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) G:\program files\epic games\totalwarsagatroy\troy.exe => Keine Datei
FirewallRules: [UDP Query User{BE74110F-2F42-4B2A-9457-39F695E4E51D}G:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) G:\program files\epic games\totalwarsagatroy\troy.exe => Keine Datei
FirewallRules: [{E71EE8D8-F343-4C28-BBA1-2DD299F0BFB8}] => (Allow) LPort=9009
FirewallRules: [{334F5ABA-96A5-4AF6-9598-FF64BD5F366B}] => (Allow) LPort=9009
FirewallRules: [{5647784A-286B-4287-8A4C-9B43D2EE6427}] => (Allow) LPort=9009
FirewallRules: [{55BB64EC-2EDC-47EB-8ECA-30F8F8F3BD59}] => (Allow) LPort=9009
FirewallRules: [{A73D8F82-E203-4943-9274-7A2F72FB2C7A}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{68AC0099-9881-45D0-B2D9-ABF26FD4B350}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe (Focus Home Interactive -> Focus Home Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{6666A672-8D84-4AC9-B4E1-FB0ABA950E00}G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) G:\program files (x86)\corepack\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe (Focus Home Interactive -> Focus Home Interactive) [Datei ist nicht signiert]
FirewallRules: [{8423AC61-EF99-49B1-9750-C1B3F6F6CE8A}] => (Allow) LPort=9009
FirewallRules: [{23F1FCF6-D340-4C7F-9A6F-D95F60383A9C}] => (Allow) LPort=9009
FirewallRules: [{4A6CF62E-A374-46CC-81BD-2A1D8B6BE888}] => (Allow) LPort=9009
FirewallRules: [{0E762191-4784-4B9B-AD14-8880ECF23EFE}] => (Allow) LPort=9009
FirewallRules: [{4FECC383-A40A-4AA9-BE82-C59619A370C9}] => (Allow) LPort=9009
FirewallRules: [{7FAA19FA-AB6A-47E1-9A83-F95DEB13A8DE}] => (Allow) LPort=9009
FirewallRules: [{64FC1124-B27C-474A-8240-0C8C5E57C0F9}] => (Allow) LPort=9009
FirewallRules: [{3838EDAA-0AB3-4C64-AA02-8EF5CCF57FF4}] => (Allow) LPort=9009
FirewallRules: [{7321BAE3-5279-4D84-9610-C887763C5789}] => (Allow) LPort=9009
FirewallRules: [{C18C1CE6-3C94-4FB2-8677-DA1B98781729}] => (Allow) LPort=9009
FirewallRules: [{DB9FB736-7271-42F1-9A19-7EF4F35004CC}] => (Allow) LPort=9009
FirewallRules: [{8B8F9B53-6D76-44B0-BE8D-07F2270C5231}] => (Allow) LPort=9009
FirewallRules: [{EB0F0988-50AF-47AE-A132-581E29BDFB74}] => (Allow) LPort=9009
FirewallRules: [{09ABCFFD-E654-4863-91A7-CE227CEE67F4}] => (Allow) LPort=9009
FirewallRules: [{59362B8C-B63A-4A98-9866-4521F6D1F8E1}] => (Allow) LPort=9009
FirewallRules: [{CDF246BE-D52A-4BB3-9026-D9BE252CE1D5}] => (Allow) LPort=9009
FirewallRules: [{26FAC9F2-0943-4189-AA21-96794B2D7AA3}] => (Allow) LPort=9009
FirewallRules: [{2271A30C-FF29-40D1-A7ED-738FED189A3D}] => (Allow) LPort=9009
FirewallRules: [{E8304080-290B-4617-BEA2-D55A0AEDE061}] => (Allow) LPort=9009
FirewallRules: [{51DA6998-7245-4E88-9A56-133C5B3EA00C}] => (Allow) LPort=9009
FirewallRules: [{35B9EF1D-D0EE-4943-AB6E-72A808688AEF}] => (Allow) LPort=9009
FirewallRules: [{4E2DF05E-A687-4151-8D16-D9AB53B9BD15}] => (Allow) LPort=9009
FirewallRules: [{3A320DA6-F912-4BFD-9707-23B2B11A84C8}] => (Allow) LPort=9009
FirewallRules: [{9984CACD-8722-4B4C-B1DA-11C721DEDF47}] => (Allow) LPort=9009
FirewallRules: [{32777281-C16F-49E4-9A3E-701C8217457B}] => (Allow) LPort=9009
FirewallRules: [{34B503B2-F927-4F88-BEBB-F0B96AE1C509}] => (Allow) LPort=9009
FirewallRules: [{BBDA2AA3-D30A-457A-AB0F-711DA960A60B}] => (Allow) LPort=9009
FirewallRules: [{12605487-706C-4A72-BC94-E80EBF4AAF28}] => (Allow) LPort=9009
FirewallRules: [{E4FB5E86-94A6-4F5B-A384-FC9908DE3B5E}] => (Allow) LPort=9009
FirewallRules: [{B46BBFF9-7472-4B08-9610-97AE3165D0B9}] => (Allow) LPort=9009
FirewallRules: [{AEB75F9E-16D9-4742-B600-2D32FDE8EB5D}] => (Allow) LPort=9009
FirewallRules: [{E66859C3-FD3D-4924-9E80-213AFA364A4C}] => (Allow) G:\Programme\Uplay\Tom Clancy's The Division\TheDivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{AF357AE8-BC03-45B0-BECE-CDF254A86EF5}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{77F09BE0-845B-47AA-9824-EDF96A67788D}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{E50D1F95-3391-4B8D-AF5A-CE0EF2D76C22}G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) G:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9DE3BFB7-4066-4458-BF82-A0243E23C031}] => (Allow) LPort=9009
FirewallRules: [{4000C567-593B-4444-86F1-5E5F982FA105}] => (Allow) LPort=9009
FirewallRules: [{D2C949DA-8081-4F46-B782-2710E335F9A6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{715084A9-3B08-4B5F-8780-BB62BF73D198}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0F109C04-2AD2-4D0C-BF4F-076C686BADFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B10A27C3-5699-4820-AD43-5DD38AC6C2B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{2E6A6070-CCAA-4D83-AD54-64E3807CF8D6}H:\programme\uplay\games\far cry 3\bin\farcry3.exe] => (Allow) H:\programme\uplay\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{E56AFF91-3832-4A59-97F1-585242CE710C}H:\programme\uplay\games\far cry 3\bin\farcry3.exe] => (Allow) H:\programme\uplay\games\far cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{290A0F71-7DB1-4C65-A87C-98C2EE42984D}] => (Allow) LPort=9009
FirewallRules: [{350BD6AF-9EAC-4C89-B91D-3D17F6D47DF6}] => (Allow) LPort=9009
FirewallRules: [{4A74DA9F-7EEB-400A-B3C4-B7F5813C70A7}] => (Allow) LPort=9009
FirewallRules: [{BEF1DFA3-B825-4095-A67F-D60864226C19}] => (Allow) LPort=9009
FirewallRules: [{3F4F6B64-901A-4B25-A468-933AE8507EB4}] => (Allow) LPort=9009
FirewallRules: [{84613B71-181C-452F-9D00-FC53A6FCA31A}] => (Allow) LPort=9009
FirewallRules: [{BE45E5F6-7D71-49CB-B397-5D94566B33E9}] => (Allow) LPort=9009
FirewallRules: [{4A8C8987-CF43-4A57-87FD-4E57785D198A}] => (Allow) LPort=9009
FirewallRules: [{74C2CC5F-B2F4-4DDB-B72F-1375AC1384DC}] => (Allow) LPort=9009
FirewallRules: [{8B411965-2AD6-4417-9959-B62A7EB5D536}] => (Allow) LPort=9009
FirewallRules: [{933EA8E6-CCE8-44B7-A944-BC63F2ED99A2}] => (Allow) LPort=9009
FirewallRules: [{7478E4D0-0C93-4335-A355-A0018E660F60}] => (Allow) LPort=9009
FirewallRules: [{0543F3AC-07FB-41C1-BE36-EA297CFD3258}] => (Allow) LPort=9009
FirewallRules: [{263E2E95-A836-46BB-9A1D-E14C5586B83B}] => (Allow) LPort=9009
FirewallRules: [{5207F52F-EA83-49A3-892A-4FDE46C054AE}] => (Allow) LPort=9009
FirewallRules: [{133B78F4-D967-434D-8AA3-0C4B9C5C6155}] => (Allow) LPort=9009
FirewallRules: [{2269EC4F-4351-4123-B082-BE1878E02837}] => (Allow) LPort=9009
FirewallRules: [{9B45757D-38B2-42EE-B25A-71F52AD796C2}] => (Allow) LPort=9009
FirewallRules: [{75A4087C-E563-4D0C-BE60-23630E43E14D}] => (Allow) LPort=9009
FirewallRules: [{B6F06ACE-1105-46BB-BF21-DA188A49E134}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3F9DE2F1-CA4E-4A33-BE9C-556A650C4FD9}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5FD4D251-712B-43BD-9FCC-AB1A942FA6A1}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{89CB9AD8-FED3-43B2-B285-836A7495805A}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C60C5437-4AA9-4558-BEE2-BDA2200AC77A}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8007968-D965-461D-A9F5-5BE9A48339EF}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AE129111-D405-483C-A43B-D7CC4F8BC550}] => (Allow) LPort=9009
FirewallRules: [{2BB73D0F-A28A-4629-97BC-F7FE2F91492A}] => (Allow) LPort=9009
FirewallRules: [{77F7029E-5DCF-4924-94D9-4C69E885973D}] => (Allow) LPort=9009
FirewallRules: [{0A74855A-7364-4283-B408-C6886CEA9A3B}] => (Allow) LPort=9009
FirewallRules: [{119A234C-0970-4EBD-A866-F675EDE4AD79}] => (Allow) LPort=9009
FirewallRules: [{7F59DC3F-D8CA-44E9-8B27-B93CAAFF1978}] => (Allow) LPort=9009
FirewallRules: [{0CA452AA-CCB6-4648-8DCF-A95F1C277B85}] => (Allow) LPort=9009
FirewallRules: [{8D6AE2D4-FDAA-4DA8-AFA5-CB78C1F54278}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{CFB02508-51DD-4E0E-8A27-92D516143BF9}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe (Daybreak Game Company, LLC.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{88B41455-C7B7-4CE1-BC17-D9D8CEF77A8F}H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe (Daybreak Game Company, LLC.) [Datei ist nicht signiert]
FirewallRules: [{CD26041B-8C5B-478A-94BE-E7F46A9CD02B}] => (Allow) LPort=9009
FirewallRules: [{59F2FD82-6BD0-4139-B874-7786F3222AA7}] => (Allow) LPort=9009
FirewallRules: [{3AC845A9-026F-4A02-BAF2-F9A7A36A906E}] => (Allow) LPort=9009
FirewallRules: [{3C381993-E7FB-45E1-92E7-E1B39F25D249}] => (Allow) LPort=9009
FirewallRules: [{387988D9-766F-4F3B-9ACB-D83BFC009280}] => (Allow) LPort=9009
FirewallRules: [{17EDAB59-8FAE-4CAC-B3A0-8B61DB44A5DA}] => (Allow) LPort=9009
FirewallRules: [{16A61BCE-69A5-41A7-9112-EB1BEF2459AA}] => (Allow) LPort=9009
FirewallRules: [{D0B2F476-A286-4D72-8277-9F48849E5DCE}] => (Allow) LPort=9009
FirewallRules: [{E3D3BC2D-89CF-4FEA-AC34-BD0FB1C1FB3F}] => (Allow) LPort=9009
FirewallRules: [{F599E881-A26A-45D1-9AD7-78148130619C}] => (Allow) LPort=9009
FirewallRules: [{BFE7515F-4EBE-4095-B3C4-425AA1C2B023}] => (Allow) LPort=9009
FirewallRules: [{74DCAE55-5ECE-478A-8C6A-735820525C5B}] => (Allow) LPort=9009
FirewallRules: [{CE44F4A0-E747-4270-8107-E059216C635F}] => (Allow) LPort=9009
FirewallRules: [{10FCB8AC-9F39-4C36-B92C-B176DAFEB1FC}] => (Allow) LPort=9009
FirewallRules: [{07389942-80F1-4123-B88F-79EE5A44E7F8}] => (Allow) LPort=9009
FirewallRules: [{AF67C518-4FDD-43BE-9120-548D932849CF}] => (Allow) LPort=9009
FirewallRules: [{1C6DF141-7D53-4D23-B713-2926E4B84C2A}] => (Allow) LPort=9009
FirewallRules: [{9DF5ADAB-A78C-4288-B7EE-DF82177F59B3}] => (Allow) LPort=9009
FirewallRules: [{54074D1C-D06B-48BB-B0B7-40EF4849A32F}] => (Allow) LPort=9009
FirewallRules: [{2EC281BA-0F4B-4832-A162-5D977E5F9869}] => (Allow) LPort=9009
FirewallRules: [{1C26207A-A8E4-425D-BA45-8FF854AC8A93}] => (Allow) LPort=9009
FirewallRules: [{04484E54-35CA-4CD2-8562-3B5E824836E4}] => (Allow) LPort=9009
FirewallRules: [{3E3FA7C2-6680-41C9-9CB6-0F45DD65BEA8}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{9A9F9476-3878-49CC-9F33-01C399BA9E8A}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{19BEFEDA-6530-4BEF-890D-8B3E67C52AAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A654C92C-F202-4402-B02B-6A3C9F1AF739}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F09514B6-1E6A-4487-A0FC-3D491B3D295E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6499315F-D645-4164-9B5E-3225EFA52C36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1342BC9F-73EA-45EA-8010-D95EA1C88D60}] => (Allow) LPort=9009
FirewallRules: [{629EFD93-35A6-465D-9455-023C587B7286}] => (Allow) LPort=9009
FirewallRules: [{4C3E6C68-643D-44E2-976C-BFD6AF83879C}] => (Allow) LPort=9009
FirewallRules: [{6D288172-E941-444A-A18C-5A01735E9554}] => (Allow) LPort=9009
FirewallRules: [{68FD928D-20E7-4559-9911-4A450FA2EBC0}] => (Allow) LPort=9009
FirewallRules: [{2584C026-7BF8-4B87-AFD8-3FB8CC57DD9F}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F608652E-A605-410E-BAD2-43FA5CFA1C82}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe] => (Allow) G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [UDP Query User{FEE53804-1CD7-4EA2-AFC6-846750D3EC76}G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe] => (Allow) G:\programme\steamlibrary\steamapps\common\for honor\forhonor.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{D8A56D9E-7FEF-45BA-B9F9-E1C610676C98}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ilias\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{151EC62C-A23F-4B62-A3EB-CB86CEF63310}C:\users\ilias\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ilias\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{295E8900-1F3D-4199-8804-E4E16139D308}] => (Allow) LPort=9009
FirewallRules: [{50F77767-A997-4E4B-9BB3-A7ABD9A4BA6A}] => (Allow) LPort=9009
FirewallRules: [{5BF11EAD-2B25-42E7-A719-BF214DB6160F}] => (Allow) LPort=9009
FirewallRules: [{85726FFC-5921-4D01-B508-29DE0D40AE02}] => (Allow) LPort=9009
FirewallRules: [{16863DDD-CCA1-4238-8BCD-37E2342E2B68}] => (Allow) LPort=9009
FirewallRules: [{0A707DFE-79D6-47C7-BD8D-E7D7F3210BBD}] => (Allow) LPort=9009
FirewallRules: [{7343CF5D-79DD-43C0-8907-36C42B2E86C9}] => (Allow) LPort=9009
FirewallRules: [{8FA726A7-61BE-46AE-97CB-B60C29471293}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{B5941CD9-D6B7-49F0-AF8F-CC74E054C46D}G:\program files\videolan\vlc\vlc.exe] => (Allow) G:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{45A82BE5-0D8A-4F77-A1A7-FD259C7392B2}G:\program files\videolan\vlc\vlc.exe] => (Allow) G:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{4F2987B9-E54F-437F-9DFD-281A1E1C3B46}G:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) G:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{F33D234D-9ABB-434E-ACAB-B36E95094B76}G:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) G:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7B648AB0-9D5D-46C0-8E93-9202F0CD8A68}] => (Allow) LPort=9009
FirewallRules: [{0F745A3D-2648-4DAE-BD4A-689129CEFA2A}] => (Allow) LPort=9009
FirewallRules: [{2FCFCC1F-96D6-4A8C-98BA-2F904F83E2D5}] => (Allow) LPort=9009
FirewallRules: [{86F7C0F0-59DB-4B3A-B91A-8AC234D2AB57}] => (Allow) LPort=9009
FirewallRules: [{CC471296-97B6-42E9-843A-4D70F078F6FD}] => (Allow) LPort=9009
FirewallRules: [{B1409BBA-4E37-4333-8582-923CCD4B8F6A}] => (Allow) LPort=9009
FirewallRules: [{ACB11644-9D84-4B56-B781-54000F97F9C4}] => (Allow) LPort=9009
FirewallRules: [{9CA6CD96-9658-48B7-AD9E-C252EAD2BDB0}] => (Allow) LPort=9009
FirewallRules: [{1171263F-3B4D-4F31-92B1-6E00C2996E59}] => (Allow) LPort=9009
FirewallRules: [{339DE54B-0F39-4DDF-81C8-FC7B884073BC}] => (Allow) LPort=9009
FirewallRules: [{24BED14F-ACEF-4770-8337-FC704AC84BD3}] => (Allow) LPort=9009
FirewallRules: [{659FB545-E6E0-48BE-9F29-587E522B878A}] => (Allow) LPort=9009
FirewallRules: [{D8B799AF-57B3-49FF-9C5C-16BB4ADC87F6}] => (Allow) LPort=9009
FirewallRules: [{046D3204-C914-42BE-B56A-EF8AF9E48903}] => (Allow) LPort=9009
FirewallRules: [{23F29C1B-7213-4FA1-AC0A-FCB8020E1E8D}] => (Allow) LPort=9009
FirewallRules: [{DBF265BF-89D1-40AA-8EDB-CF49F29C1CD7}] => (Allow) LPort=9009
FirewallRules: [{38497A56-3196-4F86-8E1E-154F42FAA7D3}] => (Allow) LPort=9009
FirewallRules: [{78A8E1DE-41CD-4B12-88FC-D3C4ABB2BB31}] => (Allow) LPort=9009
FirewallRules: [{6C1B6F87-D969-4350-9DB7-08B8A2A55420}] => (Allow) LPort=9009
FirewallRules: [{EC77EBAF-554C-484F-B364-6F46243BA51A}] => (Allow) LPort=9009
FirewallRules: [{6F44C766-B4AC-4496-A149-1E8B8E03704A}] => (Allow) LPort=9009
FirewallRules: [{C0D74F91-3E05-4D16-AA01-5FBB01D3447D}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B6C9EBE8-8DB2-4EDA-BB19-BA910A898A53}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1F455AEB-C2EC-4821-AC7F-5B3C8E74AADF}] => (Allow) LPort=9009
FirewallRules: [{CE301B76-1CDB-4C47-8CC8-5964812A5726}] => (Allow) LPort=9009
FirewallRules: [{EE8904A4-275D-44CB-AEFA-0C97458FF105}] => (Allow) LPort=9009
FirewallRules: [{9A0F51AA-C58D-48BE-BA0A-572DE26B23D6}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [Datei ist nicht signiert]
FirewallRules: [{D020BEF7-D1FE-490F-B28A-185678BBC212}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.0.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [Datei ist nicht signiert]
FirewallRules: [{1E28815A-ECA4-437A-9A2F-B37B939AABCD}] => (Allow) LPort=9009
FirewallRules: [{646E9AE4-288F-4E98-985B-9B2649DA747E}] => (Allow) LPort=9009
FirewallRules: [{D2D0D84F-2713-4D48-97BE-49BAD0D7AC65}] => (Allow) LPort=9009
FirewallRules: [{E48051BD-EE50-4560-8952-446B1986705E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3506CE9-057A-423F-B740-69463DA6553F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7459A16F-9FB3-48D1-9DB9-C03F81F2E16A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3A5CAEE-A7A2-4239-BEE5-60DDA98BCE85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8546D42-67C4-4930-89C5-51C4F26FCDA1}] => (Allow) LPort=9009
FirewallRules: [{797DB6DE-990F-4A71-98EA-BC44E09B35E8}] => (Allow) LPort=9009
FirewallRules: [{00D52345-1403-49F2-8BC9-DA69C497FD52}] => (Allow) LPort=9009
FirewallRules: [{06598DB5-C76B-472E-8977-16F3ECD792F0}] => (Allow) LPort=9009
FirewallRules: [{BED43A43-1E1A-4537-8F06-F9F718D4EB25}] => (Allow) LPort=9009
FirewallRules: [{EA430E3D-8104-430A-9386-205BCD166483}] => (Allow) LPort=9009
FirewallRules: [{23831084-6F55-47D7-BA70-611C57C47AFD}] => (Allow) LPort=9009
FirewallRules: [{97930381-2451-46F2-8BE4-EBD7D24DB8F9}] => (Allow) LPort=9009
FirewallRules: [{2E2DF32B-C6D1-4364-A769-D3178BE1E7FA}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{C9C5ABCF-5AA4-4F84-A697-7F42C466AA45}] => (Allow) G:\Programme\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{016BDD9B-A569-4860-917C-AB0951818E59}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{7E9EEBB3-B284-4B0C-A4DC-736344DC2978}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{4D17AEAA-F858-4C0B-B8F8-34AB17A584B3}] => (Allow) LPort=9009
FirewallRules: [{9829E6ED-D0BC-4852-9D05-01066CFD3374}] => (Allow) LPort=9009
FirewallRules: [{182D2CEB-4845-40E4-92E8-C0383931C817}] => (Allow) LPort=9009
FirewallRules: [{8155DD57-9746-4846-BA26-CBDF93926B2E}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{40F2E5B1-7CF1-4854-AF42-1CE0155D5BD1}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6D966027-33B3-464D-9857-3D40F1877D2C}H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) H:\programme\uplay\games\far cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{862F156B-60DB-4A0A-BDDC-BE25873846FC}] => (Allow) LPort=9009
FirewallRules: [{6D32D14C-1F7B-4B3A-BC9A-BA7751CE1E77}] => (Allow) LPort=9009
FirewallRules: [{1EAF73EE-F1B3-4E40-AA00-08C3459BD57A}] => (Allow) LPort=9009
FirewallRules: [{A9A16F19-6878-4356-A6F3-18D2BCFAD9DB}] => (Allow) LPort=9009
FirewallRules: [{77BD1EB1-2F04-4064-831E-40FFAC211787}] => (Allow) LPort=9009
FirewallRules: [{124C864A-F31E-4660-97A4-D564DB412703}] => (Allow) LPort=9009
FirewallRules: [{CADEAA8D-FA7F-4178-95D9-71841612D3A4}] => (Allow) G:\Programme\Uplay\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3A55B6DA-6786-4059-8F30-4FB4DA5A3345}] => (Allow) G:\Programme\Uplay\Watch Dogs Legion\bin\WatchDogsLegion.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{E6DF3F11-D621-470A-ACA7-9CBD8414951F}] => (Allow) LPort=9009
FirewallRules: [{C0F307DD-7F9F-4D8B-861F-23BA801A3ECE}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D95D2CC7-B930-4B92-97B3-935A622F8F01}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D9E3A425-38D4-44E4-A10D-27492E3C80AC}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FF6B4AD-7853-4B57-BCEA-D166B30CD6B4}] => (Allow) G:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2E132007-944D-4A53-A460-99376130BDCF}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Liberation HD\ac3lhd_32.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{909974B3-FA4F-4159-8484-196A6C18A110}] => (Allow) H:\Programme\Uplay\games\Assassin's Creed Liberation HD\ac3lhd_64.exe => Keine Datei
FirewallRules: [{0509F46A-5613-412A-9200-F761252C73ED}] => (Allow) LPort=9009
FirewallRules: [{703AA02F-A5AA-4D5F-9DB7-7BB8407B2931}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{9F1C4D51-EF49-4254-8A72-4CB575A32822}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{17E93FC6-DC97-416B-81A7-829F8BA7CA57}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{2E743466-C370-4A5B-9AD4-0332285BA91D}] => (Allow) H:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{722CBD6E-4BCB-424F-8C33-D0ADB0E76605}] => (Allow) LPort=9009
FirewallRules: [{F0FCA94B-2DAD-4164-9C10-0E45B0803F47}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FD3AAC5E-2BC2-487C-8C2B-91792EE0E69E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E58BA1D-4BE8-421C-A119-1A6DACD770D6}] => (Allow) LPort=9009
FirewallRules: [{C088EBAE-FE2F-4A7C-909B-02D15FBC8F5F}] => (Allow) LPort=9009
FirewallRules: [{4A237A44-59C5-4F4A-9A5C-3C4626B02DBC}] => (Allow) LPort=9009
FirewallRules: [{B8797BCB-C345-4B3B-A17A-2EE6D335825E}] => (Allow) LPort=9009
FirewallRules: [{9EEDB966-BC01-4CEB-A48B-5B13F80EB056}] => (Allow) LPort=9009
FirewallRules: [{B0C52258-1F31-4AA7-B8E3-5F132240EF7C}] => (Allow) LPort=9009
FirewallRules: [{B2C82F77-17A0-4AE4-9247-49EF80A32AAE}] => (Allow) LPort=9009
FirewallRules: [{276A4A59-7174-48F5-AA3D-03A50C8AF9BF}] => (Allow) LPort=9009
FirewallRules: [{2B8F2737-5552-4C27-B5E7-5845D07C5AFB}] => (Allow) LPort=9009
FirewallRules: [{B22319EB-71F4-4854-A694-EDCFEBA84A68}] => (Allow) LPort=9009
FirewallRules: [{53CE5125-FDC2-43E6-AF58-223CAA2A4F8F}] => (Allow) LPort=9009
FirewallRules: [{C6FDECDC-7BFF-4398-8779-A9B1C976F477}] => (Allow) LPort=9009
FirewallRules: [{905132DB-173B-437D-80BE-866B249D805D}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{1970B036-0320-4B58-A5FF-3622E74BCA3D}C:\program files (x86)\tautulli\tautulli.exe] => (Allow) C:\program files (x86)\tautulli\tautulli.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{94E85D38-CF7A-431C-A846-71475413A649}C:\program files (x86)\tautulli\tautulli.exe] => (Allow) C:\program files (x86)\tautulli\tautulli.exe () [Datei ist nicht signiert]
FirewallRules: [{06760A6B-4BD9-4C8D-88E0-16A7B261DC62}] => (Allow) LPort=9009
FirewallRules: [{153D3772-D01F-4F04-8EA1-8EBFDB67F1B8}] => (Allow) LPort=9009
FirewallRules: [{9A60008D-F16F-4924-BC50-FA10EB101101}] => (Allow) LPort=9009
|
|
11.12.2020, 23:13
| #13 |
| | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Rest vom Addition.txt Code:
ATTFilter ==================== Wiederherstellungspunkte =========================
10-12-2020 06:35:49 Windows Modules Installer
10-12-2020 06:36:59 Windows Modules Installer
11-12-2020 16:48:56 Windows Modules Installer
11-12-2020 16:59:00 Wiederherstellungsvorgang
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/11/2020 10:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AORUS.exe, Version: 1.9.2.0, Zeitstempel: 0x5fa3b862
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.9625, Zeitstempel: 0x5db2747f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0005beae
ID des fehlerhaften Prozesses: 0x429c
Startzeit der fehlerhaften Anwendung: 0x01d6cfd97949a403
Pfad der fehlerhaften Anwendung: G:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589\MSVCR90.dll
Berichtskennung: 8609782a-c7df-478f-9cb4-7a5c046d78b9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/11/2020 05:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-AUTORITÄT)
Description: Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre). Prozessname: C:\Program Files\AVG\TuneUp\TuneupSvc.exe, PID: 5672, ProfSvc PID: 2708.
Error: (12/11/2020 05:19:36 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-AUTORITÄT)
Description: Die Benutzerstruktur wurde von einem anderen Prozess geladen (Registrierungssperre). Prozessname: C:\Program Files\AVG\TuneUp\TuneupSvc.exe, PID: 5672, ProfSvc PID: 2708.
Error: (12/11/2020 05:18:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5652,R,98) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU033F7.log.
Error: (12/11/2020 05:18:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.
Error: (12/11/2020 04:59:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/11/2020 04:59:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/11/2020 04:50:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.19041.662, Zeitstempel: 0x996782f8
Name des fehlerhaften Moduls: fhcfg.dll, Version: 10.0.19041.1, Zeitstempel: 0x93b89db8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023f4f
ID des fehlerhaften Prozesses: 0x2428
Startzeit der fehlerhaften Anwendung: 0x01d6cfd55bed6fe3
Pfad der fehlerhaften Anwendung: C:\WINDOWS\explorer.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\fhcfg.dll
Berichtskennung: f2851fac-2122-4db4-86cc-961a21bb0253
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/11/2020 04:25:28 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:25:28 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:23:03 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:23:03 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (12/11/2020 04:16:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/11/2020 04:16:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/11/2020 04:15:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (12/11/2020 04:15:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
CodeIntegrity:
===================================
Date: 2020-12-11 18:25:18.9540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 18:24:51.5920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 18:24:51.5610000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.7090000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.7030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:32:01.6840000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:25:17.5230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-12-11 17:25:17.5180000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F30 04/18/2019
Hauptplatine: Gigabyte Technology Co., Ltd. AX370-Gaming K5-CF
Prozessor: AMD Ryzen 5 1600 Six-Core Processor
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 16332.29 MB
Verfügbarer physikalischer RAM: 7104.98 MB
Summe virtueller Speicher: 26572.29 MB
Verfügbarer virtueller Speicher: 10400.87 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:231.56 GB) (Free:123.07 GB) NTFS
Drive g: (HDD 2TB) (Fixed) (Total:1863.01 GB) (Free:66.31 GB) NTFS
Drive h: (HDD) (Fixed) (Total:931.51 GB) (Free:14.58 GB) NTFS
\\?\Volume{b1edee0f-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{b1edee0f-0000-0000-0000-80033a000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
12.12.2020, 10:41
| #14 |
| /// TB-Ausbilder | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen Schritt 1 Die folgenden Programme sind veraltet, stören die Bereinigung oder es handelt sich um Werbesoftware bzw. unerwünschte Software (Adware, PUP) und müssen entfernt werden.
Schritt 2 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 4
Bitte poste mit deiner nächsten Antwort:
|
|
13.12.2020, 02:18
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu mehrere Win32:TrojanX-gen und Win32:Trojan-gen meldungen |
| antivirus, c:\windows, datei, dateien, eingefangen, ergebnisse, folge, gelöscht, gen, hintergrund, installiert, meldungen, namens, neue, neuen, ordner, quarantäne, system, system32, taskmanager, trojan-gen, trojaner, win, win32, windows |
Linear-Darstellung
